Logfile of random's system information tool 1.06 (written by random/random)
Run by jaroslav at 2010-01-06 15:44:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (31%) free of 7 GB
Total RAM: 383 MB (15% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:45:07, on 6.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\jaroslav\Dokumenty\Downloads\Programs\RSIT.exe
C:\Program Files\trend micro\jaroslav.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - (no file)
R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Celebrity Toolbar\tbhelper.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Celebrity Toolbar\tbcore3.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: MyHeritage New Tab - {D62EC836-BF1E-4CAC-81BE-FB9179835D8E} - C:\Program Files\Celebrity Toolbar\mhxpcomi.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Celebrity Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Celebrity Toolbar\tbcore3.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - C:\Program Files\Celebrity Toolbar\mhxpcomi.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: cbssreg - C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll
O23 - Service: Abel - Unknown owner - D:\Hacking\Cain\Abel.exe (file missing)
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 7078 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\ParetoLogic Registration.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2009-11-11 173488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]
MHTBPos00 Class - C:\Program Files\Celebrity Toolbar\tbcore3.dll [2009-05-07 2642432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{259F616C-A300-44F5-B04A-ED001A26C85C}]
Solid Converter PDF - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll [2006-11-02 259584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-11 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D62EC836-BF1E-4CAC-81BE-FB9179835D8E}]
CMySite Class - C:\Program Files\Celebrity Toolbar\mhxpcomi.dll [2009-12-06 217088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - Celebrity Toolbar - C:\Program Files\Celebrity Toolbar\tbcore3.dll [2009-05-07 2642432]
{259F616C-A300-44F5-B04A-ED001A26C85C} - Solid Converter PDF - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll [2006-11-02 259584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2009-12-07 3171760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-12-04 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbssreg]
C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll [2010-01-05 50176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-08 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{25f827ec-e3d7-11de-b953-0008021dc4e7}]
shell\AutoRun\command - F:\RECYCLER\S-1-6-21-9432276501-9644491937-600001250-3300\fileaccess.exe
shell\open\command - F:\RECYCLER\S-1-6-21-9432276501-9644491937-600001250-3300\fileaccess.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{25f827ee-e3d7-11de-b953-0008021dc4e7}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - Recycled\ctfmon.exe
======List of files/folders created in the last 1 months======
2010-01-06 15:44:21 ----D---- C:\Program Files\trend micro
2010-01-06 15:44:18 ----D---- C:\rsit
2010-01-06 14:54:02 ----D---- C:\Program Files\Siber Systems
2010-01-06 14:07:46 ----D---- C:\Program Files\Foundstone Free Tools
2010-01-06 13:54:54 ----D---- C:\WINDOWS\Downloaded Installations
2010-01-06 13:50:29 ----A---- C:\WINDOWS\DJ Music Mixer Uninstaller.exe
2010-01-06 13:49:45 ----D---- C:\Program Files\DJ Music Mixer
2010-01-06 10:46:41 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Uniblue
2010-01-06 10:41:12 ----D---- C:\Program Files\Common Files\ParetoLogic
2010-01-06 10:41:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
2010-01-06 09:48:06 ----D---- C:\WINDOWS\system32\NtmsData
2010-01-03 20:53:04 ----A---- C:\WINDOWS\msa.exe
2010-01-03 20:52:26 ----A---- C:\WINDOWS\system32\sshnas.dll
2010-01-03 20:28:44 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\SBMAV Disk Cleaner
2010-01-03 20:16:09 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\URSoft
2010-01-03 20:15:59 ----D---- C:\Program Files\Your Uninstaller 2008
2010-01-02 22:24:41 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Enchanted Katya
2010-01-02 22:09:42 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Valusoft
2010-01-02 22:09:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Valusoft
2010-01-02 21:59:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Go Go Gourmet
2010-01-02 19:55:51 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Merscom
2010-01-02 19:55:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Merscom
2010-01-02 15:59:06 ----D---- C:\WINDOWS\system32\temp
2010-01-02 15:58:33 ----A---- C:\WINDOWS\system32\lame_enc.dll
2010-01-02 15:58:33 ----A---- C:\WINDOWS\system32\Kara_ww.dll
2010-01-02 15:58:33 ----A---- C:\WINDOWS\system32\Kara_v.dll
2010-01-02 15:58:33 ----A---- C:\WINDOWS\system32\Kara_mx.dll
2010-01-02 15:58:33 ----A---- C:\WINDOWS\system32\Kara_K5.dll
2010-01-02 15:58:33 ----A---- C:\WINDOWS\system32\Kara_K.dll
2010-01-02 15:58:33 ----A---- C:\WINDOWS\system32\Kara_C.dll
2010-01-02 15:58:33 ----A---- C:\WINDOWS\system32\Kara__E.dll
2010-01-02 15:58:33 ----A---- C:\WINDOWS\system32\kara__ao.dll
2010-01-02 15:58:32 ----A---- C:\WINDOWS\system32\Bass.dll
2010-01-02 15:58:15 ----D---- C:\Program Files\Karaoke5
2010-01-02 15:03:41 ----A---- C:\WINDOWS\system32\erdmpg-6.dll
2010-01-02 15:02:20 ----D---- C:\Program Files\Common Files\Doblon
2010-01-02 15:02:14 ----D---- C:\Program Files\Doblon
2010-01-01 14:48:01 ----A---- C:\WINDOWS\pdf2word.INI
2010-01-01 14:18:56 ----A---- C:\WINDOWS\ConverterCore.INI
2010-01-01 14:12:52 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\SolidDocuments
2010-01-01 14:12:25 ----D---- C:\Program Files\SolidDocuments
2010-01-01 14:12:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\SolidDocuments
2010-01-01 13:47:08 ----A---- C:\WINDOWS\pdf2text.INI
2009-12-31 16:22:21 ----D---- C:\Program Files\Shockwave.com
2009-12-29 19:49:34 ----D---- C:\Program Files\Foxit Software
2009-12-29 18:34:00 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Foxit
2009-12-29 15:43:47 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Mean Hamster
2009-12-29 15:43:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mean Hamster
2009-12-28 17:15:17 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Help
2009-12-28 15:20:52 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\PlayFirst
2009-12-28 15:20:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\PlayFirst
2009-12-28 12:33:36 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\ViquaSoft
2009-12-27 21:48:07 ----D---- C:\Program Files\Celebrity Toolbar
2009-12-27 20:45:43 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\MMToolz
2009-12-27 15:45:14 ----D---- C:\Program Files\Ztrl
2009-12-26 14:24:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2009-12-26 14:24:00 ----D---- C:\Program Files\Google
2009-12-26 14:23:10 ----D---- C:\Program Files\Common Files\Oberon Media
2009-12-24 14:20:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Trymedia
2009-12-23 23:01:09 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\WebCam Recorder
2009-12-23 13:07:11 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Identities
2009-12-23 12:21:01 ----D---- C:\Program Files\GetFLV
2009-12-23 11:51:55 ----RAS---- C:\WINDOWS\system32\gfbaksm.dll
2009-12-23 11:49:38 ----A---- C:\WINDOWS\system32\gfkernel.dll
2009-12-21 13:03:04 ----D---- C:\WINDOWS\Camp Funshine - Carrie the Caregiver 3
2009-12-18 16:45:01 ----A---- C:\WINDOWS\uninst.exe
2009-12-17 14:15:10 ----D---- C:\Program Files\AbiWord
2009-12-17 12:17:28 ----A---- C:\WINDOWS\system32\Samba.ini
2009-12-17 12:17:21 ----A---- C:\WINDOWS\system32\DBCLIENT.DLL
2009-12-17 12:17:19 ----D---- C:\Program Files\Common Files\Borland Shared
2009-12-17 11:51:46 ----D---- C:\Program Files\Trell
2009-12-17 00:04:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\DBOData
2009-12-14 08:49:27 ----A---- C:\WINDOWS\CONTEXT.INI
2009-12-14 08:44:32 ----A---- C:\WINDOWS\thtitanc.INI
2009-12-13 23:23:55 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Media Player Classic
2009-12-13 21:31:54 ----A---- C:\WINDOWS\system32\unrar.dll
2009-12-13 21:31:53 ----A---- C:\WINDOWS\avisplitter.ini
2009-12-13 21:31:52 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-12-13 21:31:51 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-12-13 21:31:51 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-12-13 21:31:48 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-12-13 21:31:48 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-12-13 21:31:46 ----D---- C:\Program Files\K-Lite Codec Pack
2009-12-13 21:17:19 ----D---- C:\WINDOWS\lhsp
2009-12-13 21:16:57 ----D---- C:\WINDOWS\speech
2009-12-13 21:12:48 ----D---- C:\WINDOWS\system32\URTTEMP
2009-12-13 17:48:08 ----A---- C:\WINDOWS\system32\gdiplus.dll
2009-12-13 14:47:59 ----RSH---- C:\WINDOWS\system32\PlntCl.exe
2009-12-11 17:26:44 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\WinRAR
2009-12-11 17:26:02 ----D---- C:\Program Files\WinRAR
2009-12-11 16:38:06 ----SHD---- C:\WINDOWS\ftpcache
2009-12-10 20:39:31 ----A---- C:\WINDOWS\system32\Iyvu9_32.dll
2009-12-10 20:39:31 ----A---- C:\WINDOWS\system32\Iacenc.dll
2009-12-10 20:39:28 ----D---- C:\Program Files\Intel
2009-12-10 20:38:55 ----A---- C:\WINDOWS\IsUninst.exe
2009-12-10 20:38:45 ----D---- C:\Program Files\WMV9_VCM
2009-12-09 23:11:11 ----N---- C:\WINDOWS\system32\ncVEAudio.dll
2009-12-09 23:11:11 ----N---- C:\WINDOWS\system32\ncvDS61.dll
2009-12-09 23:11:11 ----N---- C:\WINDOWS\system32\ncUtil62.dll
2009-12-09 23:11:11 ----N---- C:\WINDOWS\system32\NCTVideoCompress.dll
2009-12-09 23:11:11 ----N---- C:\WINDOWS\system32\ncSSTimer2.dll
2009-12-09 23:11:11 ----N---- C:\WINDOWS\system32\ncPopup2.dll
2009-12-09 23:11:11 ----N---- C:\WINDOWS\system32\ncIM.dll
2009-12-09 23:11:11 ----N---- C:\WINDOWS\system32\DartSecure2.dll
2009-12-09 23:11:11 ----N---- C:\WINDOWS\system32\DartCertificate.dll
2009-12-09 23:11:10 ----N---- C:\WINDOWS\system32\ncvvfw61.dll
2009-12-09 23:11:10 ----N---- C:\WINDOWS\system32\ncvul70.dll
2009-12-09 23:11:10 ----N---- C:\WINDOWS\system32\ncvul60.dll
2009-12-09 23:11:10 ----N---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2009-12-09 23:11:10 ----N---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2009-12-09 23:11:10 ----N---- C:\WINDOWS\system32\ncRichEditUtility.dll
2009-12-09 23:11:10 ----N---- C:\WINDOWS\system32\ncHTTP.dll
2009-12-09 23:11:10 ----N---- C:\WINDOWS\system32\ncCompress.dll
2009-12-09 23:11:10 ----N---- C:\WINDOWS\system32\msvcr70.dll
2009-12-09 23:11:10 ----N---- C:\WINDOWS\system32\DartWebUtil.dll
2009-12-09 23:11:10 ----N---- C:\WINDOWS\system32\DartWebASP.dll
2009-12-09 23:11:10 ----N---- C:\WINDOWS\system32\DartSock.dll
2009-12-09 23:11:09 ----N---- C:\WINDOWS\system32\zlib32.dll
2009-12-09 23:11:09 ----N---- C:\WINDOWS\system32\nczlib.dll
2009-12-09 23:11:08 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2009-12-09 22:57:21 ----D---- C:\WINDOWS\system32\appmgmt
2009-12-09 19:05:07 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Groove Games
2009-12-09 15:04:41 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-12-08 13:23:55 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-12-08 11:11:47 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-08 10:02:49 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Thinstall
2009-12-07 22:55:56 ----RSD---- C:\WINDOWS\assembly
2009-12-07 22:54:44 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-07 15:18:44 ----D---- C:\Program Files\Internet Download Manager
2009-12-07 14:54:49 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\IDM
2009-12-07 13:05:11 ----A---- C:\WINDOWS\system32\PAStiSvc.exe
2009-12-07 13:05:04 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-12-07 13:04:35 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-07 13:04:22 ----D---- C:\WINDOWS\Pixart
2009-12-07 13:04:22 ----D---- C:\Program Files\Phenix-Q8
2009-12-07 13:04:22 ----D---- C:\Program Files\Common Files\PCCamera
2009-12-07 13:03:56 ----D---- C:\Program Files\Common Files\InstallShield
======List of files/folders modified in the last 1 months======
2010-01-06 15:44:21 ----RD---- C:\Program Files
2010-01-06 15:17:12 ----A---- C:\WINDOWS\win.ini
2010-01-06 15:12:23 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Skype
2010-01-06 15:11:49 ----SHD---- C:\WINDOWS\Installer
2010-01-06 14:56:01 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\skypePM
2010-01-06 13:55:20 ----SD---- C:\Documents and Settings\jaroslav\Data aplikací\Microsoft
2010-01-06 13:54:54 ----D---- C:\WINDOWS
2010-01-06 13:50:07 ----D---- C:\WINDOWS\system32
2010-01-06 12:41:00 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\DMCache
2010-01-06 12:36:47 ----D---- C:\Program Files\Mozilla Firefox
2010-01-06 12:35:45 ----D---- C:\WINDOWS\Temp
2010-01-06 12:34:22 ----D---- C:\WINDOWS\system32\drivers
2010-01-06 12:33:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-06 12:04:59 ----SD---- C:\WINDOWS\Tasks
2010-01-06 10:46:26 ----D---- C:\WINDOWS\Prefetch
2010-01-06 10:41:12 ----D---- C:\Program Files\Common Files
2010-01-06 10:37:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-06 10:28:15 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-06 09:44:30 ----SHD---- C:\System Volume Information
2010-01-06 00:03:36 ----A---- C:\WINDOWS\system.ini
2010-01-03 20:23:22 ----D---- C:\WINDOWS\security
2010-01-02 15:58:32 ----RSD---- C:\WINDOWS\Fonts
2009-12-31 16:40:20 ----HD---- C:\WINDOWS\inf
2009-12-27 20:15:00 ----D---- C:\WINDOWS\system32\config
2009-12-27 19:58:27 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-12-27 19:30:29 ----A---- C:\AUTOEXEC.BAT
2009-12-27 14:55:11 ----HD---- C:\$AVG8.VAULT$
2009-12-26 18:33:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-23 13:15:50 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-12-18 20:24:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
2009-12-17 14:15:42 ----D---- C:\WINDOWS\WinSxS
2009-12-17 11:35:46 ----HD---- C:\WINDOWS\PIF
2009-12-14 16:57:14 ----D---- C:\Program Files\UltraISO
2009-12-13 23:26:30 ----D---- C:\Program Files\Windows Media Connect 2
2009-12-13 21:13:53 ----D---- C:\WINDOWS\Registration
2009-12-13 21:13:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-09 22:57:21 ----D---- C:\Documents and Settings\jaroslav\Data aplikací\Mozilla
2009-12-09 15:01:10 ----D---- C:\WINDOWS\system32\mui
2009-12-09 15:01:09 ----D---- C:\Program Files\Internet Explorer
2009-12-08 10:16:20 ----D---- C:\Program Files\Free Window Registry Repair
2009-12-07 13:04:22 ----D---- C:\WINDOWS\twain_32
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-12-04 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-12-04 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-12-04 108552]
R3 ac97intc;Služba instalace zvukového ovladače Intel(r) (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-24 117760]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 PAC7311;Phenix-Q8; C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2005-10-18 154752]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-08-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-08 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-12-04 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-12-04 297752]
S2 Abel;Abel; D:\Hacking\Cain\Abel.exe []
S2 ScReadSpool;SolidPDFConverterReadSpool; C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe [2006-11-02 184320]
S2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------