ComboFix 08-01-18.4 - Administrator 2008-01-18 14:49:11.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.0.1250.1.1045.18.261 [GMT 1:00] Running from: D:\Programy\ComboFix.exe * Created a new restore point [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((( Files Created from 2007-12-18 to 2008-01-18 ))))))))))))))))))))))))))))))) . 2008-01-18 08:07 . 2008-01-18 08:07 d-------- C:\WINDOWS\ERUNT 2008-01-10 15:32 . 2008-01-10 15:32 d-------- C:\WINDOWS\LastGood 2008-01-07 17:00 . 2008-01-07 17:00 d-------- C:\temp\HP_WebRelease 2008-01-07 17:00 . 2008-01-07 17:00 d-------- C:\temp 2008-01-06 18:11 . 2001-08-18 06:24 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys 2008-01-06 18:11 . 2001-08-18 06:24 135,040 --a--c--- C:\WINDOWS\system32\dllcache\portcls.sys 2008-01-06 18:11 . 2001-08-18 06:24 57,472 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2008-01-06 18:11 . 2001-08-18 06:24 57,472 --a--c--- C:\WINDOWS\system32\dllcache\sysaudio.sys 2008-01-06 18:11 . 2001-08-17 22:01 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2008-01-06 18:11 . 2001-08-17 22:01 57,344 --a--c--- C:\WINDOWS\system32\dllcache\drmk.sys 2008-01-06 18:11 . 2001-08-17 22:00 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys 2008-01-06 18:11 . 2001-08-17 22:00 2,944 --a--c--- C:\WINDOWS\system32\dllcache\msmpu401.sys 2008-01-06 18:11 . 2001-08-17 22:01 2,816 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2008-01-06 18:11 . 2001-08-17 22:01 2,816 --a--c--- C:\WINDOWS\system32\dllcache\drmkaud.sys 2008-01-06 10:18 . 2008-01-06 10:19 d-------- C:\Program Files\HP 2008-01-05 20:57 . 2001-08-17 23:03 21,760 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys 2008-01-05 20:53 . 2008-01-05 20:53 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\HP 2008-01-05 20:51 . 2005-03-08 05:39 274,432 -ra------ C:\WINDOWS\system32\HPZc3212.dll 2008-01-05 20:51 . 2005-03-08 05:43 51,120 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys 2008-01-05 20:51 . 2005-03-08 05:43 21,744 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys 2008-01-05 20:51 . 2005-03-08 05:43 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys 2008-01-05 20:50 . 2001-07-21 22:40 3,144 --a--c--- C:\WINDOWS\system32\dllcache\srgb.icm 2008-01-05 20:46 . 2001-08-17 22:00 24,832 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2008-01-05 20:46 . 2001-08-17 22:00 24,832 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys 2008-01-05 20:46 . 2001-08-17 21:53 13,824 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2008-01-05 20:46 . 2001-08-17 21:53 13,824 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys 2008-01-05 20:45 . 2008-01-05 20:51 d-------- C:\WINDOWS\LastGood.Tmp 2008-01-05 20:45 . 2005-04-08 02:51 606,208 -ra------ C:\WINDOWS\system32\hpotscl.dll 2008-01-05 20:45 . 2005-04-08 02:51 278,528 -ra------ C:\WINDOWS\system32\hpgwiamd.dll 2008-01-05 20:45 . 2005-04-08 02:51 258,122 -ra------ C:\WINDOWS\system32\hpovst08.dll 2008-01-05 20:45 . 2001-08-17 23:03 24,960 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2008-01-05 20:45 . 2001-08-17 23:03 24,960 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys 2008-01-05 15:26 . 2008-01-05 15:26 d-------- C:\Program Files\VIA Technologies, INC 2008-01-05 15:25 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe 2008-01-05 15:25 . 2002-04-01 14:42 19,072 --a------ C:\WINDOWS\system32\drivers\usbehci.sys 2008-01-05 14:57 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-05 14:55 . 2006-05-25 14:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll 2008-01-05 14:55 . 2003-02-02 19:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll 2008-01-05 14:55 . 2005-08-26 00:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll 2008-01-05 14:55 . 2002-03-06 00:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll 2008-01-05 14:55 . 2006-06-19 12:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll 2008-01-05 14:54 . 2008-01-18 14:44 d-------- C:\Program Files\Trojan Remover 2008-01-05 14:54 . 2008-01-05 14:54 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Simply Super Software 2008-01-05 14:54 . 2008-01-05 14:54 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Simply Super Software 2008-01-03 19:28 . 2003-08-25 18:06 182,880 --a------ C:\WINDOWS\system32\iuengine.dll 2008-01-03 19:28 . 2003-08-25 18:06 182,880 --a--c--- C:\WINDOWS\system32\dllcache\iuengine.dll 2008-01-03 19:19 . 2008-01-03 19:19 d-------- C:\WINDOWS\PixArt 2008-01-03 19:19 . 2008-01-03 19:19 d-------- C:\WINDOWS\Downloaded Installations 2008-01-03 19:19 . 2008-01-03 19:19 d-------- C:\Program Files\PC Camer@ 2008-01-03 19:19 . 2008-01-03 19:19 d-------- C:\Program Files\Common Files\PCCamera 2008-01-03 18:18 . 2008-01-03 18:18 d---s---- C:\WINDOWS\system32\Microsoft 2008-01-03 18:18 . 2008-01-03 18:18 d-------- C:\WINDOWS\Sun 2008-01-03 18:18 . 2008-01-03 18:19 d-------- C:\Program Files\AOL Security Toolbar 2008-01-03 18:18 . 2008-01-03 18:18 d-------- C:\Documents and Settings\All Users\Dane aplikacji\AOL 2008-01-03 18:18 . 2008-01-18 14:50 2,132,512 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-01-03 18:18 . 2008-01-18 14:50 51,744 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-01-03 18:18 . 2008-01-18 10:30 32,216 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-01-03 18:18 . 2008-01-18 10:30 7,820 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-01-03 18:17 . 2008-01-03 18:17 d-------- C:\Program Files\Java 2008-01-03 18:17 . 2008-01-03 19:27 d-------- C:\Program Files\Google 2008-01-03 18:17 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-01-03 18:16 . 2008-01-03 18:16 d-------- C:\Program Files\Common Files\Java 2008-01-03 18:06 . 2008-01-18 06:47 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\skypePM 2008-01-03 18:06 . 2008-01-03 18:06 32 --a------ C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat 2008-01-03 18:05 . 2008-01-18 14:44 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Skype 2008-01-03 18:04 . 2008-01-03 18:04 d-------- C:\Program Files\Skype 2008-01-03 18:04 . 2008-01-03 18:04 d-------- C:\Program Files\Common Files\Skype 2008-01-03 18:04 . 2008-01-03 18:04 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Skype . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-03 16:58 6,656 ----a-w C:\WINDOWS\system32\directx.sys 2008-01-03 16:57 --------- d-----w C:\Program Files\Gadu-Gadu 2008-01-03 16:38 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\ATI 2008-01-03 16:26 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-01-03 16:26 --------- d-----w C:\Program Files\ATI Technologies 2008-01-03 16:23 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-03 15:39 --------- d-----w C:\Program Files\microsoft frontpage 2008-01-03 15:37 --------- d-----w C:\Program Files\Usługi online . ((((((((((((((((((((((((((((( snapshot@2008-01-05_15.00.02,99 ))))))))))))))))))))))))))))))))))))))))) . + 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE + 2008-01-18 13:48:57 237,568 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT + 2008-01-18 13:48:57 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat + 2008-01-18 13:48:57 237,568 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT + 2008-01-18 13:48:57 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat + 2008-01-18 13:48:57 1,396,736 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\NTUSER.DAT + 2008-01-18 13:48:57 163,840 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat + 2008-01-05 05:57:26 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2008-01-18 07:07:59 1,396,736 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT + 2008-01-18 07:08:00 163,840 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat + 2008-01-05 05:57:26 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-01-18 07:07:53 1,396,736 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT + 2008-01-18 07:07:53 163,840 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat + 2005-03-08 04:39:43 274,432 ----a-r C:\WINDOWS\LastGood.Tmp\System32\HPZc3212.dll - 2008-01-05 13:48:19 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2008-01-18 13:44:12 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - 2008-01-05 13:48:19 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat + 2008-01-18 13:44:12 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat - 2008-01-05 13:48:19 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat + 2008-01-18 13:44:12 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat + 2001-07-24 00:25:14 122,472 -c--a-w C:\WINDOWS\system32\dllcache\aec.sys + 2001-08-17 20:59:58 50,048 -c--a-w C:\WINDOWS\system32\dllcache\dmusic.sys + 2001-08-17 21:00:54 159,232 -c--a-w C:\WINDOWS\system32\dllcache\kmixer.sys + 2001-08-17 21:00:46 5,632 -c--a-w C:\WINDOWS\system32\dllcache\splitter.sys + 2001-08-17 21:00:52 54,272 -c--a-w C:\WINDOWS\system32\dllcache\swmidi.sys + 2001-08-18 05:24:46 79,616 -c--a-w C:\WINDOWS\system32\dllcache\wdmaud.sys + 2001-07-24 00:25:14 122,472 ----a-w C:\WINDOWS\system32\drivers\aec.sys + 2001-08-17 20:59:58 50,048 ----a-w C:\WINDOWS\system32\drivers\DMusic.sys + 2001-08-17 21:00:54 159,232 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys + 2001-08-17 21:00:46 5,632 ----a-w C:\WINDOWS\system32\drivers\splitter.sys + 2001-08-17 21:00:52 54,272 ----a-w C:\WINDOWS\system32\drivers\swmidi.sys + 2001-08-17 22:03:20 21,760 ----a-w C:\WINDOWS\system32\drivers\USBSTOR.SYS + 2001-08-18 05:24:46 79,616 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys + 2005-03-08 04:41:42 196,608 ----a-w C:\WINDOWS\system32\hpzcoi12.dll + 2005-03-08 04:41:47 393,216 ----a-w C:\WINDOWS\system32\hpzcon12.dll + 2005-03-08 04:41:42 139,345 ----a-w C:\WINDOWS\system32\hpzlnt12.dll - 2008-01-03 16:25:57 52,900 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-01-05 14:20:58 52,900 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-01-03 16:25:57 67,298 ----a-w C:\WINDOWS\system32\perfc015.dat + 2008-01-05 14:20:58 67,298 ----a-w C:\WINDOWS\system32\perfc015.dat - 2008-01-03 16:25:57 380,486 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-01-05 14:20:58 380,486 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-01-03 16:25:57 436,322 ----a-w C:\WINDOWS\system32\perfh015.dat + 2008-01-05 14:20:58 436,322 ----a-w C:\WINDOWS\system32\perfh015.dat + 2005-04-12 12:50:52 179,968 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpop1512.dat + 2005-03-08 04:41:41 212,992 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpz2ku12.dll + 2005-03-08 04:41:46 299,008 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzcfg12.exe + 2005-03-08 04:41:42 196,608 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzcoi12.dll + 2005-03-08 04:41:47 393,216 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzcon12.dll + 2005-03-08 04:41:48 659,456 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzeng12.exe + 2005-03-08 04:41:49 69,632 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzflt12.dll + 2005-03-08 04:41:51 1,597,440 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzimc12.dll + 2005-03-08 04:41:54 352,256 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzime12.dll + 2005-03-08 04:41:57 2,150,400 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzims12.dll + 2005-03-08 04:42:01 225,280 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzjui12.dll + 2005-03-08 04:41:42 139,345 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzlnt12.dll + 2005-03-08 04:42:02 143,360 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzpcl12.dll + 2005-03-08 04:41:43 507,904 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzpm312.dll + 2005-03-08 04:42:03 331,776 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzpre12.exe + 2005-03-08 04:47:35 3,219,456 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzr3212.dll + 2005-03-08 04:42:04 372,736 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzres12.dll + 2005-03-08 04:47:37 1,773,568 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzrm312.dll + 2005-03-08 04:42:05 679,936 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzslk12.dll + 2005-03-18 03:32:53 180,315 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzsnt12.dll + 2005-03-08 04:42:06 401,408 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzstc12.exe + 2005-03-08 04:42:07 180,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzstw12.exe + 2005-03-08 04:42:08 61,440 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztbi12.dll + 2005-03-08 04:42:09 176,128 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztbu12.exe + 2005-03-08 04:42:10 7,348,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztbx12.exe + 2005-03-08 04:42:17 176,188 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzvip12.dll + 2005-04-12 12:50:52 179,968 ----a-r C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpop1512.dat + 2005-03-08 04:41:41 212,992 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpz2ku12.dll + 2005-03-08 04:41:46 299,008 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzcfg12.exe + 2005-03-08 04:41:42 196,608 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzcoi12.dll + 2005-03-08 04:41:47 393,216 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzcon12.dll + 2005-03-08 04:41:48 659,456 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzeng12.exe + 2005-03-08 04:41:49 69,632 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzflt12.dll + 2005-03-08 04:41:51 1,597,440 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzimc12.dll + 2005-03-08 04:41:54 352,256 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzime12.dll + 2005-03-08 04:41:57 2,150,400 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzims12.dll + 2005-03-08 04:42:01 225,280 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzjui12.dll + 2005-03-08 04:41:42 139,345 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzlnt12.dll + 2005-03-08 04:42:02 143,360 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzpcl12.dll + 2005-03-08 04:41:43 507,904 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzpm312.dll + 2005-03-08 04:42:03 331,776 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzpre12.exe + 2005-03-08 04:47:35 3,219,456 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzr3212.dll + 2005-03-08 04:42:04 372,736 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzres12.dll + 2005-03-08 04:47:37 1,773,568 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzrm312.dll + 2005-03-08 04:42:05 679,936 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzslk12.dll + 2005-03-18 03:32:53 180,315 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzsnt12.dll + 2005-03-08 04:42:06 401,408 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzstc12.exe + 2005-03-08 04:42:07 180,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzstw12.exe + 2005-03-08 04:42:08 61,440 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpztbi12.dll + 2005-03-08 04:42:09 176,128 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpztbu12.exe + 2005-03-08 04:42:10 7,348,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpztbx12.exe + 2005-03-08 04:42:17 176,188 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1500_series2609\hpzvip12.dll + 2006-12-01 21:56:00 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2006-12-01 21:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll + 2006-12-01 21:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll + 2006-12-01 21:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll + 2006-12-01 23:25:52 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll + 2006-12-01 23:25:56 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll + 2006-12-01 23:25:58 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll + 2006-12-01 23:26:00 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll + 2006-12-01 23:08:00 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll + 2006-12-01 23:08:00 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll + 2006-12-01 23:08:00 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll + 2006-12-01 23:08:00 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll + 2006-12-01 23:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll + 2006-12-01 23:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll + 2006-12-01 23:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll + 2006-12-01 23:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll + 2006-12-01 23:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll + 2006-12-01 23:46:44 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-10-26 18:29 13312] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2001-08-02 07:14 1077277] "Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-11-14 11:54 2131392] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-12-12 15:23 21686568] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-01-03 18:18 171448] "Microsoft Directxspnew"="directxnew.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "Microsoft Directxspnew"="directxnew.exe" [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 12:52 339968] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2004-08-25 14:25 28672] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "aol"="C:\Program Files\AOL\Active Virus Shield\avp.exe" [2006-05-30 12:13 139367] "TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-01-03 17:11 737872] "Cmaudio"="cmicnfg.cpl" [] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-10-26 18:29 13312] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2004-08-25 14:25 28672] S3 GVCplDrv;GVCplDrv;C:\WINDOWS\System32\drivers\GVCplDrv.sys [2004-05-02 09:47] S3 msdirectxnew;msdirectxnew;C:\Documents and Settings\Administrator\msdirectxnx.sys [] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-18 14:50:56 Windows 5.1.2600 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-01-18 14:51:40 ComboFix-quarantined-files.txt 2008-01-18 13:51:30 ComboFix2.txt 2008-01-05 14:07:49 ComboFix3.txt 2008-01-05 14:00:41