ComboFix 07-08-14.4 - "Rafaˆ" 2007-08-18 23:34:31.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.445 [GMT 2:00] * Created a new restore point ((((((((((((((((((((((((( Files Created from 2007-07-18 to 2007-08-18 ))))))))))))))))))))))))))))))) 2007-08-18 23:30 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-08-16 16:37 d-------- C:\Program Files\Cream Software 2007-08-16 16:37 d-------- C:\DOCUME~1\RAFA~1\DANEAP~1\Cream Software 2007-08-10 18:03 d-------- C:\angielski_tmp 2007-08-10 18:00 d-------- C:\Program Files\Edgard 2007-07-25 14:52 dr-h----- C:\DOCUME~1\RAFA~1\DANEAP~1\SecuROM 2007-07-24 21:51 d-------- C:\DOCUME~1\RAFA~1\DANEAP~1\Disney Interactive Studios 2007-07-23 23:11 108,144 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-07-23 13:31 86,016 --a------ C:\WINDOWS\system32\OpenAL32.dll 2007-07-23 13:31 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll 2007-07-23 13:31 413,696 --a------ C:\WINDOWS\system32\wrap_oal.dll 2007-07-23 13:31 d-------- C:\Program Files\OpenAL 2007-07-23 13:23 d-------- C:\DOCUME~1\RAFA~1\DANEAP~1\InstallShield 2007-07-22 23:45 d-------- C:\WINDOWS\system32\VIRepair 2007-07-22 23:26 220,672 --a--c--- C:\WINDOWS\system32\dllcache\logon.scr 2007-07-22 23:26 220,672 --a------ C:\WINDOWS\system32\logon.scr 2007-07-22 23:18 d-------- C:\WINDOWS\system32\VITrans 2007-07-21 23:08 d-------- C:\DOCUME~1\RAFA~1\DANEAP~1\Styler 2007-07-21 22:56 81,920 --a------ C:\WINDOWS\system32\closeapp.exe 2007-07-21 22:17 d-------- C:\DOCUME~1\RAFA~1\DANEAP~1\ViStart 2007-07-21 21:34 94,208 --a------ C:\WINDOWS\system32\pskill.exe 2007-07-21 21:34 8,636 --a------ C:\WINDOWS\system32\modifype.exe 2007-07-21 21:34 19,968 --a------ C:\WINDOWS\system32\reico.exe 2007-07-21 21:34 111,104 --a------ C:\WINDOWS\system32\Uharc.exe 2007-07-21 21:34 d-------- C:\VTPFiles 2007-07-21 20:31 d-------- C:\WINDOWS\xp2vista 2007-07-21 18:05 d-------- C:\WINDOWS\system32\NtmsData 2007-07-21 17:28 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2007-07-21 17:28 53,248 --------- C:\WINDOWS\system32\PAStiSvc.exe 2007-07-21 17:19 d-------- C:\WINDOWS\PixArt 2007-07-21 17:19 d-------- C:\Program Files\PC Camer@ 2007-07-21 17:19 d-------- C:\Program Files\Common Files\PCCamera 2007-07-21 17:14 d-------- C:\WINDOWS\Downloaded Installations 2007-07-21 17:03 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Bluetooth 2007-07-21 16:59 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys 2007-07-21 16:59 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys 2007-07-21 16:59 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS 2007-07-21 16:59 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys 2007-07-21 16:59 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys 2007-07-21 16:59 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys 2007-07-21 16:59 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys 2007-07-21 16:58 82,148 --------- C:\WINDOWS\system32\drivers\VcommMgr.sys 2007-07-21 16:58 77,824 -r------- C:\WINDOWS\system32\drivers\SioUi2k.dll 2007-07-21 16:58 7,680 --------- C:\WINDOWS\system32\btinstall.dll 2007-07-21 16:58 63,488 -r------- C:\WINDOWS\system32\drivers\wssbtr1f.sys 2007-07-21 16:58 61,312 --------- C:\WINDOWS\system32\drivers\VComm.sys 2007-07-21 16:58 54,784 --------- C:\WINDOWS\system32\drivers\vfwwdm32.dll 2007-07-21 16:58 51,169 -r------- C:\WINDOWS\system32\drivers\OXSER.SYS 2007-07-21 16:58 49,152 --------- C:\WINDOWS\system32\btfunc.dll 2007-07-21 16:58 48,556 -r------- C:\WINDOWS\system32\drivers\SktBt2k.sys 2007-07-21 16:58 48,076 -r------- C:\WINDOWS\system32\drivers\Sio9502k.sys 2007-07-21 16:58 40,960 -r------- C:\WINDOWS\system32\drivers\SCTray.exe 2007-07-21 16:58 28,271 --------- C:\WINDOWS\system32\drivers\BTHidMgr.sys 2007-07-21 16:58 23,000 --------- C:\WINDOWS\system32\drivers\btcusb.sys 2007-07-21 16:58 20,480 --------- C:\WINDOWS\system32\drivers\blueletaudio.sys 2007-07-21 16:58 148,830 --------- C:\WINDOWS\system32\drivers\bcbthub.sys 2007-07-21 16:58 13,304 --------- C:\WINDOWS\system32\drivers\BTNetFilter.sys 2007-07-21 16:58 116,021 --------- C:\WINDOWS\system32\drivers\fw203x.sys 2007-07-21 16:58 11,860 --------- C:\WINDOWS\system32\drivers\vbtenum.sys 2007-07-21 16:58 11,736 --------- C:\WINDOWS\system32\drivers\VHIDMini.sys 2007-07-21 16:58 10,804 --------- C:\WINDOWS\system32\drivers\BtNetDrv.sys 2007-07-21 16:58 d-------- C:\Program Files\IVT Corporation (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-08-18 21:50 --------- d-------- C:\DOCUME~1\RAFA~1\DANEAP~1\uTorrent 2007-08-17 19:57 --------- d-------- C:\DOCUME~1\RAFA~1\DANEAP~1\MegauploadToolbar 2007-08-12 20:57 --------- d-------- C:\DOCUME~1\RAFA~1\DANEAP~1\Skype 2007-08-12 13:21 --------- d-------- C:\Program Files\Soulseek 2007-08-09 18:13 --------- d-------- C:\Program Files\NAPI-PROJEKT 2007-07-24 21:50 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-07-04 16:03 --------- d-------- C:\DOCUME~1\RAFA~1\DANEAP~1\Activision 2007-07-02 15:53 --------- d-------- C:\Program Files\WinAVI MP4 Converter 2007-06-29 22:13 --------- d-------- C:\Program Files\Alcohol Soft 2007-06-29 22:11 685816 --------- C:\WINDOWS\system32\drivers\sptd.sys 2007-06-29 11:29 --------- d-------- C:\Program Files\MegauploadToolbar 2007-06-24 22:54 --------- d-------- C:\Program Files\Combined Community Codec Pack 2007-06-19 14:30 --------- d-------- C:\DOCUME~1\RAFA~1\DANEAP~1\AdobeUM 2007-06-19 10:45 --------- d-------- C:\Program Files\Skype 2007-06-19 10:45 --------- d-------- C:\Program Files\Common Files\Skype 2007-06-06 18:39 270336 --------- C:\WINDOWS\system32\imon.dll 2007-06-06 18:25 2724 --------- C:\WINDOWS\pchealth\HelpCtr\PackageStore\SkuStore.bin 2007-06-06 18:21 8972 --------- C:\WINDOWS\pchealth\HelpCtr\Config\Cntstore.bin 2007-06-06 15:41 0 -rahs---- C:\MSDOS.SYS 2007-06-06 15:41 0 -rahs---- C:\IO.SYS 2007-06-06 15:41 0 --a------ C:\CONFIG.SYS 2007-06-06 15:41 0 --a------ C:\AUTOEXEC.BAT ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2004-07-01 12:23 C:\WINDOWS\SOUNDMAN.EXE] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2005-05-25 22:02] "nwiz"="nwiz.exe" [2005-05-25 22:02 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2005-05-25 22:02] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-06-06 18:39] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 18:53] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "Glass2k"="C:\Program Files\Glass2k.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44] "Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-05-10 16:36] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29] "ViStart"="C:\Program Files\ViStart\ViStart.exe" [] "ViOrb"="C:\Program Files\ViOrb\ViOrb.exe" [] C:\Documents and Settings\Rafaˆ\Menu Start\Programy\Autostart\ Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:00] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06] R3 PAC207;SoC PC-Camer@;C:\WINDOWS\system32\DRIVERS\pfc027.sys *Newly Created Service* - HTTPFILTER ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-08-18 23:36:57 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************** Completion time: 2007-08-18 23:38:19 --- E O F ---