ComboFix 07-06-21.3 - C:\Documents and Settings\a\Pulpit\ComboFix.exe "a" - 2007-06-21 12:15:05 - Dodatek Service Pack 2 ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\hosts C:\WINDOWS\system32\msxml3a.dll ((((((((((((((((((((((((( Files Created from 2007-05-21 to 2007-06-21 ))))))))))))))))))))))))))))))) 2007-06-21 12:14 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-21 07:40 d-------- C:\DOCUME~1\a\DANEAP~1\CrystalSpace 2007-06-21 07:40 d-------- C:\DOCUME~1\a\DANEAP~1\CrystalApp 2007-06-19 21:29 d-------- C:\Program Files\Disc2Phone 2007-06-19 16:58 d-------- C:\Program Files\Common Files\DirectX 2007-06-19 16:48 d-------- C:\Program Files\EA GAMES 2007-06-18 19:45 d-------- C:\Program Files\bfgclient 2007-06-18 19:45 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\BigFishGamesCache 2007-06-13 23:49 8 --a------ C:\WINDOWS\system32\Mwprdm20.dll 2007-06-13 23:49 d-------- C:\Program Files\Profiler-CAD 2.0 - Demo 2007-06-03 21:22 d-------- C:\Program Files\Common Files\Borland Shared 2007-06-03 21:20 95,484 --a------ C:\WINDOWS\system32\drivers\KMM4XNT.SYS 2007-06-03 21:20 24,576 --a------ C:\WINDOWS\system32\KMM4XNTD.DLL 2007-05-24 18:20 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-05-23 22:02 180,224 --a------ C:\WINDOWS\system32\xwsindex.exe 2007-05-23 22:00 d-------- C:\WINDOWS\system32\Xara 2007-05-23 21:59 110,592 --a------ C:\WINDOWS\system32\tsccvid.dll 2007-05-23 21:59 d-------- C:\Program Files\Xara 2007-05-23 21:39 848 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2007-05-23 21:37 d-------- C:\Program Files\Corel 2007-05-23 19:17 d-------- C:\Program Files\IrfanView 2007-05-23 13:15 d-------- C:\Program Files\Kazaa Lite Rewolucja 2007-05-23 13:15 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Kazaa Lite 2007-05-23 13:10 d-------- C:\Program Files\Soulseek (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-01 18:39:38 3,472 ----a-w C:\WINDOWS\mozver.dat 2007-05-19 17:49:24 -------- d-----w C:\Program Files\Onet 2007-05-16 15:18:58 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-05-05 15:33:12 3,222 ----a-w C:\WINDOWS\system32\tmp.reg 2007-05-05 15:15:46 -------- d-----w C:\Program Files\SmitfraudFix 2007-04-30 19:25:40 -------- d-----w C:\DOCUME~1\a\DANEAP~1\Gadu-Gadu 2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-04-30 15:41:56 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-04-30 15:39:42 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-04-30 15:38:52 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-04-30 15:37:24 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AvastSS.scr 2007-04-26 12:48:40 -------- d-----w C:\DOCUME~1\a\DANEAP~1\MusicIP 2007-04-25 18:01:24 -------- d-----w C:\Program Files\Alwil Software 2007-04-25 14:23:30 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-18 16:14:32 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-03-27 08:34:18 4,096 ----a-w C:\WINDOWS\d3dx.dat ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 11:56] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2005-04-15 04:01 C:\WINDOWS\SOUNDMAN.EXE] "NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 17:12] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-06 01:07] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 19:42] "WooCnxMon"="C:\PROGRA~1\NEOSTR~1\CnxMon.exe" [2003-10-16 18:07] "WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2003-10-16 18:07] "WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\taskbaricon.exe" [2003-10-16 18:07] "iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [2004-08-31 13:33] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12] "DAEMON Tools"="E:\Daemon\DAEMON Tools\daemon.exe" [2006-11-12 11:48] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-01 11:12] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42] "WinampAgent"="C:\Program Files\Winamp\Nowy folder\Winamp\winampa.exe" [2007-04-25 17:44] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages msv1_0 nwprovau [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H] AutoRun\command- H:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23e189cf-1c5a-11da-9ed8-806d6172696f}] AutoRun\command- I:\Bin\Assetup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c10496bf-927f-11da-ad64-806d6172696f}] AutoRun\command- H:\ASUSACPI.exe Contents of the 'Scheduled Tasks' folder 2007-03-20 17:46:20 C:\WINDOWS\tasks\AppleSoftwareUpdate.job