ComboFix 07-06-21.3 - C:\Documents and Settings\Jasiek\Pulpit\ComboFix.exe "Jasiek" - 2007-06-22 10:52:00 NTFS [SAFE MODE] ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Program Files\MyGlobalSearch C:\Program Files\MyGlobalSearch\bar\1.bin\M9FFXTBR.JAR C:\Program Files\MyGlobalSearch\bar\1.bin\M9FFXTBR.MANIFEST C:\Program Files\MyGlobalSearch\bar\1.bin\M9NTSTBR.JAR C:\Program Files\MyGlobalSearch\bar\1.bin\M9NTSTBR.MANIFEST C:\Program Files\MyGlobalSearch\bar\1.bin\M9PLUGIN.DLL C:\Program Files\MyGlobalSearch\bar\1.bin\NPMYGLSH.DLL C:\Program Files\MyGlobalSearch\bar\Cache\0016E2EE C:\Program Files\MyGlobalSearch\bar\Cache\01FC0F9F.bin C:\Program Files\MyGlobalSearch\bar\Cache\01FC1248.bin C:\Program Files\MyGlobalSearch\bar\Cache\01FC1465.bin C:\Program Files\MyGlobalSearch\bar\Cache\files.ini C:\Program Files\MyGlobalSearch\bar\History\search C:\Program Files\MyGlobalSearch\bar\Settings\prevcfg.htm C:\WINDOWS\system32\msxml3a.dll ((((((((((((((((((((((((( Files Created from 2007-05-22 to 2007-06-22 ))))))))))))))))))))))))))))))) 2007-06-22 10:28 765,440 --a------ C:\WINDOWS\system32\WINNTBBU.DLL 2007-06-22 10:28 504,832 --a------ C:\WINDOWS\system32\logonui.exe 2007-06-22 10:28 317,952 --a------ C:\WINDOWS\system32\zipfldr.dll 2007-06-22 10:28 276,480 --a------ C:\WINDOWS\system32\winsrv.dll 2007-06-22 10:28 151,832 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-06-22 10:27 971,264 --a------ C:\WINDOWS\system32\msgina.dll 2007-06-22 10:27 934,912 --a------ C:\WINDOWS\system32\syssetup.dll 2007-06-22 10:27 88,576 --a------ C:\WINDOWS\system32\mydocs.dll 2007-06-22 10:27 84,992 --a------ C:\WINDOWS\system32\ahui.exe 2007-06-22 10:27 80,896 --a------ C:\WINDOWS\system32\cabview.dll 2007-06-22 10:27 67,072 --a------ C:\WINDOWS\notepad.exe 2007-06-22 10:27 66,560 --a------ C:\WINDOWS\system32\console.dll 2007-06-22 10:27 648,192 --a------ C:\WINDOWS\system32\rasdlg.dll 2007-06-22 10:27 62,464 --a------ C:\WINDOWS\system32\cleanmgr.exe 2007-06-22 10:27 571,904 --a------ C:\WINDOWS\system32\wiashext.dll 2007-06-22 10:27 562,688 --a------ C:\WINDOWS\system32\shdoclc.dll 2007-06-22 10:27 530,432 --a------ C:\WINDOWS\system32\printui.dll 2007-06-22 10:27 52,736 --a------ C:\WINDOWS\system32\narrator.exe 2007-06-22 10:27 503,296 --a------ C:\WINDOWS\system32\mstscax.dll 2007-06-22 10:27 420,864 --a------ C:\WINDOWS\system32\shimgvw.dll 2007-06-22 10:27 416,768 --a------ C:\WINDOWS\system32\wiaacmgr.exe 2007-06-22 10:27 386,560 --a------ C:\WINDOWS\system32\themeui.dll 2007-06-22 10:27 382,976 --a------ C:\WINDOWS\system32\cmd.exe 2007-06-22 10:27 363,008 --a------ C:\WINDOWS\system32\fontext.dll 2007-06-22 10:27 342,016 --a------ C:\WINDOWS\system32\mspaint.exe 2007-06-22 10:27 319,488 --a------ C:\WINDOWS\system32\cmdial32.dll 2007-06-22 10:27 27,136 --a------ C:\WINDOWS\system32\batmeter.dll 2007-06-22 10:27 253,440 --a------ C:\WINDOWS\system32\mstask.dll 2007-06-22 10:27 240,128 --a------ C:\WINDOWS\system32\newdev.dll 2007-06-22 10:27 219,648 --a------ C:\WINDOWS\system32\logon.scr 2007-06-22 10:27 185,344 --a------ C:\WINDOWS\system32\moricons.dll 2007-06-22 10:27 162,816 --a------ C:\WINDOWS\system32\credui.dll 2007-06-22 10:27 147,968 --a------ C:\WINDOWS\system32\keymgr.dll 2007-06-22 10:27 139,264 --a------ C:\WINDOWS\system32\sndvol32.exe 2007-06-22 10:27 138,752 --a------ C:\WINDOWS\system32\ntshrui.dll 2007-06-22 10:27 138,240 --a------ C:\WINDOWS\system32\hotplug.dll 2007-06-22 10:27 137,216 --a------ C:\WINDOWS\regedit.exe 2007-06-22 10:27 136,704 --a------ C:\WINDOWS\system32\netid.dll 2007-06-22 10:27 132,608 --a------ C:\WINDOWS\system32\taskmgr.exe 2007-06-22 10:27 125,440 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-06-22 10:27 117,760 --a------ C:\WINDOWS\system32\stobject.dll 2007-06-22 10:27 117,760 --a------ C:\WINDOWS\system32\inetcplc.dll 2007-06-22 10:27 115,200 --a------ C:\WINDOWS\system32\calc.exe 2007-06-22 10:27 104,448 --a------ C:\WINDOWS\system32\sysocmgr.exe 2007-06-22 10:27 1,853,952 --a------ C:\WINDOWS\explorer.exe 2007-06-22 10:27 1,625,600 --a------ C:\WINDOWS\system32\netshell.dll 2007-06-21 22:34 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-20 13:41 d-------- C:\DOCUME~1\Jasiek\DANEAP~1\Zylom 2007-06-14 22:59 d-------- C:\Program Files\Gran Paradiso 2007-06-04 21:12 202,763 --a------ C:\WINDOWS\system32\uxtheme.dll 2007-06-04 20:55 5,802 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-22 08:54:44 -------- d-----w C:\DOCUME~1\Jasiek\DANEAP~1\foobar2000 2007-06-22 08:46:47 -------- d-----w C:\Program Files\AskPBar 2007-06-22 08:32:55 -------- d-----w C:\Program Files\Movie Maker 2007-06-21 19:26:36 -------- d-----w C:\Program Files\Desktop Sidebar 2007-06-21 19:23:11 -------- d-----w C:\Program Files\Winamp 2007-06-21 19:22:20 -------- d-----w C:\Program Files\3GP Player 2007-06-21 19:21:23 -------- d-----w C:\Program Files\Mozilla Thunderbird 2007-06-21 19:15:17 -------- d-----w C:\Program Files\GoldLeo Auido Converter 2007-06-21 19:14:54 -------- d-----w C:\Program Files\Stardock 2007-06-21 19:14:14 -------- d-----w C:\Program Files\BitTorrent 2007-06-21 19:12:52 -------- d-----w C:\Program Files\eMule 2007-06-21 19:11:36 -------- d-----w C:\Program Files\Zylom Games 2007-06-21 18:46:09 -------- d-----w C:\Program Files\AudioConvert 2007-06-21 11:04:02 -------- d-----w C:\Program Files\FlashGet 2007-06-20 11:48:21 24 ----a-w C:\WINDOWS\popcinfo.dat 2007-06-10 11:41:50 2,141 ----a-w C:\WINDOWS\unins002.dat 2007-06-10 11:41:48 73,392 ----a-w C:\WINDOWS\unins002.exe 2007-06-10 11:41:47 -------- d-----w C:\Program Files\kswiat 2007-06-05 12:02:52 -------- d-----w C:\DOCUME~1\Jasiek\DANEAP~1\Desktop Sidebar 2007-06-04 19:12:54 53,131 ----a-w C:\WINDOWS\BricoPackUninst.cmd 2007-05-17 06:35:24 -------- d-----w C:\DOCUME~1\Jasiek\DANEAP~1\BitTorrent 2007-05-16 19:11:26 -------- d-----w C:\DOCUME~1\Jasiek\DANEAP~1\FlashGet 2007-05-15 13:05:57 -------- d-----w C:\Program Files\Wierszownik 2007-05-11 22:04:48 -------- d-----w C:\Program Files\Gadu-Gadu 2007-05-07 16:07:16 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE 2007-05-07 16:01:31 -------- d-----w C:\Program Files\SpeedBit Video Accelerator 2007-05-05 19:32:20 -------- d-----w C:\Program Files\WapSter 2007-05-03 13:46:12 -------- d--h--w C:\Program Files\WindowsUpdate 2007-05-03 11:16:09 -------- d-----w C:\Program Files\foobar2000 2007-05-01 12:36:11 -------- d-----w C:\DOCUME~1\Jasiek\DANEAP~1\MusicIP 2007-04-30 19:42:19 -------- d-----w C:\Program Files\Kaspersky Lab 2007-04-30 17:01:35 -------- d-----w C:\Program Files\DAEMON Tools 2007-04-26 13:34:45 15,969 ----a-w C:\WINDOWS\mozver.dat 2007-04-07 08:46:25 552 ----a-w C:\WINDOWS\system32\d3d8caps.dat 2007-04-05 16:48:21 56,325 ----a-w C:\glass2k.exe 2007-03-27 08:06:52 1,881,856 ----a-w C:\WINDOWS\system32\kernel1.exe 2007-03-25 08:38:50 50,968 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-03-25 08:38:50 359,046 ----a-w C:\WINDOWS\system32\perfh015.dat ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {0A94B111-4504-4e26-AB05-E61E474AA38B}=C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL [] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [2006-12-15 04:23] {F4D76F01-7896-458a-890F-E1F05C46069F}=C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL [2007-05-07 17:58] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="NvQTwk" [] "nwiz"="nwiz.exe" [2002-07-16 13:16 C:\WINDOWS\system32\nwiz.exe] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-10-30 14:00] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, msnsspc.dll, digest.dll *Newly Created Service* - BTTUNER *Newly Created Service* - BTXBAR Contents of the 'Scheduled Tasks' folder 2007-05-28 08:59:40 C:\WINDOWS\tasks\AppleSoftwareUpdate.job ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-22 11:04:21 Windows 5.1.2600 NTFS scanning hidden processes ... cmd.exe [328] scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-22 11:05:47 C:\ComboFix-quarantined-files.txt ... 2007-06-22 11:05 --- E O F ---