"Martyna" - 2008-01-29 12:41:08 - ComboFix 07-07-23.6 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\DOCUME~1\Martyna\Pulpit.\internet explorer.lnk C:\Program Files\DITel\malopolskie2007\images\html\wg\eko-labor_2269878_pliki\_desktop.ini ((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-29 ))))))))))))))))))))))))))))))) 2008-01-29 12:39 51,200 --a------ C:\WINDOWS\nircmd.exe 2008-01-29 09:55 d-------- C:\WINDOWS\system32\pl-pl 2008-01-29 09:53 d-------- C:\WINDOWS\network diagnostic 2008-01-28 15:36 d-------- C:\Program Files\Microsoft Games 2008-01-28 15:33 d-------- C:\Program Files\ArcaMicroScan 2008-01-28 13:52 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2008-01-28 13:52 d--h----- C:\WINDOWS\$hf_mig$ 2008-01-28 13:52 d-------- C:\WINDOWS\system32\PreInstall 2008-01-28 13:49 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\TEMP 2008-01-28 13:42 75,264 --a------ C:\WINDOWS\system32\unacev2.dll 2008-01-28 13:42 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll 2008-01-28 13:42 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll 2008-01-28 13:42 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll 2008-01-28 13:36 d-------- C:\WINDOWS\system32\SoftwareDistribution 2008-01-28 13:30 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2008-01-28 13:30 dr-h----- C:\DOCUME~1\ADMINI~1\Dane aplikacji 2008-01-28 13:30 dr------- C:\DOCUME~1\ADMINI~1\Menu Start 2008-01-28 13:30 d--h----- C:\DOCUME~1\ADMINI~1\Ustawienia lokalne 2008-01-28 13:30 d--h----- C:\DOCUME~1\ADMINI~1\Szablony 2008-01-28 13:30 d-------- C:\DOCUME~1\ADMINI~1\Ulubione 2008-01-28 13:30 d-------- C:\DOCUME~1\ADMINI~1\Pulpit 2008-01-28 13:30 d-------- C:\DOCUME~1\ADMINI~1\Moje dokumenty 2008-01-28 09:35 262,144 --a------ C:\DOCUME~1\ALLUSE~1\ntuser.dat 2008-01-28 09:31 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2008-01-28 09:31 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2008-01-28 09:31 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2008-01-28 09:31 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2008-01-28 09:31 499,712 --a------ C:\WINDOWS\system32\MSVCP71.dll 2008-01-28 09:31 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2008-01-28 09:31 348,160 --a------ C:\WINDOWS\system32\MSVCR71.dll 2008-01-28 09:31 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2008-01-28 09:31 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2008-01-28 09:31 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-01-28 09:31 d-------- C:\Program Files\Alwil Software 2008-01-26 12:23 d-------- C:\Program Files\Gadu-Gadu 2008-01-26 12:23 d-------- C:\DOCUME~1\Martyna\Gadu-Gadu 2008-01-26 12:17 d-------- C:\Program Files\GG 2008-01-19 15:12 d-------- C:\Program Files\Juz w szkole klasa 3b 2008-01-03 14:00 d-------- C:\Program Files\MadOnion.com 2008-01-03 13:56 dr-hs---- C:\Recycled 2008-01-03 13:56 d-------- C:\Program Files\HD Tune (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2008-01-28 15:19:30 50,748 ----a-w C:\WINDOWS\system32\perfc015.dat 2008-01-28 15:19:30 358,702 ----a-w C:\WINDOWS\system32\perfh015.dat 2008-01-28 15:03:19 -------- d-----w C:\Program Files\Common Files\InstallShield 2008-01-03 13:00:09 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-03 13:33:30 -------- d-----w C:\Program Files\Juz w szkole klasa 1 2007-12-03 13:18:32 -------- d-----w C:\Program Files\Juz w szkole klasa 2b 2007-12-03 13:06:35 -------- d-----w C:\Program Files\Juz w szkole klasa 2a 2007-11-30 13:57:17 -------- d-----w C:\Program Files\Juz w szkole klasa 3a 2007-11-30 13:56:58 -------- d-----w C:\Program Files\Common Files\YDP ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nwiz"="nwiz.exe" [2006-06-01 10:22 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="NvMCTray.dll" [2006-06-01 10:22 C:\WINDOWS\system32\nvmctray.dll] "SoundMan"="SOUNDMAN.EXE" [2006-06-20 22:42 C:\WINDOWS\soundman.exe] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-01-30 20:13] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-03 23:55] "Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2006-02-17 14:03] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ PLANET WL-3565 Utility.lnk - C:\Program Files\PLANET\Common\RaUI.exe [2007-10-24 16:00:50] R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys R3 MTsensor;ATK0110 ACPI UTILITY;C:\WINDOWS\system32\DRIVERS\ASACPI.sys S3 GVCplDrv;GVCplDrv;C:\WINDOWS\system32\drivers\GVCplDrv.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{194d9c1e-b9fb-11dc-9cee-00304f4f5e75}] AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe Open(&0)\command- G:\Recycled\ctfmon.exe ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-29 12:41:50 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden registry entries ... [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\A\1\5\1c] "Order"=hex:08,00,00,00,02,00,00,00,b8,01,00,00,01,00,00,00,04,00,00,00,8c,.. scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2008-01-29 12:42:11 C:\ComboFix-quarantined-files.txt ... 2008-01-29 12:42 --- E O F ---