"BartekK" - 2007-06-30 16:50:12 - ComboFix 07-06-27.7 - Dodatek Service Pack 2  NTFS  


(((((((((((((((((((((((((   Files Created from 2007-05-28 to 2007-06-30  )))))))))))))))))))))))))))))))


2007-06-30 16:49	49,152	--a------	C:\WINNT\nircmd.exe
2007-06-30 16:33	<DIR>	d--------	C:\WINNT\system32\ActiveScan
2007-06-30 16:33	<DIR>	d--------	C:\WINNT\LastGood
2007-06-30 16:15	<DIR>	d--------	C:\VundoFix Backups
2007-06-26 18:57	<DIR>	d--------	C:\Program Files\JoWooD
2007-06-23 21:16	743,136	--a------	C:\WINNT\system32\drivers\alcaudsl.sys
2007-06-23 21:16	53,168	--a------	C:\WINNT\system32\drivers\alcan5wn.sys
2007-06-23 21:16	5,632	--a------	C:\WINNT\system32\SMMSETUP.DLL
2007-06-23 21:16	5,607	--a------	C:\WINNT\system32\stci.dll
2007-06-23 21:16	5,312	--a------	C:\WINNT\system32\drivers\alcawh.sys
2007-06-23 21:16	49,152	--a------	C:\WINNT\system32\WooDial2000.dll
2007-06-23 21:16	48,128	--a------	C:\WINNT\system32\SMMSCRPT.DLL
2007-06-23 21:16	4,000	--a------	C:\WINNT\system32\drivers\alcacr.sys
2007-06-23 21:15	9,728	--a------	C:\WINNT\system32\rnaph.dll
2007-06-23 21:14	<DIR>	d--------	C:\Program Files\Wanadoo
2007-06-23 20:52	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\DANEAP~1\Azureus
2007-06-21 22:22	5,248	--a------	C:\WINNT\system32\drivers\a347scsi.sys
2007-06-21 22:22	160,640	--a------	C:\WINNT\system32\drivers\a347bus.sys
2007-06-21 22:21	<DIR>	d--------	C:\Program Files\Alcohol Soft
2007-06-21 16:57	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\DANEAP~1\nView_Profiles
2007-06-21 12:44	684	--a------	C:\WINNT\mozver.dat
2007-06-21 09:05	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\DANEAP~1\NVIDIA
2007-06-19 18:40	<DIR>	d--h-----	C:\WINNT\PIF
2007-06-18 12:43	<DIR>	d--------	C:\cda
2007-06-08 15:24	31,616	--a------	C:\WINNT\system32\drivers\usbccgp.sys
2007-06-06 22:16	8,704	--a------	C:\WINNT\system32\drivers\ggsemc.sys
2007-06-04 10:40	<DIR>	d--------	C:\Program Files\Disc2Phone
2007-06-04 10:38	<DIR>	d--------	C:\WINNT\SxsCaPendDel
2007-06-04 10:27	<DIR>	d--------	C:\WINNT\system32\URTTEMP
2007-06-04 10:25	<DIR>	d--------	C:\Program Files\Common Files\Teleca Shared
2007-06-04 10:25	<DIR>	d--------	C:\DOCUME~1\BartekK\DANEAP~1\Teleca
2007-06-04 10:25	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\Documents
2007-06-04 10:25	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\DANEAP~1\Sony Ericsson
2007-06-04 10:24	<DIR>	d--------	C:\Program Files\Sony Ericsson
2007-06-04 10:24	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\DANEAP~1\Teleca
2007-06-04 10:23	6,176	--a------	C:\WINNT\system32\drivers\w810cm.sys
2007-06-04 10:23	6,144	--a------	C:\WINNT\system32\drivers\k750cm.sys
2007-06-04 10:23	5,808	--a------	C:\WINNT\system32\drivers\w810wh.sys
2007-06-04 10:23	5,744	--a------	C:\WINNT\system32\drivers\k750wh.sys
2007-05-26 10:06	<DIR>	d--------	C:\DOCUME~1\LOCALS~1\DANEAP~1\CoreCodec
2007-05-26 09:42	<DIR>	d--------	C:\Program Files\GameSpot
2007-05-23 18:55	<DIR>	d--------	C:\Program Files\Common Files\Blizzard Entertainment
2007-05-13 15:42	<DIR>	d--------	C:\Program Files\VideoLAN
2007-05-13 15:33	<DIR>	d--------	C:\Program Files\OpenAL


((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-30 11:28:20	--------	d-----w	C:\DOCUME~1\BartekK\DANEAP~1\Azureus
2007-06-28 20:49:27	--------	d--h--w	C:\Program Files\InstallShield Installation Information
2007-06-27 08:25:00	--------	d-----w	C:\DOCUME~1\BartekK\DANEAP~1\foobar2000
2007-06-23 23:00:44	80,642	----a-w	C:\WINNT\system32\perfc015.dat
2007-06-23 23:00:44	460,446	----a-w	C:\WINNT\system32\perfh015.dat
2007-06-23 21:51:55	--------	d-----w	C:\Program Files\Winamp
2007-06-23 21:48:09	--------	d-----w	C:\Program Files\eMule
2007-06-23 19:09:02	--------	d-----w	C:\Program Files\Azureus
2007-06-23 17:01:08	--------	d-----w	C:\DOCUME~1\BartekK\DANEAP~1\SolidWorks
2007-06-21 13:22:55	--------	d-----w	C:\Program Files\DWGeditor
2007-06-21 12:30:38	--------	d-----w	C:\Program Files\DivX
2007-06-20 10:31:12	--------	d-----w	C:\Program Files\SlySoft
2007-06-04 08:44:13	--------	d-----w	C:\DOCUME~1\BartekK\DANEAP~1\My Games
2007-05-28 06:59:05	--------	d-----w	C:\Program Files\Opera
2007-05-16 15:30:57	683,520	----a-w	C:\WINNT\system32\inetcomm.dll
2007-05-13 13:33:29	409,600	----a-w	C:\WINNT\system32\wrap_oal.dll
2007-05-13 13:33:29	114,688	----a-w	C:\WINNT\system32\OpenAL32.dll
2007-05-13 07:57:13	--------	d-----w	C:\Program Files\Wolfenstein - Enemy Territory
2007-05-09 14:16:45	--------	d-----w	C:\Program Files\Magic Workstation
2007-05-09 11:18:13	--------	d-----w	C:\Program Files\Apple Software Update
2007-04-30 15:46:10	745,600	----a-w	C:\WINNT\system32\aswBoot.exe
2007-04-30 15:41:55	85,952	----a-w	C:\WINNT\system32\drivers\aswmon.sys
2007-04-30 15:41:42	94,552	----a-w	C:\WINNT\system32\drivers\aswmon2.sys
2007-04-30 15:39:41	23,416	----a-w	C:\WINNT\system32\drivers\aswRdr.sys
2007-04-30 15:38:51	43,176	----a-w	C:\WINNT\system32\drivers\aswTdi.sys
2007-04-30 15:37:23	26,888	----a-w	C:\WINNT\system32\drivers\aavmker4.sys
2007-04-30 15:35:28	95,872	----a-w	C:\WINNT\system32\AVASTSS.scr
2007-04-25 14:23:30	144,896	----a-w	C:\WINNT\system32\schannel.dll
2007-04-23 00:15:18	200,704	----a-w	C:\WINNT\system32\ssldivx.dll
2007-04-23 00:15:18	1,044,480	----a-w	C:\WINNT\system32\libdivx.dll
2007-04-18 16:14:32	2,854,400	----a-w	C:\WINNT\system32\msi.dll
2007-04-16 20:47:36	33,624	----a-w	C:\WINNT\system32\wups.dll
2007-04-16 20:45:54	1,710,936	----a-w	C:\WINNT\system32\wuaueng.dll
2007-04-16 20:45:48	549,720	----a-w	C:\WINNT\system32\wuapi.dll
2007-04-16 20:45:42	325,976	----a-w	C:\WINNT\system32\wucltui.dll
2007-04-16 20:45:36	203,096	----a-w	C:\WINNT\system32\wuweb.dll
2007-04-16 20:45:28	92,504	----a-w	C:\WINNT\system32\cdm.dll
2007-04-16 20:45:20	53,080	----a-w	C:\WINNT\system32\wuauclt.exe
2007-04-16 20:45:20	43,352	----a-w	C:\WINNT\system32\wups2.dll
2007-03-30 08:07:35	4,212	---h--w	C:\WINNT\system32\zllictbl.dat
2007-03-29 11:52:14	108,144	----a-w	C:\WINNT\system32\CmdLineExt.dll


(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
 
 
*Note* empty entries & legit default entries are not shown 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 21:38]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"RTHDCPL"="RTHDCPL.EXE" [2005-05-25 17:37 C:\WINNT\RTHDCPL.EXE]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 21:24]
"RegistryMechanic"="" []
"OFFICEKB"="C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe" [2006-12-24 19:58]
"nwiz"="nwiz.exe" [2006-10-22 13:22 C:\WINNT\system32\nwiz.exe]
"FLMOFFICE4DMOUSE"="C:\Program Files\Labtec\Mouse\2.1\moffice.exe" [2007-01-06 12:24]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48]
"Alcmtr"="ALCMTR.EXE" [2005-05-03 20:43 C:\WINNT\ALCMTR.EXE]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
"@"="" []
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17]
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 21:21]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:55]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2006-11-14 11:12]
"CTFMON.EXE"="C:\WINNT\system32\ctfmon.exe" [2004-08-04 02:44]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-11-24 16:38]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"nlsf"=cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll"
"tscuninstall"=%systemroot%\system32\tscupgrd.exe


Contents of the 'Scheduled Tasks' folder
2007-06-27 11:18:02  C:\WINNT\tasks\AppleSoftwareUpdate.job

**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-30 16:51:16
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-30 16:51:51

	--- E O F ---