Deckard's System Scanner v20071014.68 Run by Dj Krisalis on 2007-12-30 19:32:45 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Dj Krisalis.exe) ----------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:32:54, on 2007-12-30 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\Program Files\Ashampoo\Ashampoo Magical UnInstall\MagicalUnInstall.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe C:\Program Files\Skype\Phone\Skype.exe C:\Documents and Settings\Dj Krisalis\Menu Start\Programy\Autostart\at-opera-err.console-autoclose.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\BitComet\tools\CometBrowser.exe C:\Program Files\Opera\Opera.exe C:\PROGRA~1\MICROS~3\wkcalrem.exe C:\Documents and Settings\Dj Krisalis\Pulpit\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\DJKRIS~1.EXE R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = Download Directory R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcf.pl/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [MagUninstall] "C:\Program Files\Ashampoo\Ashampoo Magical UnInstall\MagicalUnInstall.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [Onet.pl AutoUpdate] C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe /tsr O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo Magical UnInstall\UIWatcher.exe O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user') O4 - Startup: at-opera-err.console-autoclose.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O14 - IERESET.INF: START_PAGE_URL=http://www.pcf.pl/ O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: AshampooDefragService - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8156 bytes -- Files created between 2007-11-30 and 2007-12-30 ----------------------------- 2007-12-30 17:38:57 0 d-------- C:\Program Files\Google 2007-12-30 17:35:09 2560 --a------ C:\WINDOWS\system32\bitcometres.dll 2007-12-30 17:35:08 0 d-------- C:\Downloads 2007-12-28 20:38:28 0 d--hs---- C:\WINDOWS\ftpcache 2007-12-28 00:27:08 0 d-------- C:\Program Files\GIMP-2.0 2007-12-27 21:22:23 0 d-------- C:\Program Files\Common Files\Onet.pl 2007-12-27 21:22:12 0 d-------- C:\Program Files\Onet 2007-12-27 19:57:33 0 d-------- C:\Program Files\Barbie(TM) 2007-12-25 17:45:44 0 d-------- C:\Program Files\Skype 2007-12-25 17:45:43 0 d-------- C:\Program Files\Common Files\Skype 2007-12-25 17:33:34 2829 --a------ C:\WINDOWS\W2BNEUnin.pif 2007-12-25 17:33:34 98304 --a------ C:\WINDOWS\W2BNEUnin.exe 2007-12-25 17:33:34 14496 --a------ C:\WINDOWS\W2BNEUnin.dat 2007-12-25 17:33:12 0 d-------- C:\frozen 2007-12-25 04:58:57 0 d--h----- C:\WINDOWS\PIF 2007-12-25 01:31:38 0 d-------- C:\Program Files\Microsoft Works 2007-12-25 01:15:10 0 d-------- C:\Program Files\Słownik 2007-12-25 01:15:10 0 d-------- C:\Program Files\Common Files\Borland Shared 2007-12-25 01:15:00 299520 --a------ C:\WINDOWS\uninst.exe 2007-12-25 00:47:12 0 d-------- C:\Program Files\Microsoft Silverlight 2007-12-24 21:56:22 8908832 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-12-24 21:51:25 0 d-------- C:\Program Files\ZoneAlarmSB 2007-12-24 21:48:21 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-12-24 21:48:13 11264 --a------ C:\WINDOWS\system32\SpOrder.dll 2007-12-24 21:47:51 0 d-------- C:\WINDOWS\system32\ZoneLabs 2007-12-24 21:46:46 0 d-------- C:\WINDOWS\Internet Logs 2007-12-24 18:42:34 0 d-------- C:\Program Files\MSXML 6.0 2007-12-24 00:31:56 0 d-------- C:\Program Files\Windows Media Connect 2 2007-12-24 00:30:33 0 d-------- C:\WINDOWS\system32\LogFiles 2007-12-24 00:30:33 0 d-------- C:\WINDOWS\system32\drivers\UMDF 2007-12-23 22:00:01 0 d-------- C:\Program Files\MSBuild 2007-12-23 21:50:42 0 d-------- C:\WINDOWS\system32\XPSViewer 2007-12-23 21:49:29 0 d-------- C:\Program Files\Reference Assemblies 2007-12-23 20:56:30 0 d-------- C:\Program Files\MSXML 4.0 2007-12-23 16:01:03 0 d-------- C:\Program Files\Trend Micro 2007-12-23 00:58:21 276713 --a------ C:\WINDOWS\PC Video Converter Studio Uninstaller.exe 2007-12-23 00:58:12 0 d-------- C:\Program Files\PC Video Converter Studio 2007-12-20 13:35:39 0 d-------- C:\Program Files\Usb to Serial Driver 1.12.28 2007-12-19 14:26:48 0 d-------- C:\Ajt Soft 2007-12-19 14:24:39 0 d-------- C:\Program Files\Gadu-Gadu 2007-12-19 14:21:30 0 d-------- C:\Program Files\BitComet 2007-12-19 14:11:19 0 d-------- C:\temp 2007-12-19 13:59:13 0 d-------- C:\Program Files\SubEdit-Player 2007-12-19 13:52:57 0 d-------- C:\Program Files\Winamp Remote 2007-12-19 13:51:22 0 d-------- C:\Program Files\Winamp 2007-12-19 13:41:30 0 d-------- C:\Program Files\Nero 2007-12-19 13:41:30 0 d-------- C:\Program Files\Common Files\Ahead 2007-12-19 12:50:23 0 d-------- C:\Program Files\CyberLink 2007-12-19 12:28:05 0 d-------- C:\WINDOWS\RegisteredPackages 2007-12-19 11:55:10 0 d-------- C:\Program Files\Common Files\HP 2007-12-19 11:53:21 0 d-------- C:\Program Files\Hewlett-Packard 2007-12-19 11:53:00 0 d-------- C:\Program Files\Common Files\Hewlett-Packard 2007-12-19 11:51:06 73728 --a------ C:\WINDOWS\system32\HPZipm12.exe 2007-12-19 11:51:00 306688 --a------ C:\WINDOWS\IsUninst.exe 2007-12-19 11:49:37 0 d-------- C:\Program Files\HP 2007-12-19 11:46:57 120253 --a------ C:\WINDOWS\hpoins11.dat 2007-12-18 19:22:02 0 d-------- C:\Program Files\DIFX 2007-12-18 19:21:14 0 d-------- C:\Program Files\Common Files\PCSuite 2007-12-18 19:21:14 0 d-------- C:\Program Files\Common Files\Nokia 2007-12-18 19:20:50 0 d-------- C:\Program Files\PC Connectivity Solution 2007-12-18 19:20:42 0 d------c- C:\WINDOWS\system32\DRVSTORE 2007-12-18 19:20:39 0 d-------- C:\Program Files\Nokia 2007-12-18 19:06:22 0 d-------- C:\Program Files\Common Files\Adobe 2007-12-18 19:00:38 0 d-------- C:\Program Files\Common Files\ACD Systems 2007-12-18 19:00:38 0 d-------- C:\Program Files\ACD Systems 2007-12-18 18:58:58 0 d-------- C:\WINDOWS\Downloaded Installations 2007-12-18 11:20:26 0 d-------- C:\WINDOWS\system32\SoftwareDistribution 2007-12-18 11:19:03 0 d-------- C:\Program Files\Opera 2007-12-18 11:08:34 0 d-------- C:\Program Files\Ashampoo 2007-12-18 01:16:45 160016 --a------ C:\WINDOWS\system32\WNASPI32.DLL 2007-12-18 01:16:45 99328 --a------ C:\WINDOWS\system32\CDRIP.DLL 2007-12-18 01:16:45 28244 --a------ C:\WINDOWS\system32\bass_wv.dll 2007-12-18 01:16:45 19032 --a------ C:\WINDOWS\system32\bass_mpc.dll 2007-12-18 01:16:45 29284 --a------ C:\WINDOWS\system32\bass_ape.dll 2007-12-18 01:16:45 16464 --a------ C:\WINDOWS\system32\bass_ac3.dll 2007-12-18 01:16:44 47160 --a------ C:\WINDOWS\system32\basswma.dll 2007-12-18 01:16:44 21056 --a------ C:\WINDOWS\system32\bassflac.dll 2007-12-18 01:16:44 13880 --a------ C:\WINDOWS\system32\basscd.dll 2007-12-18 01:16:44 151132 --a------ C:\WINDOWS\system32\bass_aac.dll 2007-12-18 01:16:44 92216 --a------ C:\WINDOWS\system32\bass.dll 2007-12-18 01:16:34 0 d-------- C:\Program Files\TC UP 2007-12-18 01:03:13 0 d-------- C:\Program Files\My Company Name 2007-12-18 01:02:57 992896 --a------ C:\WINDOWS\system32\drivers\Bravo_n.sys 2007-12-18 01:02:57 992896 --a------ C:\WINDOWS\system32\drivers\Bravo_a.sys 2007-12-18 01:02:57 11008 --a------ C:\WINDOWS\system32\drivers\atkkbnt.sys 2007-12-18 01:02:57 10496 --a------ C:\WINDOWS\system32\ATKOSDMini.DLL 2007-12-18 01:02:57 1667072 --a------ C:\WINDOWS\system32\ATKDispCPL.dll 2007-12-18 01:02:57 250496 --a------ C:\WINDOWS\system32\ATKDISP.dll 2007-12-18 01:02:57 241664 --a------ C:\WINDOWS\ATKKBService.exe 2007-12-18 01:02:56 2033664 --a------ C:\WINDOWS\system32\ATKOSDX32.dll 2007-12-18 01:02:56 37888 --a------ C:\WINDOWS\system32\ATKOGL32.dll 2007-12-18 01:02:56 46080 --a------ C:\WINDOWS\system32\asrussian.dll 2007-12-18 01:02:56 45568 --a------ C:\WINDOWS\system32\askorean.dll 2007-12-18 01:02:56 45568 --a------ C:\WINDOWS\system32\asjapan.dll 2007-12-18 01:02:56 46080 --a------ C:\WINDOWS\system32\asgerman.dll 2007-12-18 01:02:56 46592 --a------ C:\WINDOWS\system32\asfrench.dll 2007-12-18 01:02:56 46080 --a------ C:\WINDOWS\system32\aseng.dll 2007-12-18 01:02:56 45568 --a------ C:\WINDOWS\system32\ASCHT.dll 2007-12-18 01:02:56 45568 --a------ C:\WINDOWS\system32\aschs.dll 2007-12-18 01:00:53 12288 -ra------ C:\WINDOWS\system32\drivers\EIO.sys 2007-12-18 00:56:53 5685 -ra------ C:\WINDOWS\system32\drivers\AsIO.sys 2007-12-18 00:56:53 24576 -ra------ C:\WINDOWS\system32\AsIO.dll 2007-12-18 00:56:51 5120 --a------ C:\WINDOWS\system32\drivers\AsInsHelp64.sys 2007-12-18 00:56:51 3328 --a------ C:\WINDOWS\system32\drivers\AsInsHelp32.sys 2007-12-18 00:56:51 0 d-------- C:\Program Files\ASUS 2007-12-18 00:55:00 0 d-------- C:\WINDOWS\vnDrvBas 2007-12-18 00:54:45 352256 -r------- C:\WINDOWS\system32\JMRaidTool.exe 2007-12-18 00:54:45 139264 -r------- C:\WINDOWS\system32\JMRaidAPI.dll 2007-12-18 00:54:45 0 d-------- C:\WINDOWS\JM 2007-12-18 00:52:26 0 d-------- C:\Program Files\Analog Devices 2007-12-18 00:49:01 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-12-18 00:48:17 0 d-------- C:\WINDOWS\system32\ReinstallBackups 2007-12-18 00:47:43 0 d-------- C:\Program Files\VIA 2007-12-18 00:47:16 5824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS 2007-12-17 23:18:45 0 d--hs---- C:\WINDOWS\Installer 2007-12-17 23:18:44 0 d-------- C:\Program Files\Common Files\ODBC 2007-12-17 23:18:41 0 dr------- C:\Program Files 2007-12-17 23:18:41 0 d-------- C:\Program Files\Common Files 2007-12-17 23:18:41 0 d-------- C:\Program Files\Common Files\SpeechEngines 2007-12-17 23:18:03 0 d-------- C:\WINDOWS\system32\CatRoot2 2007-12-17 23:18:03 0 d-------- C:\WINDOWS\system32\CatRoot 2007-12-17 23:17:39 0 d-------- C:\Documents and Settings 2007-12-17 23:15:08 0 d--hs---- C:\System Volume Information 2007-12-17 23:11:22 0 d-------- C:\WINDOWS 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\WinSxS 2007-12-17 23:11:22 0 dr------- C:\WINDOWS\Web 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\twain_32 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\wins 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\wbem 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\usmt 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\spool 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\ShellExt 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\Setup 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\ras 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\oobe 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\npp 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\mui 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\inetsrv 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\IME 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\icsxml 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\ias 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\export 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\drivers 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\drivers\etc 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\drivers\disdn 2007-12-17 23:11:22 0 dr-hs--c- C:\WINDOWS\system32\dllcache 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\dhcp 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\config 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\3com_dmi 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\3076 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\2052 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\1054 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\1045 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\1042 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\1041 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\1037 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\1033 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\1031 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\1028 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system32\1025 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\system 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\security 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\Resources 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\repair 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\Provisioning 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\PeerNet 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\pchealth 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\mui 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\msapps 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\msagent 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\Media 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\java 2007-12-17 23:11:22 0 d--h----- C:\WINDOWS\inf 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\ime 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\Help 2007-12-17 23:11:22 0 dr--s---- C:\WINDOWS\Fonts 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\Driver Cache 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\Debug 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\Cursors 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\Connection Wizard 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\Config 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\AppPatch 2007-12-17 23:11:22 0 d-------- C:\WINDOWS\addins 2007-12-17 22:52:28 0 d-------- C:\Program Files\xp-AntiSpy 2007-12-17 22:51:17 545 --a------ C:\WINDOWS\UC.PIF 2007-12-17 22:51:17 545 --a------ C:\WINDOWS\RAR.PIF 2007-12-17 22:51:17 545 --a------ C:\WINDOWS\PKZIP.PIF 2007-12-17 22:51:17 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2007-12-17 22:51:17 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2007-12-17 22:51:17 545 --a------ C:\WINDOWS\LHA.PIF 2007-12-17 22:51:17 545 --a------ C:\WINDOWS\ARJ.PIF 2007-12-17 22:51:17 0 d-------- C:\totalcmd 2007-12-17 22:47:13 0 d-------- C:\Program Files\Common Files\Raxco 2007-12-17 22:46:57 0 d-------- C:\Program Files\RAXCO 2007-12-17 22:46:09 40960 --a------ C:\WINDOWS\system32\ssubtmr6.dll 2007-12-17 22:46:09 0 d-------- C:\Program Files\Smarty Uninstaller Pro 2007-12-17 22:44:54 0 d-------- C:\Program Files\TGTSoft 2007-12-17 22:44:04 0 d-------- C:\WINDOWS\nview 2007-12-17 22:43:46 0 d-------- C:\Program Files\Common Files\InstallShield 2007-12-17 22:42:05 0 d-------- C:\NVIDIA 2007-12-17 22:41:30 0 dr-hs---- C:\Recycled 2007-12-17 22:38:24 0 d-------- C:\WINDOWS\SoftwareDistribution 2007-12-17 22:38:23 0 d-------- C:\WINDOWS\Prefetch 2007-12-17 22:38:22 0 d---s---- C:\WINDOWS\system32\Microsoft 2007-12-17 22:33:33 0 d-------- C:\WINDOWS\system32\xircom 2007-12-17 22:33:33 0 d-------- C:\Program Files\microsoft frontpage 2007-12-17 22:30:02 0 d-------- C:\WINDOWS\system32\PreInstall 2007-12-17 22:29:30 0 d-------- C:\Program Files\Java 2007-12-17 22:29:29 0 d-------- C:\Program Files\Common Files\Java 2007-12-17 22:28:18 0 d-------- C:\WINDOWS\system32\URTTemp 2007-12-17 22:28:06 0 d--h----- C:\WINDOWS\$hf_mig$ 2007-12-17 22:27:55 0 -rahs---- C:\MSDOS.SYS 2007-12-17 22:27:55 0 -rahs---- C:\IO.SYS 2007-12-17 22:27:08 0 dr------- C:\WINDOWS\Offline Web Pages 2007-12-17 22:27:08 0 d---s---- C:\WINDOWS\Downloaded Program Files 2007-12-17 22:27:00 0 d--h----- C:\Program Files\WindowsUpdate 2007-12-17 22:26:58 0 d-------- C:\Program Files\Usługi online 2007-12-17 22:26:42 0 d-------- C:\WINDOWS\system32\DirectX 2007-12-17 22:26:05 0 d---s---- C:\WINDOWS\Tasks 2007-12-17 22:26:04 0 d-------- C:\Program Files\Common Files\MSSoap 2007-12-17 22:26:00 0 d-------- C:\WINDOWS\srchasst 2007-12-17 22:25:59 0 d-------- C:\WINDOWS\system32\Macromed 2007-12-17 22:25:51 0 d-------- C:\Program Files\Movie Maker 2007-12-17 22:25:43 0 d-------- C:\WINDOWS\system32\Restore 2007-12-17 22:25:25 21856 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-12-17 22:25:12 0 d-------- C:\WINDOWS\Registration 2007-12-17 22:24:46 0 d-------- C:\Program Files\Messenger 2007-12-17 22:24:42 0 d-------- C:\Program Files\MSN Gaming Zone 2007-12-17 22:24:10 0 d-------- C:\Program Files\Windows NT 2007-12-17 22:24:07 0 d-------- C:\WINDOWS\system32\MsDtc 2007-12-17 22:24:05 0 d-------- C:\WINDOWS\system32\Com -- Find3M Report --------------------------------------------------------------- 2007-12-30 19:06:30 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Skype 2007-12-30 18:40:52 1816 --a------ C:\Documents and Settings\Dj Krisalis\Dane aplikacji\wklnhst.dat 2007-12-27 21:22:51 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Onet 2007-12-27 21:22:40 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Listonosz 2007-12-27 21:22:38 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\AutoUpdate 2007-12-27 21:19:10 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Ahead 2007-12-27 18:33:44 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Nokia Multimedia Player 2007-12-26 01:36:10 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Video DVD Maker FREE 2007-12-25 23:36:26 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Image Zone Express 2007-12-25 23:36:25 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Printer Info Cache 2007-12-25 02:16:00 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Template 2007-12-25 00:30:27 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\CCleanup 2007-12-24 18:40:47 494308 --a------ C:\WINDOWS\system32\perfh015.dat 2007-12-24 18:40:47 86968 --a------ C:\WINDOWS\system32\perfc015.dat 2007-12-23 20:35:57 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\ESET 2007-12-21 16:02:52 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\AdobeUM 2007-12-19 18:32:43 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Macromedia 2007-12-19 18:32:43 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Adobe 2007-12-19 18:28:52 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Ashampoo Photo Commander 4 2007-12-19 15:08:23 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Gadu-Gadu 2007-12-19 14:06:17 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Winamp 2007-12-19 12:29:59 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\HP 2007-12-18 19:23:28 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\PC Suite 2007-12-18 19:23:15 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Nokia 2007-12-18 11:19:23 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Opera 2007-12-18 01:18:45 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Help 2007-12-17 23:18:14 62 --ahs---- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\desktop.ini 2007-12-17 22:28:10 0 d-------- C:\Documents and Settings\Dj Krisalis\Dane aplikacji\Identities -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}] 2007-12-24 21:51 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-07-12 10:47] "MagUninstall"="C:\Program Files\Ashampoo\Ashampoo Magical UnInstall\MagicalUnInstall.exe" [2007-11-02 15:58] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 03:01] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40] "DefragTaskBar"="C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" [2007-08-28 16:31] "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-11-23 21:51] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 10:22] "NvMediaCenter"="NvMCTray.dll" [2006-06-01 10:22 C:\WINDOWS\system32\nvmctray.dll] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05] "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-12-20 16:16] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 15:21 C:\WINDOWS\system32\HdAShCut.exe] "Onet.pl AutoUpdate"="C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe" [2006-02-08 15:40] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UIWatcher"="C:\Program Files\Ashampoo\Ashampoo Magical UnInstall\UIWatcher.exe" [] "Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-05-10 15:36] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-06-08 15:22] "PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 10:12] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoRecentDocsNetHood"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoRecentDocsNetHood"=1 (0x1) "NoSharedDocuments"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f5f0417-ace8-11dc-baee-8484e3d4cbea}] AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe Open(&0)\command- F:\Recycled\ctfmon.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f5f0418-ace8-11dc-baee-8484e3d4cbea}] AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe Open(&0)\command- G:\Recycled\ctfmon.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f09e2fb0-ad93-11dc-b397-0018f3eabf35}] Auto\command- activexdebugger32.exe f AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f explore\Command- activexdebugger32.exe f open\Command- activexdebugger32.exe f -- End of Deckard's System Scanner: finished at 2007-12-30 19:34:04 ------------