ComboFix 07-06-11.3 - C:\Documents and Settings\Leszek\Pulpit\ComboFix.exe "Leszek" - 2007-06-12 19:08:23 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-12 to 2007-06-12 ))))))))))))))))))))))))))))))) 2007-06-12 18:56 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-11 21:34 24,816 --a------ C:\WINDOWS\system32\mdimon.dll 2007-06-11 21:30 d-------- C:\Program Files\Microsoft.NET 2007-06-11 21:27 d-------- C:\WINDOWS\SHELLNEW 2007-06-11 15:31 d-------- C:\DOCUME~1\Leszek\DANEAP~1\Leadertech 2007-06-11 00:28 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-06-10 23:56 82,258 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-06-10 23:56 82,258 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-06-10 23:55 82,976 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-06-10 23:55 3,935,264 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-06-10 23:55 d-------- C:\Program Files\Kaspersky Lab 2007-06-10 23:55 d-------- C:\KAV 2007-06-10 23:55 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Kaspersky Lab 2007-06-10 19:47 d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-06-10 19:24 d-------- C:\Program Files\SkanerOnline 2007-06-10 19:16 d-------- C:\WINDOWS\PixArt 2007-06-10 19:16 d-------- C:\Program Files\PC Camer@ 2007-06-10 19:16 d-------- C:\Program Files\Common Files\PCCamera 2007-06-10 19:13 d-------- C:\WINDOWS\Downloaded Installations 2007-06-10 19:02 d-------- C:\Program Files\Common Files\Onet.pl 2007-06-10 19:02 d-------- C:\DOCUME~1\Leszek\DANEAP~1\Kamerzysta 2007-06-10 19:02 d-------- C:\DOCUME~1\Leszek\DANEAP~1\Czat 2007-06-10 19:02 d-------- C:\DOCUME~1\Leszek\DANEAP~1\AutoUpdate 2007-06-10 18:55 d-------- C:\DOCUME~1\LOCALS~1\Menu Start 2007-06-10 18:54 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll 2007-06-10 18:54 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll 2007-06-10 18:54 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2007-06-10 18:54 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll 2007-06-10 18:54 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2007-06-10 18:54 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll 2007-06-10 18:54 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2007-06-10 18:54 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll 2007-06-10 18:54 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll 2007-06-10 18:54 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll 2007-06-10 18:54 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll 2007-06-10 18:54 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll 2007-06-10 18:54 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll 2007-06-10 18:54 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll 2007-06-10 18:54 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-06-10 18:54 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll 2007-06-10 18:54 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll 2007-06-10 18:54 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2007-06-10 18:54 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll 2007-06-10 18:53 d-------- C:\WINDOWS\RegisteredPackages 2007-06-10 18:52 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll 2007-06-10 18:52 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe 2007-06-10 18:52 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2007-06-10 18:52 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe 2007-06-10 18:52 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll 2007-06-10 18:52 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll 2007-06-10 18:52 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll 2007-06-10 18:52 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll 2007-06-10 18:52 76,800 --a------ C:\WINDOWS\system32\dmscript.dll 2007-06-10 18:52 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll 2007-06-10 18:52 723,968 --a------ C:\WINDOWS\system32\dpnet.dll 2007-06-10 18:52 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2007-06-10 18:52 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll 2007-06-10 18:52 667,648 --a------ C:\WINDOWS\system32\dinput8.dll 2007-06-10 18:52 66,408 --a------ C:\WINDOWS\system32\dxdllreg.exe 2007-06-10 18:52 648,704 --a------ C:\WINDOWS\system32\dinput.dll 2007-06-10 18:52 64,512 --a------ C:\WINDOWS\system32\amstream.dll 2007-06-10 18:52 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll 2007-06-10 18:52 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll 2007-06-10 18:52 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys 2007-06-10 18:52 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2007-06-10 18:52 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2007-06-10 18:52 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll 2007-06-10 18:52 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys 2007-06-10 18:52 470,528 --a------ C:\WINDOWS\system32\qdvd.dll 2007-06-10 18:52 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll 2007-06-10 18:52 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2007-06-10 18:52 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-06-10 18:52 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys 2007-06-10 18:52 381,952 --a------ C:\WINDOWS\system32\dsound.dll 2007-06-10 18:52 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll 2007-06-10 18:52 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll 2007-06-10 18:52 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll 2007-06-10 18:52 33,280 --a------ C:\WINDOWS\system32\dmloader.dll 2007-06-10 18:52 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll 2007-06-10 18:52 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll 2007-06-10 18:52 316,928 --a------ C:\WINDOWS\system32\qdv.dll 2007-06-10 18:52 31,744 --a------ C:\WINDOWS\system32\pid.dll 2007-06-10 18:52 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll 2007-06-10 18:52 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll 2007-06-10 18:52 292,864 --a------ C:\WINDOWS\system32\ddraw.dll 2007-06-10 18:52 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe 2007-06-10 18:52 27,136 --a------ C:\WINDOWS\system32\dmband.dll 2007-06-10 18:52 257,024 --a------ C:\WINDOWS\system32\qcap.dll 2007-06-10 18:52 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll 2007-06-10 18:52 230,400 --a------ C:\WINDOWS\system32\dplayx.dll 2007-06-10 18:52 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll 2007-06-10 18:52 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll 2007-06-10 18:52 181,248 --a------ C:\WINDOWS\system32\dmime.dll 2007-06-10 18:52 18,944 --a------ C:\WINDOWS\system32\encapi.dll 2007-06-10 18:52 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2007-06-10 18:52 18,432 --a------ C:\WINDOWS\system32\dswave.dll 2007-06-10 18:52 173,056 --a------ C:\WINDOWS\system32\qasf.dll 2007-06-10 18:52 16,896 --a------ C:\WINDOWS\system32\msyuv.dll 2007-06-10 18:52 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe 2007-06-10 18:52 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-10 09:24:23 49,492 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-06-10 09:24:23 355,486 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-06-10 09:05:14 -------- d-----w C:\Program Files\Usługi online 2007-03-15 10:00:36 466,432 ----a-w C:\WINDOWS\system32\SkanerOnline.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38] "WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2003-10-16 18:07] "WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe" [2003-10-16 18:07] "Cmaudio"="cmicnfg.cpl" [] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Leszek^Menu Start^Programy^Autostart^Rejestrowanie produktów Corela.lnk] path=C:\Documents and Settings\Leszek\Menu Start\Programy\Autostart\Rejestrowanie produktów Corela.lnk backup=C:\WINDOWS\pss\Rejestrowanie produktów Corela.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] "D:\rozpakowane\Gadu-Gadu\gg.exe" /tray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Onet.pl AutoUpdate] "C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-12 19:12:38 Windows 5.1.2600 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-12 19:13:30 --- E O F ---