ComboFix 07-11-19.4 - NASZA CHATA 2007-11-27 14:57:58.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.42 [GMT 1:00] Running from: E:\pawel\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2007-10-27 to 2007-11-27 ))))))))))))))))))))))))))))))) . 2007-11-27 14:38 d--h----- C:\Documents and Settings\Administrator\Ustawienia lokalne 2007-11-27 14:38 d-------- C:\Documents and Settings\Administrator\Ulubione 2007-11-27 14:38 d--h----- C:\Documents and Settings\Administrator\Szablony 2007-11-27 14:38 d-------- C:\Documents and Settings\Administrator\Pulpit 2007-11-27 14:38 d-------- C:\Documents and Settings\Administrator\Moje dokumenty 2007-11-27 14:38 dr------- C:\Documents and Settings\Administrator\Menu Start 2007-11-27 14:38 dr-h----- C:\Documents and Settings\Administrator\Dane aplikacji 2007-11-26 20:16 2,506 --a------ C:\WINDOWS\system32\tmp.reg 2007-11-25 15:15 d-a------ C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2007-11-25 15:14 d-------- C:\Program Files\Spyware Doctor 2007-11-25 15:14 d-------- C:\Documents and Settings\NASZA CHATA\Dane aplikacji\PC Tools 2007-11-25 15:14 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys 2007-11-25 15:14 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys 2007-11-25 15:14 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys 2007-11-25 15:14 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys 2007-11-25 14:19 d-------- C:\Program Files\Panda Software 2007-11-24 23:28 d-------- C:\Documents and Settings\All Users\Dane aplikacji\ESET 2007-11-19 19:44 d-------- C:\Program Files\CMBSCENE 2007-11-19 19:44 896,000 --a------ C:\WINDOWS\Screen Scenes V2.scr 2007-11-14 17:57 d-------- C:\Program Files\Piłka 2007-11-12 21:13 d-------- C:\Documents and Settings\NASZA CHATA\Dane aplikacji\Tlen.pl 2007-11-12 21:11 d-------- C:\Program Files\Tlen.pl 2007-11-10 21:55 d-------- C:\Documents and Settings\NASZA CHATA\Dane aplikacji\Hamachi 2007-11-10 21:53 d-------- C:\Program Files\Hamachi 2007-11-10 21:53 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2007-11-10 19:26 d-------- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles 2007-11-07 18:30 86,016 --a------ C:\WINDOWS\unvise32.exe 2007-11-02 11:55 d-------- C:\Program Files\eMule . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-27 06:04 --------- d-----w C:\Program Files\Lx_cats 2007-11-25 14:52 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-11-25 13:42 --------- d-----w C:\Program Files\Gadu-Gadu 2007-11-24 22:26 --------- d-----w C:\Program Files\ArcaVir 2007-11-23 20:19 --------- d-----w C:\Program Files\English Translator 3 2007-10-24 12:58 --------- d-----w C:\Program Files\MSXML 4.0 2007-10-23 15:22 --------- d-----w C:\Documents and Settings\NASZA CHATA\Dane aplikacji\Gadu-Gadu 2007-10-23 14:02 4,346,704 ----a-w C:\gg77.exe 2007-10-22 20:22 --------- d-----w C:\Documents and Settings\NASZA CHATA\Dane aplikacji\MSN6 2007-10-22 20:22 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\MSN6 2007-10-22 19:32 --------- d-----w C:\Program Files\Thomson 2006-06-22 19:58 604,433 ----a-w C:\Program Files\DX-Ball.exe 2006-02-24 19:37 419 ----a-w C:\Program Files\INSTALL.LOG 1998-04-30 13:56 129,024 ----a-w C:\Program Files\UNWISE.EXE . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LXCGCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-04-27 15:21] "EPSON Stylus C42 Series (Kopia 1)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe" [2002-07-01 04:05] "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe" [2004-06-03 22:05] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-03-23 11:06] "NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:44 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2004-07-15 11:42 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="RUNDLL32.exe" [2004-08-04 00:44 C:\WINDOWS\system32\rundll32.exe] "SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-11-02 17:24] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:44] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=NVDESK32.DLL [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Reboot.exe] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Reboot.exe backup=C:\WINDOWS\pss\Reboot.exeCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^NASZA CHATA^Menu Start^Programy^Autostart^Rejestrowanie produktów Corela.lnk] path=C:\Documents and Settings\NASZA CHATA\Menu Start\Programy\Autostart\Rejestrowanie produktów Corela.lnk backup=C:\WINDOWS\pss\Rejestrowanie produktów Corela.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^NASZA CHATA^Menu Start^Programy^Autostart^UniSpiker-2.6.lnk] path=C:\Documents and Settings\NASZA CHATA\Menu Start\Programy\Autostart\UniSpiker-2.6.lnk backup=C:\WINDOWS\pss\UniSpiker-2.6.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2004-08-04 00:44 15360 --a------ C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EdHTML] F:\EDHTML\EdHTML.exe /none [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 EPSON Stylus C42 Series /O6 USB002 /M Stylus C42 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint] 2005-06-08 17:19 94208 --a------ C:\Program Files\Lexmark 2300 Series\ezprint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe /s [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iKeyWorks] 2002-11-22 18:22 73728 --a------ C:\PROGRA~1\Keyboard\Ikeymain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcgmon.exe] 2005-05-05 00:25 200704 --a------ C:\Program Files\Lexmark 2300 Series\lxcgmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 11:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse] 2002-07-29 19:34 159744 --a------ C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe R0 xmasbus;xmasbus;C:\WINDOWS\system32\DRIVERS\xmasbus.sys R0 xmasscsi;xmasscsi;C:\WINDOWS\system32\Drivers\xmasscsi.sys R3 Amps2prt;A4Tech PS/2 Port Mouse Driver;C:\WINDOWS\system32\DRIVERS\Amps2prt.sys S3 SF-620;Kingsun SF-620 USB Infrared Adapter;C:\WINDOWS\system32\DRIVERS\SF-620.sys S4 Slerru2hc;Slerru2hc;C:\WINDOWS\system32\drivers\arp1394.sys . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-27 15:04:31 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-27 15:07:26 C:\ComboFix2.txt ... 2007-11-26 19:49 . --- E O F ---