"Paweˆ" - 2007-08-21 14:04:01    Dodatek Service Pack 2  
ComboFix 07-05.27.V - Running from: "C:\Documents and Settings\Paweˆ\Pulpit\Programy\"


(((((((((((((((((((((((((((((((   Files Created from 2007-07-21 to 2007-08-21  ))))))))))))))))))))))))))))))))))


2007-08-20 16:05	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\Documents
2007-08-19 22:08	545	--a------	C:\WINDOWS\UC.PIF
2007-08-19 22:08	545	--a------	C:\WINDOWS\RAR.PIF
2007-08-19 22:08	545	--a------	C:\WINDOWS\PKZIP.PIF
2007-08-19 22:08	545	--a------	C:\WINDOWS\PKUNZIP.PIF
2007-08-19 22:08	545	--a------	C:\WINDOWS\NOCLOSE.PIF
2007-08-19 22:08	545	--a------	C:\WINDOWS\LHA.PIF
2007-08-19 22:08	545	--a------	C:\WINDOWS\ARJ.PIF
2007-08-19 22:08	<DIR>	d--------	C:\totalcmd
2007-08-19 18:11	73,216	--a------	C:\WINDOWS\ST6UNST.EXE
2007-08-19 18:11	249,856	---------	C:\WINDOWS\Setup1.exe
2007-08-18 20:29	<DIR>	d--------	C:\Program Files\AVI ReComp
2007-08-18 20:15	921,600	--a------	C:\WINDOWS\system32\TVE2COM.dll
2007-08-18 20:15	901,120	--a------	C:\WINDOWS\system32\TVE2.dll
2007-08-18 20:15	175,104	--a------	C:\WINDOWS\system32\lame_enc.dll
2007-08-18 20:14	13	---h-----	C:\DOCUME~1\ALLUSE~1\DANEAP~1\üÕíÆŽ3113>.sys
2007-08-18 20:14	<DIR>	d--------	C:\Program Files\CoffeeCup Software
2007-08-18 20:01	<DIR>	d--------	C:\OutputFolder
2007-08-17 20:51	<DIR>	d--------	C:\DOCUME~1\PAWE~1\DANEAP~1\InstallShield
2007-08-15 16:13	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\DANEAP~1\Trymedia
2007-08-11 18:18	82,432	--a------	C:\WINDOWS\system32\msxml4r.dll
2007-08-11 18:18	44,544	--a------	C:\WINDOWS\system32\msxml4a.dll
2007-08-11 18:18	1,233,920	--a------	C:\WINDOWS\system32\msxml4.dll
2007-08-11 18:17	94,208	--a------	C:\WINDOWS\system32\DLLCPY32.dll
2007-08-11 18:17	65,536	--a------	C:\WINDOWS\system32\DLLPTL32.dll
2007-08-11 18:17	61,440	--a------	C:\WINDOWS\system32\DLLCDF32.dll
2007-08-11 18:17	57,344	--a------	C:\WINDOWS\system32\DLLTPO32.dll
2007-08-11 18:17	53,248	--a------	C:\WINDOWS\system32\DLLPRJ32.dll
2007-08-11 18:17	49,152	--a------	C:\WINDOWS\system32\DLLPRF32.dll
2007-08-11 18:17	49,152	--a------	C:\WINDOWS\system32\DLLIO32.dll
2007-08-11 18:17	462,848	--a------	C:\WINDOWS\system32\DLLAV32.dll
2007-08-11 18:17	45,056	--a------	C:\WINDOWS\system32\DLLIMG32.dll
2007-08-11 18:17	430,080	--a------	C:\WINDOWS\system32\MXRestore.exe
2007-08-11 18:17	40,960	--a------	C:\WINDOWS\system32\DLLRD32.dll
2007-08-11 18:17	38,912	--a------	C:\WINDOWS\system32\mgxasio.dll
2007-08-11 18:17	36,864	--a------	C:\WINDOWS\system32\DLLPNT32.dll
2007-08-11 18:17	32,768	--a------	C:\WINDOWS\system32\STRING32.dll
2007-08-11 18:17	32,768	--a------	C:\WINDOWS\system32\DLLMSC32.dll
2007-08-11 18:17	32,768	--a------	C:\WINDOWS\system32\DLLISO32.dll
2007-08-11 18:17	32,768	--a------	C:\WINDOWS\system32\DLLDIR32.dll
2007-08-11 18:17	24,576	--a------	C:\WINDOWS\system32\TTIC32.dll
2007-08-11 18:17	24,576	--a------	C:\WINDOWS\system32\TTI32.dll
2007-08-11 18:17	24,576	--a------	C:\WINDOWS\system32\DLLIX.dll
2007-08-11 18:17	188,416	--a------	C:\WINDOWS\system32\DLLRES32.dll
2007-08-11 18:17	163,840	--a------	C:\WINDOWS\system32\DLLDEV32.dll
2007-08-11 18:17	151,552	--a------	C:\WINDOWS\system32\DLLDRV32.dll
2007-08-11 18:17	114,688	--a------	C:\WINDOWS\system32\DLLCDA32.dll
2007-08-11 18:17	<DIR>	d--------	C:\Program Files\Common Files\MAGIX Shared
2007-08-11 18:16	85,504	--a------	C:\WINDOWS\system32\HtmlWH.dll
2007-08-11 18:16	638,976	--a------	C:\WINDOWS\system32\mgxoschk.dll
2007-08-11 18:16	49,152	--a------	C:\WINDOWS\system32\INETWH32.dll
2007-08-11 18:16	1,089,536	--a------	C:\WINDOWS\system32\ROBOEX32.DLL
2007-08-11 18:16	<DIR>	d--------	C:\WINDOWS\system32\MAGIX
2007-08-11 12:19	<DIR>	d--------	C:\Program Files\OniGames
2007-08-10 21:33	<DIR>	d--------	C:\WINDOWS\Prefetch
2007-08-10 21:02	5,600	-ra------	C:\WINDOWS\system\Winaspi.dll
2007-08-10 21:02	45,056	-ra------	C:\WINDOWS\system32\wnaspi32.dll
2007-08-10 21:02	4,672	-ra------	C:\WINDOWS\system\Wowpost.exe
2007-08-10 21:02	25,244	-ra------	C:\WINDOWS\system32\drivers\ASPI32.sys
2007-08-10 21:02	2,368	--a------	C:\WINDOWS\system32\STEC3.sys
2007-08-09 16:01	65,536	-ra------	C:\WINDOWS\AC1_Un0.exe
2007-08-09 12:33	<DIR>	d--------	C:\DOCUME~1\PAWE~1\DANEAP~1\Tlen.pl
2007-08-09 10:15	9,216	--a------	C:\WINDOWS\system32\cpuinf32.dll
2007-08-09 10:15	245,760	--a------	C:\WINDOWS\system32\mplvpx.dll
2007-08-08 15:37	237,568	--a------	C:\WINDOWS\system32\OggDS.dll
2007-08-08 15:37	<DIR>	d--------	C:\Program Files\Real Alternative
2007-08-08 15:37	<DIR>	d--------	C:\DOCUME~1\PAWE~1\DANEAP~1\Real
2007-08-08 15:37	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\DANEAP~1\Real
2007-08-08 14:45	<DIR>	d--------	C:\DOCUME~1\PAWE~1\DANEAP~1\Media Player Classic
2007-08-08 14:44	765,952	--a------	C:\WINDOWS\system32\xvidcore.dll
2007-08-08 14:44	740,442	--a------	C:\WINDOWS\system32\divx.dll
2007-08-08 14:44	73,728	--a------	C:\WINDOWS\system32\dpl100.dll
2007-08-08 14:44	7,680	--a------	C:\WINDOWS\system32\ff_vfw.dll
2007-08-08 14:44	630,784	--a------	C:\WINDOWS\system32\vp7vfw.dll
2007-08-08 14:44	564,224	--a------	C:\WINDOWS\system32\x264vfw.dll
2007-08-08 14:44	438,272	--a------	C:\WINDOWS\system32\vp6vfw.dll
2007-08-08 14:44	39,936	--a------	C:\WINDOWS\system32\huffyuv.dll
2007-08-08 14:44	3,596,288	--a------	C:\WINDOWS\system32\qt-dx331.dll
2007-08-08 14:44	217,088	--a------	C:\WINDOWS\system32\yv12vfw.dll
2007-08-08 14:44	180,224	--a------	C:\WINDOWS\system32\xvidvfw.dll
2007-08-02 20:10	<DIR>	d--------	C:\DOCUME~1\PAWE~1\DANEAP~1\Xfire
2007-07-28 15:39	<DIR>	d--------	C:\DOCUME~1\PAWE~1\DANEAP~1\THQ


((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-20 13:53:17	--------	d--h--w	C:\Program Files\InstallShield Installation Information
2007-08-18 18:29:23	--------	d-----w	C:\Program Files\AviSynth 2.5
2007-07-30 22:00:20	86,016	----a-w	C:\windows\system32\OpenAL32.dll
2007-07-30 22:00:20	413,696	----a-w	C:\windows\system32\wrap_oal.dll
2007-07-28 13:38:00	98,304	----a-w	C:\windows\system32\CmdLineExt.dll
2007-07-12 14:39:50	--------	d-----w	C:\Program Files\A4Tech
2007-07-09 17:21:41	406,888	----a-w	C:\windows\system32\pr2ah4nb.exe
2007-07-09 17:21:20	64,616	----a-w	C:\windows\system32\drivers\pe3ah4nb.sys
2007-07-09 17:20:56	54,896	----a-w	C:\windows\system32\drivers\ps6ah4nb.sys
2007-07-08 17:52:11	--------	d-----w	C:\Program Files\Common Files\DirectX
2007-07-08 17:51:53	225,280	----a-w	C:\windows\system32\UAService7.exe
2007-07-06 09:39:34	1,060,864	----a-w	C:\windows\system32\mfc71.dll
2007-07-04 15:45:26	271,360	----a-w	C:\windows\system32\drivers\atksgt.sys
2007-07-04 15:45:26	18,048	----a-w	C:\windows\system32\drivers\lirsgt.sys
2007-07-01 11:46:20	8	----a-w	C:\windows\system32\nvModes.dat
2007-07-01 11:18:52	--------	d-----w	C:\Program Files\GameSpy Arcade
2007-06-26 20:16:26	3,098	----a-w	C:\windows\mozver.dat
2007-06-23 11:40:10	--------	d--h--r	C:\DOCUME~1\PAWE~1\DANEAP~1\SecuROM
2007-06-07 21:58:17	4	----a-w	C:\windows\system32\proc-397095422.bin
2007-05-31 18:05:09	1,415,680	----a-w	C:\windows\system32\WMV9VCM.dll
2007-05-23 10:25:22	0	----a-w	C:\windows\nsreg.dat
2007-05-21 10:56:40	807	----a-w	C:\windows\unins000.dat
2007-02-21 10:47:16	31,232	--sh--r	C:\windows\system32\msfDX.dll
2006-05-03 09:06:54	163,328	--sh--r	C:\windows\system32\flvDX.dll
2005-10-24 09:13:58	66,560	--sha-r	C:\windows\MOTA113.exe
2005-07-14 10:31:20	27,648	--sha-r	C:\windows\system32\AVSredirect.dll
2005-06-26 13:32:28	616,448	--sha-r	C:\windows\system32\cygwin1.dll
2005-06-21 20:37:42	45,568	--sha-r	C:\windows\system32\cygz.dll
2005-05-13 15:12:00	217,073	--sha-r	C:\windows\meta4.exe
2005-02-28 11:16:22	240,128	--sha-r	C:\windows\system32\x.264.exe


((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))
 
 
*Note* empty entries & legit default entries are not shown 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=E:\Programy\adobe\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 14:17]
{31FF080D-12A3-439A-A2EF-4BA95A3148E8}=E:\Programy\GetRight\xx2gr.dll [2007-01-04 23:57]
{52D06F97-5511-43FA-8FDA-C481864FD26E}=C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll [2007-05-20 12:50]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 04:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" []
"iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [2006-04-09 19:31]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"F-PROT Antivirus Tray application"="C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe" [2007-04-24 15:16]
"nwiz"="nwiz.exe" [2007-04-20 06:05 C:\WINDOWS\system32\nwiz.exe]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-02-17 11:14]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\windows\system32\ctfmon.exe" [2004-08-04 00:44]
"Komunikator"="E:\Programy\tlen\Tlen.pl\tlen.exe" [2007-02-12 12:01]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyDocs"=1 (0x1)
"NoStartMenuMyMusic"=1 (0x1)
"NoSMMyPictures"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"StartMenuLogoff"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyDocs"=1 (0x1)
"NoStartMenuMyMusic"=1 (0x1)
"NoSMMyPictures"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"StartMenuLogoff"=1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages	msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\FPAVServer]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Konnekt_ff16f617_Pawe³"="E:\Programy\konnekt\konnekt.exe" /autostart -profile=Pawe³
"Konnekt"="E:\Programy\konnekt\konnekt.exe" /autostart
	

********************************************************************

catchme 0.3.681 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-21 14:04:12
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0


********************************************************************

Completion time: 2007-08-21 14:04:23
C:\ComboFix-quarantined-files.txt ... 2007-08-21 14:04

	--- E O F ---