ComboFix 08-08-26.03 - Prezes 2008-08-27 22:43:09.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.312 [GMT 2:00]
Running from: D:\Programy\ComboFix.exe
Command switches used :: D:\Programy\CFScript.txt
 * Created a new restore point

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]

FILE ::
C:\WINDOWS\rodqgpvlosa.dll
C:\WINDOWS\rvoelbxt.exe
C:\WINDOWS\system32\amuhohay.dll
C:\WINDOWS\system32\mmx21991.dll
C:\WINDOWS\system32\mx21991.dll
C:\WINDOWS\system32\yahohuma.ini
.
  Error: Cfiles.dat

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\rodqgpvlosa.dll
C:\WINDOWS\rvoelbxt.exe
C:\WINDOWS\system32\amuhohay.dll
C:\WINDOWS\system32\mmx21991.dll
C:\WINDOWS\system32\mx21991.dll
C:\WINDOWS\system32\yahohuma.ini

.
(((((((((((((((((((((((((   Files Created from 2008-07-27 to 2008-08-27  )))))))))))))))))))))))))))))))
.

2008-08-27 18:58 . 2008-08-27 18:58	<DIR>	d--------	C:\Program Files\Trend Micro
2008-08-27 18:49 . 2008-08-27 18:49	<DIR>	d--------	C:\WINDOWS\system32\xircom
2008-08-27 18:49 . 2008-08-27 18:49	<DIR>	d--------	C:\WINDOWS\system32\oobe
2008-08-27 18:49 . 2008-08-27 18:49	<DIR>	d--------	C:\WINDOWS\srchasst
2008-08-27 18:49 . 2008-08-27 18:49	<DIR>	d--------	C:\WINDOWS\msagent
2008-08-27 18:49 . 2008-08-27 18:49	<DIR>	d--------	C:\Program Files\microsoft frontpage
2008-08-27 18:18 . 2008-08-27 18:18	<DIR>	d--------	C:\Program Files\Spybot - Search & Destroy
2008-08-27 18:18 . 2008-08-27 18:50	<DIR>	d--------	C:\D & S\All Users\Dane aplikacji\Spybot - Search & Destroy
2008-08-27 16:39 . 2008-08-27 16:39	850	--a------	C:\WINDOWS\system32\ProductTweaks.xml
2008-08-27 16:39 . 2008-08-27 16:39	385	--a------	C:\WINDOWS\system32\user_gensett.xml
2008-08-27 16:12 . 2008-08-27 16:12	<DIR>	d--------	C:\WINDOWS\system32\logs
2008-08-27 16:10 . 2008-08-27 16:10	<DIR>	d--------	C:\WINDOWS\system32\URTTemp
2008-08-27 16:09 . 2008-08-27 18:56	<DIR>	d--------	C:\Program Files\Common Files\BitDefender
2008-08-27 13:09 . 2008-05-27 19:26	765,952	---------	C:\WINDOWS\system32\dllcache\vgx.dll
2008-08-25 10:43 . 2008-08-25 10:43	<DIR>	d--------	C:\D & S\Prezes\Dane aplikacji\AdobeUM
2008-08-15 12:06 . 2008-08-15 12:06	<DIR>	d--------	C:\Program Files\Alcohol Soft
2008-08-15 12:06 . 2004-04-30 09:37	160,640	--a------	C:\WINDOWS\system32\drivers\a347bus.sys
2008-08-15 12:06 . 2004-04-30 09:33	5,248	--a------	C:\WINDOWS\system32\drivers\a347scsi.sys
2008-08-15 12:01 . 2008-08-15 12:01	<DIR>	d--------	C:\D & S\Prezes\Dane aplikacji\Gadu-Gadu
2008-08-15 11:57 . 2008-08-15 11:57	<DIR>	d--------	C:\Program Files\Gadu-Gadu
2008-08-15 11:57 . 2008-08-15 11:57	<DIR>	d--------	C:\D & S\Prezes\Gadu-Gadu
2008-08-15 11:43 . 2007-07-30 19:19	271,224	--a------	C:\WINDOWS\system32\mucltui.dll
2008-08-15 11:43 . 2007-07-30 19:19	207,736	--a------	C:\WINDOWS\system32\muweb.dll
2008-08-15 11:43 . 2007-07-30 19:18	30,072	--a------	C:\WINDOWS\system32\mucltui.dll.mui
2008-08-14 14:11 . 2008-08-14 14:11	<DIR>	d--------	C:\Program Files\ASUS
2008-08-14 13:25 . 2008-08-14 13:25	<DIR>	d--------	C:\Program Files\MSN Messenger
2008-08-14 13:20 . 2008-08-14 13:20	<DIR>	d--hsc---	C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-14 13:19 . 2008-08-14 13:19	<DIR>	d--------	C:\Program Files\Windows Live
2008-08-14 10:20 . 2008-06-14 19:36	273,024	---------	C:\WINDOWS\system32\drivers\bthport.sys
2008-08-14 10:20 . 2008-06-14 19:36	273,024	---------	C:\WINDOWS\system32\dllcache\bthport.sys
2008-08-13 23:30 . 2008-08-26 18:24	<DIR>	d--------	C:\D & S\Prezes\Dane aplikacji\skypePM
2008-08-13 23:30 . 2008-08-13 23:30	32	--a------	C:\D & S\All Users\Dane aplikacji\ezsid.dat
2008-08-13 23:29 . 2008-08-13 23:29	<DIR>	d--------	C:\Program Files\Skype
2008-08-13 23:29 . 2008-08-13 23:29	<DIR>	d--------	C:\Program Files\Common Files\Skype
2008-08-13 23:29 . 2008-08-26 22:45	<DIR>	d--------	C:\D & S\Prezes\Dane aplikacji\Skype
2008-08-13 23:29 . 2008-08-13 23:29	<DIR>	d--------	C:\D & S\All Users\Dane aplikacji\Skype
2008-08-13 16:36 . 2008-08-27 15:26	<DIR>	d--h-----	C:\WINDOWS\$hf_mig$
2008-08-13 16:36 . 2005-06-28 10:21	22,752	--a------	C:\WINDOWS\system32\spupdsvc.exe
2008-08-12 12:16 . 2008-08-14 14:14	69	--a------	C:\WINDOWS\NeroDigital.ini
2008-08-12 00:22 . 2008-08-12 00:22	<DIR>	d--------	C:\D & S\Prezes\Dane aplikacji\Ahead
2008-08-12 00:21 . 2008-08-12 00:21	<DIR>	d--------	C:\Program Files\Nero
2008-08-12 00:21 . 2008-08-12 00:21	<DIR>	d--------	C:\Program Files\Common Files\Ahead
2008-08-12 00:13 . 2008-08-12 00:13	<DIR>	d--------	C:\Program Files\ffdshow
2008-08-12 00:13 . 2008-06-08 23:58	60,273	--a------	C:\WINDOWS\system32\pthreadGC2.dll
2008-08-12 00:13 . 2008-03-28 19:41	7,680	--a------	C:\WINDOWS\system32\ff_vfw.dll
2008-08-12 00:13 . 2008-03-28 19:40	6,144	--a------	C:\WINDOWS\system32\ff_acm.acm
2008-08-12 00:13 . 2007-07-10 18:10	547	--a------	C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-08-12 00:12 . 2008-08-12 00:12	<DIR>	d--------	C:\D & S\Prezes\Dane aplikacji\BESTplayer
2008-08-11 00:13 . 2008-08-13 10:27	<DIR>	d--------	C:\D & S\Prezes\Dane aplikacji\Tibia
2008-08-11 00:13 . 2008-08-27 22:32	<DIR>	d-a------	C:\D & S\All Users\Dane aplikacji\TEMP
2008-08-11 00:12 . 2008-08-27 19:59	<DIR>	d--------	C:\Program Files\TibiaBot NG
2008-08-11 00:03 . 2008-08-11 00:03	<DIR>	d--------	C:\Program Files\WapSter
2008-08-11 00:03 . 2008-08-11 00:04	<DIR>	d--------	C:\D & S\Prezes\WapSter
2008-08-11 00:00 . 2008-08-11 00:00	<DIR>	d--------	C:\Program Files\Winamp
2008-08-11 00:00 . 2008-08-11 00:01	<DIR>	d--------	C:\D & S\Prezes\Dane aplikacji\Winamp
2008-08-10 23:58 . 2008-08-10 23:58	<DIR>	d--------	C:\Program Files\DAEMON Tools
2008-08-10 23:58 . 2008-08-10 23:58	223,128	--a------	C:\WINDOWS\system32\drivers\dtscsi.sys
2008-08-10 23:56 . 2008-08-10 23:56	642,560	--a------	C:\WINDOWS\system32\drivers\sptd.sys
2008-08-10 23:56 . 2008-08-10 23:56	96,384	--a------	C:\WINDOWS\system32\drivers\sptd0477.sys
2008-08-10 23:55 . 2008-08-11 22:21	<DIR>	d--------	C:\Program Files\BitComet_0.70
2008-08-10 23:54 . 2008-08-10 23:54	<DIR>	d--------	C:\Program Files\Common Files\Adobe
2008-08-10 23:34 . 2008-08-10 23:34	<DIR>	d--------	C:\Program Files\Opera
2008-08-10 23:31 . 2008-04-14 00:16	11,136	--a------	C:\WINDOWS\system32\drivers\SLIP.sys
2008-08-10 23:31 . 2008-08-10 23:31	552	--a------	C:\WINDOWS\system32\d3d8caps.dat
2008-08-10 23:30 . 2001-10-26 16:57	12,160	--a------	C:\WINDOWS\system32\drivers\mouhid.sys
2008-08-10 23:23 . 2008-04-14 21:50	14,720	--a------	C:\WINDOWS\system32\drivers\kbdhid.sys
2008-08-10 23:11 . 2008-08-10 23:11	<DIR>	d--h-----	C:\Program Files\InstallShield Installation Information
2008-08-10 23:11 . 2008-08-10 23:11	<DIR>	d--------	C:\Program Files\Common Files\InstallShield
2008-08-10 23:11 . 2008-08-10 23:11	<DIR>	d--------	C:\Program Files\C-Media 3D Audio
2008-08-10 23:11 . 2003-08-05 14:23	266,240	--a------	C:\WINDOWS\CMIUninstall.exe
2008-08-10 23:11 . 2003-07-22 11:15	225,280	--a------	C:\WINDOWS\CmiRmRedundDir.exe
2008-08-10 23:11 . 2002-08-20 08:58	139,264	-ra------	C:\WINDOWS\system32\IDEproperty.dll
2008-08-10 23:11 . 2002-10-17 09:14	49,024	-ra------	C:\WINDOWS\system32\drivers\sisidex.sys
2008-08-10 23:11 . 2002-10-18 15:56	28,672	--a------	C:\WINDOWS\CMIRmDriver.dll
2008-08-10 23:11 . 2002-08-20 11:19	9,472	-ra------	C:\WINDOWS\system32\drivers\sisperf.sys
2008-08-10 23:11 . 2003-03-25 11:50	4,096	-ra------	C:\WINDOWS\system32\drivers\siside.sys
2008-08-10 23:02 . 2008-08-10 23:02	<DIR>	d--------	C:\Program Files\SiSLan
2008-08-10 23:02 . 2002-07-10 17:39	32,256	-ra------	C:\WINDOWS\system32\drivers\sisnic.sys
2008-08-10 22:57 . 2002-07-12 12:15	106,496	--a------	C:\WINDOWS\SiSUSBrg.exe
2008-08-10 22:57 . 2003-07-18 03:58	36,992	-ra------	C:\WINDOWS\system32\drivers\SISAGPX.SYS
2008-08-10 22:57 . 2002-01-02 09:40	32,768	--a------	C:\WINDOWS\SIS_LIB.DLL
2008-08-10 22:57 . 2001-12-07 04:11	3,583	--a------	C:\WINDOWS\SiSport.sys
2008-08-10 22:56 . 1998-01-23 14:15	304,640	--a------	C:\WINDOWS\IsUn0415.exe
2008-08-10 22:54 . 2000-03-29 16:17	5,824	--a------	C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2008-08-10 22:54 . 2008-08-14 14:09	1,574	--a------	C:\WINDOWS\Ascd_tmp.ini
2008-08-10 22:47 . 2008-04-14 00:06	44,672	--a------	C:\WINDOWS\system32\drivers\UAGP35.SYS
2008-08-10 21:45 . 2008-04-14 22:50	21,504	--a------	C:\WINDOWS\system32\hidserv.dll
2008-08-10 21:33 . 2008-04-14 22:51	129,536	--a------	C:\WINDOWS\system32\ksproxy.ax
2008-08-10 21:33 . 2008-04-14 00:16	121,984	--a------	C:\WINDOWS\system32\drivers\usbvideo.sys
2008-08-10 21:33 . 2008-04-14 22:51	91,648	--a------	C:\WINDOWS\system32\kswdmcap.ax
2008-08-10 21:33 . 2008-04-14 22:51	61,952	--a------	C:\WINDOWS\system32\kstvtune.ax
2008-08-10 21:33 . 2008-04-14 22:50	54,784	--a------	C:\WINDOWS\system32\vfwwdm32.dll
2008-08-10 21:33 . 2008-04-14 22:51	43,008	--a------	C:\WINDOWS\system32\ksxbar.ax
2008-08-10 21:33 . 2008-04-14 22:51	28,672	--a------	C:\WINDOWS\system32\vidcap.ax
2008-08-10 21:33 . 2008-04-14 22:51	20,992	--a------	C:\WINDOWS\system32\dshowext.ax
2008-08-10 21:33 . 2008-04-14 22:50	4,096	--a------	C:\WINDOWS\system32\ksuser.dll
2008-08-10 21:30 . 2008-04-14 00:15	32,128	--a------	C:\WINDOWS\system32\drivers\usbccgp.sys
2008-08-10 21:30 . 2008-04-14 00:15	10,368	--a------	C:\WINDOWS\system32\drivers\hidusb.sys
2008-08-10 21:27 . 2008-08-10 21:27	<DIR>	d--------	C:\WINDOWS\SiS
2008-08-10 19:03 . 2008-08-27 18:46	<DIR>	d--------	C:\temp
2008-08-10 19:02 . 2008-08-10 19:02	<DIR>	d--------	C:\D & S\Prezes\Dane aplikacji\Thinstall
2008-08-10 19:02 . 2008-08-13 23:39	156	--a------	C:\WINDOWS\Twunk001.MTX
2008-08-10 19:02 . 2008-08-13 23:39	2	--a------	C:\WINDOWS\Twain001.Mtx
2008-08-10 19:02 . 2008-08-10 19:02	0	--a------	C:\WINDOWS\Twunk002.MTX
2008-08-10 19:00 . 2008-08-27 22:44	<DIR>	d--h-----	C:\D & S\Prezes\Ustawienia lokalne
2008-08-10 19:00 . 2008-08-27 18:44	<DIR>	dr-------	C:\D & S\Prezes\Ulubione
2008-08-10 19:00 . 2008-08-10 18:55	<DIR>	d--h-----	C:\D & S\Prezes\Szablony
2008-08-10 19:00 . 2008-08-27 22:43	<DIR>	d--------	C:\D & S\Prezes\Pulpit
2008-08-10 19:00 . 2008-08-14 23:35	<DIR>	dr-------	C:\D & S\Prezes\Moje dokumenty
2008-08-10 19:00 . 2008-08-15 11:57	<DIR>	dr-------	C:\D & S\Prezes\Menu Start
2008-08-10 19:00 . 2008-08-27 18:56	<DIR>	dr-h-----	C:\D & S\Prezes\Dane aplikacji
2008-08-10 19:00 . 2008-08-27 22:39	<DIR>	d--------	C:\D & S\Prezes

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-10 16:55	---------	d-----w	C:\Program Files\Windows Media Connect 2
2008-07-15 22:22	32,768	----a-w	C:\WINDOWS\system32\drivers\sisnicxp.sys
2008-07-15 22:22	104,320	----a-w	C:\WINDOWS\system32\drivers\Rtnicxp.sys
2008-07-15 22:19	219,648	----a-w	C:\WINDOWS\system32\uxtheme.dll
2008-07-15 22:19	140,800	----a-w	C:\WINDOWS\system32\sfc_os.dll
2008-07-15 22:17	55,296	----a-w	C:\WINDOWS\system32\iesetup.dll
2008-07-15 22:17	48,128	----a-w	C:\WINDOWS\system32\mshtmler.dll
2008-07-15 22:17	45,568	----a-w	C:\WINDOWS\system32\mshta.exe
2008-07-15 22:17	40,960	----a-w	C:\WINDOWS\system32\licmgr10.dll
2008-07-15 22:17	36,352	----a-w	C:\WINDOWS\system32\imgutil.dll
2008-07-15 22:17	3,166,720	----a-w	C:\WINDOWS\system32\syssetup.dll
2008-07-15 22:17	26,112	----a-w	C:\WINDOWS\system32\idndl.dll
2008-07-15 22:17	24,576	----a-w	C:\WINDOWS\system32\nlsdl.dll
2008-07-15 22:17	23,552	----a-w	C:\WINDOWS\system32\normaliz.dll
2008-07-15 22:17	156,160	----a-w	C:\WINDOWS\system32\msls31.dll
2008-07-15 22:16	78,336	----a-w	C:\WINDOWS\system32\ieencode.dll
2008-07-15 22:16	71,680	----a-w	C:\WINDOWS\system32\admparse.dll
2008-07-15 22:16	17,408	----a-w	C:\WINDOWS\system32\corpol.dll
2008-07-15 21:44	99,840	----a-w	C:\WINDOWS\system32\wmpshell.dll
2008-07-15 21:44	8,277,504	----a-w	C:\WINDOWS\system32\wmploc.dll
2008-07-15 21:44	603,648	----a-w	C:\WINDOWS\system32\wmspdmod.dll
2008-07-15 21:44	4,096	----a-w	C:\WINDOWS\system32\wmvdmoe2.dll
2008-07-15 21:44	4,096	----a-w	C:\WINDOWS\system32\wmvdmod.dll
2008-07-15 21:44	4,096	----a-w	C:\WINDOWS\system32\wmsdmoe2.dll
2008-07-15 21:44	4,096	----a-w	C:\WINDOWS\system32\wmsdmod.dll
2008-07-15 21:44	314,880	----a-w	C:\WINDOWS\system32\wmpdxm.dll
2008-07-15 21:44	242,688	----a-w	C:\WINDOWS\system32\wmpasf.dll
2008-07-15 21:44	1,329,152	----a-w	C:\WINDOWS\system32\wmspdmoe.dll
2008-07-15 17:06	7,918,272	----a-w	C:\WINDOWS\system32\dxdiag.exe
2008-07-15 17:06	161,482,673	----a-w	C:\WINDOWS\system32\mspaint.exe
2008-07-15 17:05	9,491,227	----a-w	C:\WINDOWS\system32\cleanmgr.exe
2008-07-15 17:05	622,632	----a-w	C:\WINDOWS\system32\msconfig.exe
2008-07-11 10:14	4,145,152	----a-w	C:\WINDOWS\system32\logonui.exe
2008-07-07 20:29	253,952	----a-w	C:\WINDOWS\system32\es.dll
2008-07-07 20:29	253,952	------w	C:\WINDOWS\system32\dllcache\es.dll
2008-07-06 07:21	8,058,368	----a-w	C:\WINDOWS\system32\winntbbu.dll
2008-06-25 16:33	4,017,152	----a-w	C:\WINDOWS\system32\xpsp2res.dll
2008-06-24 16:46	74,240	----a-w	C:\WINDOWS\system32\mscms.dll
2008-06-24 16:46	74,240	------w	C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 08:42	3,592,192	------w	C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-23 09:23	70,656	------w	C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-06-23 09:23	625,664	------w	C:\WINDOWS\system32\dllcache\iexplore.exe
2008-06-23 09:20	13,824	------w	C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-21 05:23	161,792	------w	C:\WINDOWS\system32\dllcache\ieakui.dll
2008-06-20 17:48	246,784	----a-w	C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:48	246,784	------w	C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:48	147,968	------w	C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 14:42	1,562,112	----a-w	C:\WINDOWS\system32\wiashext.dll
2008-06-20 14:39	1,021,440	----a-w	C:\WINDOWS\system32\wiaacmgr.exe
2008-06-20 14:35	206,336	----a-w	C:\WINDOWS\system32\taskmgr.exe
2008-06-20 14:27	194,048	----a-w	C:\WINDOWS\system32\sysocmgr.exe
2008-06-20 14:05	3,965,952	----a-w	C:\WINDOWS\system32\shimgvw.dll
2008-06-20 13:49	721,920	----a-w	C:\WINDOWS\system32\shdoclc.dll
2008-06-20 13:48	1,060,864	----a-w	C:\WINDOWS\system32\rasdlg.dll
2008-06-20 13:36	1,141,760	----a-w	C:\WINDOWS\system32\printui.dll
2008-06-20 13:32	489,472	----a-w	C:\WINDOWS\system32\ntshrui.dll
2008-06-20 13:32	2,623,488	----a-w	C:\WINDOWS\system32\newdev.dll
2008-06-20 13:30	3,121,152	----a-w	C:\WINDOWS\system32\netshell.dll
2008-06-20 13:16	300,032	----a-w	C:\WINDOWS\system32\mstask.dll
2008-06-20 13:02	2,263,040	----a-w	C:\WINDOWS\explorer.exe
2008-06-20 12:46	454,144	----a-w	C:\WINDOWS\system32\cmdial32.dll
2008-06-20 11:51	361,600	------w	C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 11:40	138,496	------w	C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 11:08	225,856	------w	C:\WINDOWS\system32\dllcache\tcpip6.sys
.

------- Sigcheck -------

2008-04-14 21:59  2130432  666be8f75f42d0e1fb7e39b94c75cb84	C:\WINDOWS\system32\ntkrnlpa.exe
2008-05-16 15:48  2172544  4fe635042d54e2a2d31055d631b4bc48	C:\WINDOWS\system32\ReinstallBackups\[u]0[/u]000\DriverFiles\i386\ntkrnlpa.exe

2008-04-14 21:59  2251776  e038a76c1931126ce64f694dd2f148b7	C:\WINDOWS\system32\ntoskrnl.exe
2008-05-16 15:50  2295680  5a1adb52f5d35e284aa1136af439314e	C:\WINDOWS\system32\ReinstallBackups\[u]0[/u]000\DriverFiles\i386\ntoskrnl.exe

2008-06-20 15:02  2263040  331f366a4b20c610a7eac4790f94467a	C:\WINDOWS\explorer.exe
.
(((((((((((((((((((((((((((((   snapshot@2008-08-27_18.53.14.20   )))))))))))))))))))))))))))))))))))))))))
.
+ 2000-08-31 06:00:00	28,672	----a-w	C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00	212,480	----a-w	C:\WINDOWS\swxcacls.exe
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 12:15 106496]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-03 05:46 13529088]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-03 05:46 86016]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

C:\D & S\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A70001000000}\SC_Reader.exe [2008-08-10 23:54:07 25214]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)
"DisableStatusMessages"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoInstrumentation"= 1 (0x1)
"NoStartMenuMFUprogramsList"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoInstrumentation"= 1 (0x1)
"NoStartMenuMFUprogramsList"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.avis"= ff_acm.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\D & S\\Prezes\\Dane aplikacji\\Thinstall\\APCS3E\\4000005700003i\\mDNSResponder.exe"=
"C:\\Program Files\\WapSter\\AQQ\\AQQ.exe"=
"C:\\PROGRA~1\\WapSter\\AQQ\\AQQ.exe"=
"C:\\Program Files\\Opera\\opera.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"25694:TCP"= 25694:TCP:BitComet 25694 TCP
"25694:UDP"= 25694:UDP:BitComet 25694 UDP

S3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51;C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2008-07-16 00:22]
S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 00:15]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch	REG_MULTI_SZ   	DcomLaunch

*Newly Created Service* - CATCHME
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-27 22:44:21
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-27 22:45:24
ComboFix-quarantined-files.txt  2008-08-27 20:45:10
ComboFix2.txt  2008-08-27 16:53:57

Pre-Run: 16,536,211,456 bajt�w wolnych
Post-Run: 16,526,786,560 bajt�w wolnych

287	--- E O F ---	2008-08-27 13:27:26