ComboFix 07-06-13.3 - C:\Documents and Settings\Szymon\Pulpit\tymczas\ComboFix.exe "Szymon" - 2007-06-13 21:54:15 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-13 to 2007-06-13 ))))))))))))))))))))))))))))))) 2007-06-13 21:53 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-07 22:53 d-------- C:\Program Files\Lonely Cat Games 2007-06-07 22:06 d-------- C:\signing_files 2007-06-07 22:03 d-------- C:\Program Files\Symbian OS Tools 2007-06-07 22:03 d-------- C:\Program Files\Common Files\Symbian 2007-06-03 14:38 d----c--- C:\WINDOWS\system32\DRVSTORE 2007-06-03 13:47 9,264 -ra------ C:\WINDOWS\system32\drivers\zebrmdfl.sys 2007-06-03 13:47 84,960 -ra------ C:\WINDOWS\system32\drivers\zebrsce.sys 2007-06-03 13:47 66,656 --a------ C:\WINDOWS\system32\drivers\zebrbus.sys 2007-06-03 13:47 6,176 -ra------ C:\WINDOWS\system32\drivers\zebrcmnt.sys 2007-06-03 13:47 6,176 -ra------ C:\WINDOWS\system32\drivers\zebrcm.sys 2007-06-03 13:47 100,672 -ra------ C:\WINDOWS\system32\drivers\zebrmdmc.sys 2007-06-03 13:47 100,640 -ra------ C:\WINDOWS\system32\drivers\zebrmdm.sys 2007-06-03 13:41 d-------- C:\Program Files\QuickTime 2007-06-03 13:27 53,408 -ra------ C:\WINDOWS\system32\drivers\zebrceb.sys 2007-06-03 13:27 5,872 --a------ C:\WINDOWS\system32\drivers\zebrwhnt.sys 2007-06-03 13:27 5,872 --a------ C:\WINDOWS\system32\drivers\zebrwh.sys 2007-06-03 13:27 d-------- C:\Program Files\Symbian 2007-06-03 13:27 d-------- C:\Program Files\Sony Ericsson 2007-06-03 13:27 d-------- C:\Program Files\Intuwave 2007-06-03 13:27 d-------- C:\Program Files\Common Files\Sony Ericsson Shared 2007-06-03 13:27 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Teleca 2007-06-03 13:27 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Sony Ericsson 2007-06-03 13:13 146 --a------ C:\WINDOWS\DelMR.bat 2007-06-02 12:07 21,104,416 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-06-02 12:07 183,840 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-06-02 12:07 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Kaspersky Lab 2007-05-29 21:12 d-------- C:\Program Files\Kaspersky Lab 2007-05-29 21:06 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Kaspersky Lab Setup Files 2007-05-29 17:16 d-------- C:\DOCUME~1\Szymon\DANEAP~1\Teleca 2007-05-29 17:13 d-------- C:\DOCUME~1\Szymon\DANEAP~1\Apple Computer 2007-05-29 17:10 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Apple Computer 2007-05-29 17:03 d-------- C:\Program Files\Disc2Phone 2007-05-29 17:01 d-------- C:\Program Files\Common Files\Teleca Shared 2007-05-29 17:01 d-------- C:\DOCUME~1\Szymon\DANEAP~1\Sony Ericsson (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-13 20:50:36 -------- d-----w C:\DOCUME~1\Szymon\DANEAP~1\Skype 2007-06-13 20:42:11 155,656 ----a-w C:\WINDOWS\system32\bpk.dat 2007-06-12 21:14:20 80,444 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-06-12 21:14:20 460,894 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-06-12 20:43:25 -------- d-----w C:\Program Files\eMule 2007-06-11 20:08:09 -------- d-----w C:\Program Files\English Translator 3 2007-06-07 21:03:55 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-06-02 13:55:43 -------- d-----w C:\DOCUME~1\Szymon\DANEAP~1\Help 2007-05-29 15:36:07 -------- d-----w C:\Program Files\ABC 2007-05-16 15:18:58 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-04-25 14:23:30 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-21 22:26:48 -------- d-----w C:\Program Files\Google 2007-04-21 17:06:26 -------- d-----w C:\Program Files\Skype 2007-04-21 17:06:26 -------- d-----w C:\Program Files\Common Files\Skype 2007-04-20 13:52:14 -------- d-----w C:\Program Files\CCleaner 2007-04-18 16:14:32 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-16 21:47:36 33,624 -c--a-w C:\WINDOWS\system32\wups.dll 2007-04-16 21:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-16 21:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-16 21:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-16 21:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-16 21:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 21:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-16 21:45:20 43,352 -c--a-w C:\WINDOWS\system32\wups2.dll 2007-04-15 16:32:49 -------- d-----w C:\Program Files\MultiRes 2007-04-15 16:32:34 451,072 ----a-w C:\WINDOWS\Radeon Omega Drivers v3.8.330 Uninstall.exe 2007-04-13 12:11:43 -------- d-----w C:\Program Files\ABBYY FineReader 5.0 Sprint 2007-04-13 12:11:27 -------- d-----w C:\Program Files\ABBYY FineReader 6.0 2007-04-13 12:11:11 -------- d-----w C:\Program Files\FaxTools 2007-04-13 12:03:51 -------- d-----w C:\Program Files\Lexmark 1200 Series 2007-03-24 10:10:28 737,280 -c--a-w C:\WINDOWS\iun6002.exe 2007-03-19 15:04:06 286,720 ----a-w C:\WINDOWS\iun506.exe 2007-03-17 13:45:36 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 01:56] {22BF413B-C6D2-4d91-82A9-A0F997BA588C}=C:\PROGRA~1\Skype\Phone\IEPlugin\SkypeIEPlugin.dll [2007-03-30 13:31] {53707962-6F74-2D53-2644-206D7942484F}=C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 01:04] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 16:21] {AE7CD045-E861-484f-8273-0445EE161910}=C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 02:13] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AtiPTA"="atiptaxx.exe" [2006-02-22 02:05 C:\WINDOWS\system32\atiptaxx.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "LinkResolveIgnoreLinkInfo"=0 (0x0) "NoResolveSearch"=1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoFavoritesMenu"=00000000 "NoFind"=00000000 "NoRun"=0 (0x0) "NoLogOff"=0 (0x0) "NoClose"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs BthServ [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62fefbd0-2a11-11db-b913-806d6172696f}] AutoRun\command- G:\AUTORUN\AUTORUN.EXE ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-13 21:56:04 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet003\Services\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}] [HKEY_LOCAL_MACHINE\system\ControlSet003\Services\BTHPORT\Parameters\Services\{00001115-0000-1000-8000-00805f9b34fb}] Completion time: 2007-06-13 21:57:07 --- E O F ---