"Silent Runners.vbs", revision R50, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["Gadu-Gadu S.A."]
"µTorrent" = ""C:\Documents and Settings\Lukas\Pulpit\utorrent.exe"" [null data]
"SkinClock" = "C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe" [null data]
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" ["Sun Microsystems, Inc."]
"AVG7_CC" = "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP" ["GRISOFT, s.r.o."]
"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]
"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]
"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" [MS]
"GrooveMonitor" = ""C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"" [MS]
"InCD" = "C:\Program Files\Ahead\InCD\InCD.exe" ["Nero AG"]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"WinampAgent" = "C:\Program Files\Winamp\winampa.exe" [null data]
"DAEMON Tools-1033" = ""C:\Program Files\D-Tools\daemon.exe" -lang 1033" ["DAEMON'S HOME"]
"RemoteControl" = ""C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"" ["Cyberlink Corp."]
"SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx" [empty string]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Groove GFS Browser Helper"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension"
-> {HKLM...CLSID} = "AVG7 Find Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {HKLM...CLSID} = "NVIDIA CPL Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" = "Groove GFS Browser Helper"
-> {HKLM...CLSID} = "Groove GFS Browser Helper"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}" = "Groove GFS Explorer Bar"
-> {HKLM...CLSID} = "Groove Folder Synchronization"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
"{A449600E-1DC6-4232-B948-9BD794D62056}" = "Groove GFS Stub Icon Handler"
-> {HKLM...CLSID} = "Groove GFS Stub Icon Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" = "Groove GFS Stub Execution Hook"
-> {HKLM...CLSID} = "Groove GFS Stub Execution Hook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
"{6C467336-8281-4E60-8204-430CED96822D}" = "Groove GFS Context Menu Handler"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
"{387E725D-DC16-4D76-B310-2C93ED4752A0}" = "Groove XML Icon Handler"
-> {HKLM...CLSID} = "Groove XML Icon Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
"{16F3DD56-1AF5-4347-846D-7C10C4192619}" = "Groove Explorer Icon Overlay 3 (GFS Folder)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 3 (GFS Folder)"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
"{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" = "Groove Explorer Icon Overlay 2 (GFS Stub)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2 (GFS Stub)"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
"{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
"{99FD978C-D287-4F50-827F-B2C658EDA8E7}" = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
"{920E6DB1-9907-4370-B3A0-BAFC03D81399}" = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL" [MS]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL" [MS]
"{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}" = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search"
-> {HKLM...CLSID} = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\msohevi.dll" [MS]
"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler"
-> {HKLM...CLSID} = "Microsoft Office Metadata Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS]
"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler"
-> {HKLM...CLSID} = "Microsoft Office Thumbnail Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS]
"{950FF917-7A57-46BC-8017-59D9BF474000}" = "Shell Extension for CDRW"
-> {HKLM...CLSID} = "Shell Extension for CDRW"
\InProcServer32\(Default) = "C:\Program Files\Ahead\InCD\incdshx.dll" ["Nero AG"]
"{AD392E40-428C-459F-961E-9B147782D099}" = "UltraISO"
-> {HKLM...CLSID} = "UIContextMenu Class"
\InProcServer32\(Default) = "D:\PROGRAMY\UltraISOO\isoshell.dll" ["EZB Systems, Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" = "Groove GFS Stub Execution Hook"
-> {HKLM...CLSID} = "Groove GFS Stub Execution Hook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
HKLM\Software\Classes\PROTOCOLS\Filter\
<<!>> text/xml\CLSID = "{807563E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = "Microsoft Office InfoPath XML Mime Filter"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL" [MS]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
MagicISO\(Default) = "{DB85C504-C730-49DD-BEC1-7B39C6103B7A}"
-> {HKLM...CLSID} = "MShellExtMenu Class"
\InProcServer32\(Default) = "C:\Program Files\MagicISO\misosh.dll" ["MagicISO, Inc."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
MagicISO\(Default) = "{DB85C504-C730-49DD-BEC1-7B39C6103B7A}"
-> {HKLM...CLSID} = "MShellExtMenu Class"
\InProcServer32\(Default) = "C:\Program Files\MagicISO\misosh.dll" ["MagicISO, Inc."]
UltraISO\(Default) = "{AD392E40-428C-459F-961E-9B147782D099}"
-> {HKLM...CLSID} = "UIContextMenu Class"
\InProcServer32\(Default) = "D:\PROGRAMY\UltraISOO\isoshell.dll" ["EZB Systems, Inc."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
MagicISO\(Default) = "{DB85C504-C730-49DD-BEC1-7B39C6103B7A}"
-> {HKLM...CLSID} = "MShellExtMenu Class"
\InProcServer32\(Default) = "C:\Program Files\MagicISO\misosh.dll" ["MagicISO, Inc."]
UltraISO\(Default) = "{AD392E40-428C-459F-961E-9B147782D099}"
-> {HKLM...CLSID} = "UIContextMenu Class"
\InProcServer32\(Default) = "D:\PROGRAMY\UltraISOO\isoshell.dll" ["EZB Systems, Inc."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
HKLM\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\
XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\
"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}
"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Lukas\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp"
Startup items in "Lukas" & "All Users" startup folders:
-------------------------------------------------------
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
"D-Link AirPlus" -> shortcut to: "C:\Program Files\D-Link AirPlus\AirPlus.exe" ["D-Link"]
Enabled Scheduled Tasks:
------------------------
"AppleSoftwareUpdate" -> launches: "C:\Program Files\Apple Software Update\SoftwareUpdate.exe -Task" ["Apple Computer, Inc."]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 11
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\
HKLM\Software\Classes\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = "Groove Folder Synchronization"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]
HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Poszukaj"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL" [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.5.0_06"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll" ["Sun Microsystems, Inc."]
{2670000A-7350-4F3C-8081-5663EE0C6C49}\
"ButtonText" = "Wyślij do programu OneNote"
"MenuText" = "Wyślij &do programu OneNote"
"CLSIDExtension" = "{48E73304-E1D6-4330-914C-F5F514E3486C}"
-> {HKLM...CLSID} = "Send to OneNote from Internet Explorer button"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll" [MS]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Research"
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
AVG E-mail Scanner, AVGEMS, "C:\PROGRA~1\Grisoft\AVG7\avgemc.exe" ["GRISOFT, s.r.o."]
AVG7 Alert Manager Server, Avg7Alrt, "C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe" ["GRISOFT, s.r.o."]
AVG7 Update Service, Avg7UpdSvc, "C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe" ["GRISOFT, s.r.o."]
InCD Helper, InCDsrv, "C:\Program Files\Ahead\InCD\InCDsrv.exe" ["Nero AG"]
NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]
Print Monitors:
---------------
HKLM\System\CurrentControlSet\Control\Print\Monitors\
Send To Microsoft OneNote Monitor\Driver = "msonpmon.dll" [MS]
----------
<<!>>: Suspicious data at a malware launch point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 43 seconds, including 3 seconds for message boxes)
"Lukas" - 2007-05-19 23:43:14 Dodatek Service Pack 2
ComboFix 07-05.19.5.V - Running from: "C:\Documents and Settings\Lukas\Pulpit\"
((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-19 ))))))))))))))))))))))))))))))))))
2007-05-19 17:05 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-05-19 17:05 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-05-19 17:05 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-05-19 17:05 1,754 --a------ C:\WINDOWS\system32\tmp.reg
2007-05-19 17:03 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-05-19 17:03 <DIR> dr-h----- C:\DOCUME~1\ADMINI~1\Dane aplikacji
2007-05-19 17:03 <DIR> dr------- C:\DOCUME~1\ADMINI~1\Menu Start
2007-05-19 17:03 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Ustawienia lokalne
2007-05-19 17:03 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Szablony
2007-05-19 17:03 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Ulubione
2007-05-19 17:03 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Pulpit
2007-05-19 17:03 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Moje dokumenty
2007-05-19 13:20 <DIR> d-------- C:\Program Files\Atomic Alarm Clock
2007-05-18 17:00 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-05-18 14:13 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2007-05-18 14:13 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-05-18 14:13 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-05-18 14:13 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2007-05-17 22:23 <DIR> d-------- C:\DOCUME~1\Lukas\DANEAP~1\Disney Interactive Studios
2007-05-17 22:17 <DIR> d-------- C:\DOCUME~1\Lukas\DANEAP~1\InstallShield
2007-05-13 14:54 <DIR> d-------- C:\DOCUME~1\Lukas\DANEAP~1\Good Keywords v2
2007-05-13 13:38 545 --a------ C:\WINDOWS\UC.PIF
2007-05-13 13:38 545 --a------ C:\WINDOWS\RAR.PIF
2007-05-13 13:38 545 --a------ C:\WINDOWS\PKZIP.PIF
2007-05-13 13:38 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2007-05-13 13:38 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2007-05-13 13:38 545 --a------ C:\WINDOWS\LHA.PIF
2007-05-13 13:38 545 --a------ C:\WINDOWS\ARJ.PIF
2007-05-13 13:38 <DIR> d-------- C:\totalcmd
2007-05-12 19:59 <DIR> d-------- C:\Program Files\Common Files\EZB Systems
2007-05-12 16:17 225,280 --a------ C:\WINDOWS\system32\rewire.dll
2007-05-12 16:17 <DIR> d-------- C:\Program Files\Image-Line
2007-05-12 10:47 <DIR> d-------- C:\Program Files\MagicISO
2007-05-11 11:19 309,616 --a------ C:\WINDOWS\system32\wmv8dmod.dll
2007-05-09 10:55 <DIR> d-------- C:\DOCUME~1\Lukas\DANEAP~1\uTorrent
2007-05-08 16:12 20,480 --a------ C:\WINDOWS\system32\H@tKeysH@@k.DLL
2007-05-08 15:34 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2007-05-08 15:33 577,536 --a------ C:\WINDOWS\soundman.exe
2007-05-08 15:33 4,027,456 -ra------ C:\WINDOWS\system32\drivers\alcxwdm.sys
2007-05-08 15:33 315,392 --a------ C:\WINDOWS\alcupd.exe
2007-05-08 15:33 217,088 --a------ C:\WINDOWS\Alcrmv.exe
2007-05-08 15:33 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2007-05-08 15:33 <DIR> d-------- C:\Program Files\Realtek AC97
2007-05-08 11:27 <DIR> d---s---- C:\DOCUME~1\Lukas\UserData
2007-05-07 18:01 765,952 --a------ C:\WINDOWS\system\crlds3d.dll
2007-05-07 18:01 65,536 --a------ C:\WINDOWS\system32\Audio3D.dll
2007-05-07 18:01 65,536 --a------ C:\WINDOWS\system32\a3d.dll
2007-05-07 18:01 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2007-05-07 14:51 <DIR> d-------- C:\DOCUME~1\Lukas\DANEAP~1\Moje pliki zapisu Bitwy o —r˘dziemie
2007-05-07 12:49 <DIR> d-------- C:\Program Files\XP Codec Pack
2007-05-07 12:39 <DIR> d-------- C:\DOCUME~1\Lukas\DANEAP~1\Media Player Classic
2007-05-07 12:36 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-05-07 12:36 755,200 --a------ C:\WINDOWS\system32\Ir50_32.dll
2007-05-07 12:36 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-05-07 12:36 639,066 --a------ C:\WINDOWS\system32\divx.dll
2007-05-07 12:36 630,784 --a------ C:\WINDOWS\system32\vp7vfw.dll
2007-05-07 12:36 558,592 --a------ C:\WINDOWS\system32\x264vfw.dll
2007-05-07 12:36 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll
2007-05-07 12:36 39,936 --a------ C:\WINDOWS\system32\huffyuv.dll
2007-05-07 12:36 338,432 --a------ C:\WINDOWS\system32\Ir41_qcx.dll
2007-05-07 12:36 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-05-07 12:36 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-05-07 12:36 217,088 --a------ C:\WINDOWS\system32\i420vfw.dll
2007-05-07 12:36 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-05-07 12:36 200,192 --a------ C:\WINDOWS\system32\Ir50_qc.dll
2007-05-07 12:36 199,168 --a------ C:\WINDOWS\system32\Ir32_32.dll
2007-05-07 12:36 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-05-07 12:36 19,968 --a------ C:\WINDOWS\system32\cpuinf32.dll
2007-05-07 12:36 183,808 --a------ C:\WINDOWS\system32\Ir50_qcx.dll
2007-05-07 12:36 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-05-07 12:36 144,384 --a------ C:\WINDOWS\system32\Iacenc.dll
2007-05-07 12:36 120,320 --a------ C:\WINDOWS\system32\Ir41_qc.dll
2007-05-07 12:36 10,752 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-05-07 12:36 1,650,688 --a------ C:\WINDOWS\system32\mplva6.dll
2007-05-07 12:36 1,581,056 --a------ C:\WINDOWS\system32\mplvw7.dll
2007-05-07 12:36 1,565,480 --a------ C:\WINDOWS\system32\wmv9vcm.dll
2007-05-07 12:36 1,552,384 --a------ C:\WINDOWS\system32\mplvm6.dll
2007-05-07 12:36 1,122,304 --a------ C:\WINDOWS\system32\mplvpx.dll
2007-05-07 12:36 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-05-07 12:36 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2007-05-07 12:36 <DIR> d-------- C:\DOCUME~1\Lukas\DANEAP~1\Real
2007-05-07 12:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Real
2007-05-07 12:29 <DIR> d-------- C:\DOCUME~1\Lukas\DANEAP~1\CyberLink
2007-05-07 12:29 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\CyberLink
2007-05-07 12:27 5,248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys
2007-05-07 12:27 155,136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys
2007-05-07 12:27 <DIR> d-------- C:\Program Files\D-Tools
2007-05-07 11:55 <DIR> d-------- C:\Program Files\VirtualDJ
2007-05-07 11:47 <DIR> d-------- C:\DOCUME~1\Lukas\DANEAP~1\MusicIP
2007-05-07 11:46 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-05-07 11:46 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-05-07 11:46 43,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-05-07 11:46 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-05-07 11:46 <DIR> d-------- C:\WINDOWS\RegisteredPackages
2007-05-07 11:44 <DIR> d-------- C:\Program Files\Winamp
2007-05-07 11:00 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-05-07 11:00 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-05-07 11:00 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-05-07 11:00 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-05-07 11:00 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-05-07 11:00 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-05-07 11:00 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-05-07 11:00 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-05-07 11:00 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-05-07 11:00 171,776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-05-07 11:00 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-05-07 10:59 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-05-07 10:59 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-05-07 10:59 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-05-06 21:57 <DIR> d-------- C:\WINDOWS\Profiles
2007-05-06 21:57 <DIR> d-------- C:\DOCUME~1\Lukas\DANEAP~1\InterTrust
2007-05-06 21:56 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-05-06 21:55 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2007-05-06 21:55 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2007-05-06 21:55 364,544 --------- C:\WINDOWS\system32\TwnLib4.dll
2007-05-06 21:55 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2007-05-06 21:55 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2007-05-06 21:55 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2007-05-06 21:55 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2007-05-06 21:54 99,584 --------- C:\WINDOWS\system32\drivers\InCDfs.sys
2007-05-06 21:54 8,704 --------- C:\WINDOWS\system32\drivers\InCDrec.sys
2007-05-06 21:54 29,696 --------- C:\WINDOWS\system32\drivers\InCDpass.sys
2007-05-06 21:54 28,672 --------- C:\WINDOWS\system32\drivers\InCDrm.sys
2007-05-06 21:54 2,973,696 --------- C:\WINDOWS\NuNinst.exe
2007-05-06 21:54 <DIR> d-------- C:\WINDOWS\InCD
2007-05-06 21:54 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-05-06 21:54 <DIR> d-------- C:\Program Files\Ahead
2007-05-06 21:53 <DIR> d-------- C:\Program Files\CyberLink
2007-05-06 21:52 40,960 --a------ C:\Program Files\Uninstall_CDS.exe
2007-05-06 21:52 <DIR> d-------- C:\Program Files\CyberLink DVD Solution
2007-05-06 21:26 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-05-06 20:47 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2007-05-06 20:46 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2007-05-06 20:45 <DIR> d-------- C:\Program Files\MSBuild
2007-05-06 20:45 <DIR> d-------- C:\Program Files\Microsoft Works
2007-05-06 20:42 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-05-06 20:41 <DIR> dr-h----- C:\MSOCache
2007-05-06 20:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Microsoft Help
2007-05-06 20:30 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-05-06 20:29 58,624 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-05-06 20:29 5,504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2007-05-06 20:29 4,541,824 --a------ C:\WINDOWS\system32\nv4_disp.dll
2007-05-06 20:29 3,994,688 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-05-06 20:28 77,312 --a------ C:\WINDOWS\system32\usbui.dll
2007-05-06 20:28 42,368 --a------ C:\WINDOWS\system32\drivers\AGP440.SYS
2007-05-06 20:27 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-05-06 20:27 9,168 --a------ C:\WINDOWS\system\VER.DLL
2007-05-06 20:27 85,532 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-05-06 20:27 83,456 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-05-06 20:27 8,704 --a------ C:\WINDOWS\system32\batt.dll
2007-05-06 20:27 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-05-06 20:27 75,776 --a------ C:\WINDOWS\system32\storprop.dll
2007-05-06 20:27 70,144 --a------ C:\WINDOWS\NOTEPAD.EXE
2007-05-06 20:27 70,096 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-05-06 20:27 7,168 --a------ C:\WINDOWS\system32\kbdcz.dll
2007-05-06 20:27 69,552 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-05-06 20:27 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-05-06 20:27 6,656 --a------ C:\WINDOWS\system32\kbdycl.dll
2007-05-06 20:27 6,656 --a------ C:\WINDOWS\system32\kbdsl1.dll
2007-05-06 20:27 6,656 --a------ C:\WINDOWS\system32\kbdsl.dll
2007-05-06 20:27 6,656 --a------ C:\WINDOWS\system32\kbdhu.dll
2007-05-06 20:27 6,656 --a------ C:\WINDOWS\system32\kbdcz2.dll
2007-05-06 20:27 6,656 --a------ C:\WINDOWS\system32\kbdcz1.dll
2007-05-06 20:27 6,656 --a------ C:\WINDOWS\system32\kbdcr.dll
2007-05-06 20:27 6,656 --a------ C:\WINDOWS\system32\KBDAL.DLL
2007-05-06 20:27 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-05-06 20:27 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-05-06 20:27 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-05-06 20:27 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-05-06 20:27 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-05-06 20:27 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-05-06 20:27 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-05-06 20:27 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-05-06 20:27 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-05-06 20:27 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-05-06 20:27 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-05-06 20:27 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-05-06 20:27 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-05-06 20:27 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-05-06 20:27 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-05-06 20:27 5,632 --a------ C:\WINDOWS\system32\kbdro.dll
2007-05-06 20:27 5,632 --a------ C:\WINDOWS\system32\kbdhu1.dll
2007-05-06 20:27 5,120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-05-06 20:27 33,376 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-05-06 20:27 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-05-06 20:27 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-05-06 20:27 19,200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-05-06 20:27 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-05-06 20:27 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-05-06 20:27 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-05-06 20:27 127,008 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-05-06 20:27 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-05-06 20:27 109,488 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-05-06 20:27 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-05-06 20:27 <DIR> dr-h----- C:\DOCUME~1\DEFAUL~1\Ustawienia lokalne
2007-05-06 20:27 <DIR> dr-h----- C:\DOCUME~1\DEFAUL~1\Dane aplikacji
2007-05-06 20:27 <DIR> dr-h----- C:\DOCUME~1\ALLUSE~1\Dane aplikacji
2007-05-06 20:27 <DIR> dr------- C:\Program Files
2007-05-06 20:27 <DIR> dr------- C:\DOCUME~1\DEFAUL~1\Menu Start
2007-05-06 20:27 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Menu Start
2007-05-06 20:27 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Dokumenty
2007-05-06 20:27 <DIR> d--hs---- C:\WINDOWS\Installer
2007-05-06 20:27 <DIR> d--h----- C:\DOCUME~1\DEFAUL~1\Szablony
2007-05-06 20:27 <DIR> d--h----- C:\DOCUME~1\ALLUSE~1\Szablony
2007-05-06 20:27 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-05-06 20:27 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2007-05-06 20:27 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-05-06 20:27 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-05-06 20:27 <DIR> d-------- C:\DOCUME~1\DEFAUL~1\Ulubione
2007-05-06 20:27 <DIR> d-------- C:\DOCUME~1\DEFAUL~1\Pulpit
2007-05-06 20:27 <DIR> d-------- C:\DOCUME~1\DEFAUL~1\Moje dokumenty
2007-05-06 20:27 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Ulubione
2007-05-06 20:27 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Pulpit
2007-05-06 20:26 <DIR> d--hs---- C:\System Volume Information
2007-05-06 20:26 <DIR> d-------- C:\Documents and Settings
2007-05-06 20:21 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2007-05-06 20:21 <DIR> dr--s---- C:\WINDOWS\Fonts
2007-05-06 20:21 <DIR> dr------- C:\WINDOWS\Web
2007-05-06 20:21 <DIR> d--h----- C:\WINDOWS\inf
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\WinSxS
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\twain_32
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\wins
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\wbem
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\usmt
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\spool
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\Setup
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\ras
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\npp
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\mui
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\IME
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\icsxml
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\ias
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\export
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\drivers
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\dhcp
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\config
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\3076
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\2052
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\1054
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\1045
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\1042
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\1041
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\1037
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\1033
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\1031
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\1028
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32\1025
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system32
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\system
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\security
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\Resources
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\repair
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\Provisioning
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\PeerNet
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\pchealth
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\mui
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\msapps
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\msagent
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\Media
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\ime
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\Help
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\ehome
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\Driver Cache
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\Debug
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\Cursors
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\Connection Wizard
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\Config
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\AppPatch
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS\addins
2007-05-06 20:21 <DIR> d-------- C:\WINDOWS
2007-05-06 20:17 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-05-06 20:17 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-05-06 20:17 <DIR> d-------- C:\WINDOWS\nview
2007-05-06 20:17 <DIR> d-------- C:\NVIDIA
2007-05-06 20:16 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-05-06 20:16 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-05-06 20:16 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-05-06 20:16 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-05-06 20:16 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-05-06 20:16 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2007-05-06 20:16 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-05-06 20:16 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-05-06 20:16 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-05-06 20:16 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-05-06 20:16 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-05-06 20:16 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-05-06 20:16 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-05-06 20:16 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-05-06 20:08 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-05-06 20:08 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-05-06 19:48 <DIR> d-------- C:\Program Files\Gadu-Gadu
2007-05-06 19:48 <DIR> d-------- C:\DOCUME~1\Lukas\Gadu-Gadu
2007-05-06 19:44 <DIR> d-------- C:\Program Files\MarBit
2007-05-06 19:43 0 --a------ C:\WINDOWS\nsreg.dat
2007-05-06 19:43 <DIR> d-------- C:\DOCUME~1\Lukas\DANEAP~1\Talkback
2007-05-06 19:42 <DIR> d-------- C:\Program Files\CDex_150
2007-05-06 19:27 <DIR> d--hs---- C:\RECYCLER
2007-05-06 19:22 <DIR> d-------- C:\Program Files\Apple Software Update
2007-05-06 19:22 <DIR> d-------- C:\DOCUME~1\Lukas\DANEAP~1\Apple Computer
2007-05-06 19:21 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Apple Computer
2007-05-06 19:17 <DIR> d-------- C:\Program Files\D-Link AirPlus
2007-05-06 19:16 964 -ra------ C:\WINDOWS\system32\drivers\RADIO11.bin
2007-05-06 19:16 964 -ra------ C:\WINDOWS\system\RADIO11.bin
2007-05-06 19:16 936 -ra------ C:\WINDOWS\system32\drivers\RADIO0d.bin
2007-05-06 19:16 936 -ra------ C:\WINDOWS\system\RADIO0d.bin
2007-05-06 19:16 912 -ra------ C:\WINDOWS\system32\drivers\RADIO15.bin
2007-05-06 19:16 912 -ra------ C:\WINDOWS\system\RADIO15.bin
2007-05-06 19:16 40,636 -ra------ C:\WINDOWS\system32\drivers\WLANGEN.bin
2007-05-06 19:16 40,636 -ra------ C:\WINDOWS\system\WLANGEN.bin
2007-05-06 19:16 255,360 -ra------ C:\WINDOWS\system32\drivers\AIRPLUS.sys
2007-05-06 19:12 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-05-06 19:12 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-05-06 19:12 <DIR> d-------- C:\Program Files\Intel
2007-05-06 19:11 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-05-06 18:41 2,883,584 --ah----- C:\DOCUME~1\Lukas\NTUSER.DAT
2007-05-06 18:41 <DIR> dr-h----- C:\DOCUME~1\Lukas\Dane aplikacji
2007-05-06 18:41 <DIR> dr------- C:\DOCUME~1\Lukas\Ulubione
2007-05-06 18:41 <DIR> dr------- C:\DOCUME~1\Lukas\Moje dokumenty
2007-05-06 18:41 <DIR> dr------- C:\DOCUME~1\Lukas\Menu Start
2007-05-06 18:41 <DIR> d--h----- C:\DOCUME~1\Lukas\Ustawienia lokalne
2007-05-06 18:41 <DIR> d--h----- C:\DOCUME~1\Lukas\Szablony
2007-05-06 18:41 <DIR> d-------- C:\DOCUME~1\Lukas\Pulpit
2007-05-06 18:40 262,144 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT
2007-05-06 18:40 229,376 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT
2007-05-06 18:40 <DIR> d--h----- C:\DOCUME~1\NETWOR~1\Ustawienia lokalne
2007-05-06 18:40 <DIR> d--h----- C:\DOCUME~1\LOCALS~1\Ustawienia lokalne
2007-05-06 18:40 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-05-06 18:40 <DIR> d-------- C:\WINDOWS\Prefetch
2007-05-06 18:40 <DIR> d-------- C:\DOCUME~1\NETWOR~1\Dane aplikacji
2007-05-06 18:40 <DIR> d-------- C:\DOCUME~1\LOCALS~1\Dane aplikacji
2007-05-06 18:37 229,376 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT
2007-05-06 18:37 0 -rahs---- C:\MSDOS.SYS
2007-05-06 18:37 0 -rahs---- C:\IO.SYS
2007-05-06 18:37 0 --a------ C:\CONFIG.SYS
2007-05-06 18:37 0 --a------ C:\AUTOEXEC.BAT
2007-05-06 18:37 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-05-06 18:37 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-05-06 18:36 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-05-06 18:36 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM
2007-05-06 18:35 <DIR> dr------- C:\WINDOWS\Offline Web Pages
2007-05-06 18:35 <DIR> d--h----- C:\Program Files\WindowsUpdate
2007-05-06 18:35 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
2007-05-06 18:35 <DIR> d-------- C:\WINDOWS\system32\DirectX
2007-05-06 18:35 <DIR> d-------- C:\Program Files\Usˆugi online
2007-05-06 18:34 81,920 --a------ C:\WINDOWS\system32\ils.dll
2007-05-06 18:34 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-05-06 18:34 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-05-06 18:34 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-05-06 18:34 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2007-05-06 18:34 678,400 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-06 18:34 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2007-05-06 18:34 67,584 --a------ C:\WINDOWS\system32\acctres.dll
2007-05-06 18:34 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-05-06 18:34 49,664 --a------ C:\WINDOWS\system32\inetres.dll
2007-05-06 18:34 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-05-06 18:34 431,616 --a------ C:\WINDOWS\system32\wuapi.dll
2007-05-06 18:34 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-05-06 18:34 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-05-06 18:34 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-05-06 18:34 36,864 --a------ C:\WINDOWS\system32\wups.dll
2007-05-06 18:34 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-05-06 18:34 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-05-06 18:34 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-05-06 18:34 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-05-06 18:34 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-05-06 18:34 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-05-06 18:34 240,128 --a------ C:\WINDOWS\system32\srrstr.dll
2007-05-06 18:34 22,528 --a------ C:\WINDOWS\system32\fltMc.exe
2007-05-06 18:34 184,320 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-05-06 18:34 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-05-06 18:34 171,008 --a------ C:\WINDOWS\system32\srsvc.dll
2007-05-06 18:34 168,960 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-05-06 18:34 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-05-06 18:34 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-05-06 18:34 124,800 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys
2007-05-06 18:34 120,320 --a------ C:\WINDOWS\system32\wuweb.dll
2007-05-06 18:34 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-05-06 18:34 113,664 --a------ C:\WINDOWS\system32\wucltui.dll
2007-05-06 18:34 112,128 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-05-06 18:34 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2007-05-06 18:34 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-05-06 18:34 1,134,592 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-05-06 18:34 <DIR> d---s---- C:\WINDOWS\Tasks
2007-05-06 18:34 <DIR> d-------- C:\WINDOWS\system32\Restore
2007-05-06 18:34 <DIR> d-------- C:\WINDOWS\system32\Macromed
2007-05-06 18:34 <DIR> d-------- C:\WINDOWS\srchasst
2007-05-06 18:34 <DIR> d-------- C:\Program Files\Movie Maker
2007-05-06 18:34 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2007-05-06 18:33 86,016 --a------ C:\WINDOWS\system32\isign32.dll
2007-05-06 18:33 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-05-06 18:33 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-05-06 18:33 278,528 --a------ C:\WINDOWS\system32\mstask.dll
2007-05-06 18:33 278,528 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-05-06 18:33 21,856 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-05-06 18:33 192,000 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-05-06 18:33 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-05-06 18:33 <DIR> d-------- C:\WINDOWS\Registration
2007-05-06 18:32 949,248 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-05-06 18:32 94,720 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-05-06 18:32 90,112 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-05-06 18:32 9,728 --a------ C:\WINDOWS\system32\reset.exe
2007-05-06 18:32 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-05-06 18:32 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-05-06 18:32 82,432 --a------ C:\WINDOWS\system32\comrepl.dll
2007-05-06 18:32 80,896 --a------ C:\WINDOWS\system32\charmap.exe
2007-05-06 18:32 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2007-05-06 18:32 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-05-06 18:32 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-05-06 18:32 628,224 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-05-06 18:32 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-05-06 18:32 62,464 --a------ C:\WINDOWS\system32\colbact.dll
2007-05-06 18:32 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2007-05-06 18:32 60,928 --a------ C:\WINDOWS\system32\remotepg.dll
2007-05-06 18:32 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-05-06 18:32 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-05-06 18:32 57,344 --a------ C:\WINDOWS\system32\sol.exe
2007-05-06 18:32 55,808 --a------ C:\WINDOWS\system32\freecell.exe
2007-05-06 18:32 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2007-05-06 18:32 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2007-05-06 18:32 539,136 --a------ C:\WINDOWS\system32\spider.exe
2007-05-06 18:32 501,248 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-05-06 18:32 5,632 --a------ C:\WINDOWS\system32\write.exe
2007-05-06 18:32 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-05-06 18:32 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-05-06 18:32 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2007-05-06 18:32 425,472 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-05-06 18:32 408,576 --a------ C:\WINDOWS\system32\mstsc.exe
2007-05-06 18:32 4,608 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-05-06 18:32 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-05-06 18:32 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-05-06 18:32 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2007-05-06 18:32 349,696 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-05-06 18:32 345,088 --a------ C:\WINDOWS\system32\mspaint.exe
2007-05-06 18:32 33,792 --a------ C:\WINDOWS\system32\regini.exe
2007-05-06 18:32 296,448 --a------ C:\WINDOWS\system32\termsrv.dll
2007-05-06 18:32 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-05-06 18:32 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-05-06 18:32 231,424 --a------ C:\WINDOWS\system32\avtapi.dll
2007-05-06 18:32 229,888 --a------ C:\WINDOWS\system32\catsrv.dll
2007-05-06 18:32 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-05-06 18:32 22,528 --a------ C:\WINDOWS\system32\msg.exe
2007-05-06 18:32 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-05-06 18:32 20,992 --a------ C:\WINDOWS\system32\qprocess.exe
2007-05-06 18:32 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-05-06 18:32 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-05-06 18:32 187,904 --a------ C:\WINDOWS\system32\accwiz.exe
2007-05-06 18:32 17,920 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-05-06 18:32 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-05-06 18:32 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-05-06 18:32 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2007-05-06 18:32 16,384 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-05-06 18:32 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-05-06 18:32 15,872 --a------ C:\WINDOWS\system32\logoff.exe
2007-05-06 18:32 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-05-06 18:32 15,360 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-05-06 18:32 15,360 --a------ C:\WINDOWS\system32\tscon.exe
2007-05-06 18:32 15,360 --a------ C:\WINDOWS\system32\shadow.exe
2007-05-06 18:32 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-05-06 18:32 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-05-06 18:32 141,824 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-05-06 18:32 139,400 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-05-06 18:32 139,264 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-05-06 18:32 132,608 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-05-06 18:32 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-05-06 18:32 128,000 --a------ C:\WINDOWS\system32\mshearts.exe
2007-05-06 18:32 124,928 --a------ C:\WINDOWS\system32\mplay32.exe
2007-05-06 18:32 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-05-06 18:32 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2007-05-06 18:32 115,200 --a------ C:\WINDOWS\system32\calc.exe
2007-05-06 18:32 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-05-06 18:32 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-05-06 18:32 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-05-06 18:32 103,424 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-05-06 18:32 1,251,840 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-05-06 18:32 1,225 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-05-06 18:32 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2007-05-06 18:32 <DIR> d-------- C:\WINDOWS\system32\Com
2007-05-06 18:32 <DIR> d-------- C:\Program Files\Windows NT
2007-05-06 18:32 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2007-05-06 18:32 <DIR> d-------- C:\Program Files\Messenger
2007-05-06 18:31 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-05-06 18:31 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-05-06 18:31 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-05-06 18:31 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-05-06 18:31 187,904 --a------ C:\WINDOWS\system32\cmprops.dll
2007-05-06 18:31 17,920 --a------ C:\WINDOWS\system32\mmfutil.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-05-07 15:46:53 50,968 ----a-w C:\WINDOWS\system32\perfc015.dat
2007-05-07 15:46:53 359,178 ----a-w C:\WINDOWS\system32\perfh015.dat
2007-05-07 12:54:06 -------- d-----w C:\DOCUME~1\Lukas\DANEAP~1\Moje pliki zapisu Bitwy o Śródziemie
2007-05-06 16:35:37 -------- d-----w C:\Program Files\Usługi online
2007-03-27 01:39:14 20,480 ----a-w C:\WINDOWS\system32\ac3config.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 16:39]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 00:48]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 13:22]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 13:03]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-05-06 20:14]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-11-17 17:29]
"nwiz"="nwiz.exe" [2006-11-17 17:29 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-11-17 17:29]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-07-12 11:58]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-04-25 17:44]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-08-22 17:05]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 20:24]
"SoundMan"="SOUNDMAN.EXE" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-01-30 16:58]
"µTorrent"="C:\Documents and Settings\Lukas\Pulpit\utorrent.exe" [2007-05-19 14:25]
"SkinClock"="C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe" [2007-05-15 16:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [2006-10-27 00:48]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages msv1_0
Security Packages kerberos msv1_0 schannel wdigest
Notification Packages scecli
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HTTPFilter HTTPFilter
LocalService Alerter WebClient LmHosts RemoteRegistry upnphost SSDPSRV
NetworkService DnsCache
DcomLaunch DcomLaunch TermService
rpcss RpcSs
imgsvc StiSvc
termsvcs TermService
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*
*Newly Created Service* -PROCEXP90
Contents of the 'Scheduled Tasks' folder
2007-05-14 20:36:01 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
********************************************************************
catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-19 23:44:02
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
********************************************************************
Completion time: 2007-05-19 23:44:25
--- E O F ---
[quote]Logfile of HijackThis v1.99.1
Scan saved at 23:47:54, on 2007-05-19
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\D-Link AirPlus\AirPlus.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Lukas\Pulpit\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [µTorrent] "C:\Documents and Settings\Lukas\Pulpit\utorrent.exe"
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
O4 - Global Startup: D-Link AirPlus.lnk = ?
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F6EABB8-2AB5-45CB-B6CD-BEFBBEAD593F}: NameServer = 192.168.0.1,194.204.159.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F6EABB8-2AB5-45CB-B6CD-BEFBBEAD593F}: NameServer = 192.168.0.1,194.204.159.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2F6EABB8-2AB5-45CB-B6CD-BEFBBEAD593F}: NameServer = 192.168.0.1,194.204.159.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDs
