ComboFix 07-09-14.2 - "Bartek" 2007-09-16 20:58:59.8 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.1.1250.1.1045.18.718 [GMT 2:00] . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\.exe . ((((((((((((((((((((((((( Files Created from 2007-08-16 to 2007-09-16 ))))))))))))))))))))))))))))))) . 2007-09-16 19:24 d-------- C:\DOCUME~1\Maciek\DANEAP~1\Lavasoft 2007-09-16 19:16 d-------- C:\DOCUME~1\Ania\DANEAP~1\Gadu-Gadu 2007-09-16 16:00 d-------- C:\DOCUME~1\Ania\DANEAP~1\foobar2000 2007-09-16 15:58 d-------- C:\DOCUME~1\Ania\Gadu-Gadu 2007-09-16 11:47 d-------- C:\DOCUME~1\Qba\DANEAP~1\KRKsoft 2007-09-15 20:10 dr-h----- C:\DOCUME~1\ADMINI~1\Dane aplikacji 2007-09-15 20:10 dr------- C:\DOCUME~1\ADMINI~1\Menu Start 2007-09-15 20:10 d--h----- C:\DOCUME~1\ADMINI~1\Ustawienia lokalne 2007-09-15 20:10 d--h----- C:\DOCUME~1\ADMINI~1\Szablony 2007-09-15 20:10 d-------- C:\DOCUME~1\ADMINI~1\Ulubione 2007-09-15 20:10 d-------- C:\DOCUME~1\ADMINI~1\Pulpit 2007-09-15 20:10 d-------- C:\DOCUME~1\ADMINI~1\Moje dokumenty 2007-09-15 19:51 d-------- C:\Program Files\Directory Lister Pro 2007-09-15 19:51 d-------- C:\DOCUME~1\Bartek\DANEAP~1\KRKsoft 2007-09-14 18:57 d-------- C:\DOCUME~1\Qba\DANEAP~1\Corel 2007-09-14 18:07 d-------- C:\DOCUME~1\Bartek\DANEAP~1\Corel 2007-09-14 18:04 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\InstallShield 2007-09-14 18:02 d-------- C:\Program Files\Corel 2007-09-14 18:02 d-------- C:\Program Files\Common Files\Corel 2007-09-14 14:33 60,416 --a------ C:\WINDOWS\system32\drivers\a^cmbfcw.sys 2007-09-14 13:44 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-14 13:08 d-------- C:\DOCUME~1\Qba\DANEAP~1\Lavasoft 2007-09-14 12:29 86,016 --a------ C:\WINDOWS\system32\OpenAL32.dll 2007-09-14 12:29 262,144 --a------ C:\WINDOWS\system32\wrap_oal.dll 2007-09-14 03:03 5,632 --a------ C:\WINDOWS\system32\drivers\Entech64.sys 2007-09-14 02:17 3,972 --a------ C:\WINDOWS\system32\drivers\PciBus.sys 2007-09-14 02:17 21,664 --a------ C:\WINDOWS\system32\drivers\Entech.sys 2007-09-14 02:17 d-------- C:\WINDOWS\system32\Futuremark 2007-09-14 01:28 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\nView_Profiles 2007-09-14 01:00 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\NVIDIA 2007-09-14 00:13 d-------- C:\WINDOWS\ServicePackFiles 2007-09-13 18:47 7,552 --a--c--- C:\WINDOWS\system32\dllcache\sonypvu1.sys 2007-09-13 18:47 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS 2007-09-13 16:27 d-------- C:\DOCUME~1\Qba\DANEAP~1\foobar2000 2007-09-11 12:48 d-------- C:\WINDOWS\NV26522656.TMP 2007-09-11 12:47 5,306 --a------ C:\WINDOWS\system32\drivers\TBPanel.sys 2007-09-11 12:47 d-------- C:\Program Files\VDOTool 2007-09-11 12:43 61,440 -ra------ C:\WINDOWS\system32\vuins32.dll 2007-09-11 12:43 42,496 -ra------ C:\WINDOWS\system32\drivers\fetnd5bv.sys 2007-09-11 12:41 9,410,048 -ra------ C:\WINDOWS\system32\RTLCPL.EXE 2007-09-11 12:41 77,824 -ra------ C:\WINDOWS\SOUNDMAN.EXE 2007-09-11 12:41 40,960 -r------- C:\WINDOWS\system32\ChCfg.exe 2007-09-11 12:41 294,912 -r------- C:\WINDOWS\alcupd.exe 2007-09-11 12:41 200,704 -r------- C:\WINDOWS\alcrmv.exe 2007-09-11 12:41 2,324,480 -ra------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2007-09-11 12:41 156,672 -ra------ C:\WINDOWS\system32\RTLCPAPI.dll 2007-09-11 12:41 d-------- C:\Program Files\Realtek Sound Manager 2007-09-11 12:41 d-------- C:\Program Files\Realtek AC97 2007-09-11 12:41 d-------- C:\Program Files\AvRack 2007-09-11 12:38 60,928 -ra------ C:\WINDOWS\system32\drivers\viamraid.sys 2007-09-11 12:38 36,224 --a--c--- C:\WINDOWS\system32\dllcache\isapnp.sys 2007-09-11 12:38 36,224 --a------ C:\WINDOWS\system32\drivers\isapnp.sys 2007-09-11 12:38 27,904 -ra------ C:\WINDOWS\system32\drivers\VIAAGP1.SYS 2007-09-11 09:40 921,600 --a------ C:\WINDOWS\system32\vorbisenc.dll 2007-09-11 09:40 9,216 --a------ C:\WINDOWS\system32\cpuinf32.dll 2007-09-11 09:40 45,056 --a------ C:\WINDOWS\system32\ogg.dll 2007-09-11 09:40 245,760 --a------ C:\WINDOWS\system32\mplvpx.dll 2007-09-11 09:40 237,568 --a------ C:\WINDOWS\system32\OggDS.dll 2007-09-11 09:40 188,416 --a------ C:\WINDOWS\system32\vorbis.dll 2007-09-11 09:40 1,415,680 --a------ C:\WINDOWS\system32\WMV9VCM.dll 2007-09-11 09:39 740,442 --a------ C:\WINDOWS\system32\DivX.dll 2007-09-11 09:39 1,559,040 --a------ C:\WINDOWS\system32\xvidcore.dll 2007-09-10 23:13 d-------- C:\DOCUME~1\Qba\DANEAP~1\Gadu-Gadu 2007-09-10 22:00 d-------- C:\DOCUME~1\Qba\Gadu-Gadu 2007-09-10 19:44 d-------- C:\Program Files\Common Files\Adobe Systems Shared 2007-09-10 19:44 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Adobe Systems 2007-09-10 12:08 d-------- C:\Program Files\MarBit 2007-09-10 10:30 d-------- C:\Program Files\eMule 2007-09-10 10:24 d-------- C:\DOCUME~1\Bartek\DANEAP~1\foobar2000 2007-09-10 10:07 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2007-09-10 10:06 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2007-09-10 10:06 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2007-09-10 10:06 d-------- C:\WINDOWS\system32\LogFiles 2007-09-10 00:08 d-------- C:\DOCUME~1\Maciek\DANEAP~1\Gadu-Gadu 2007-09-09 21:54 d-------- C:\DOCUME~1\Maciek\DANEAP~1\foobar2000 2007-09-09 21:48 d-------- C:\DOCUME~1\Maciek\Gadu-Gadu 2007-09-09 21:00 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-09-09 20:56 dr-h----- C:\DOCUME~1\Qba\Dane aplikacji 2007-09-09 20:56 dr------- C:\DOCUME~1\Qba\Ulubione 2007-09-09 20:56 dr------- C:\DOCUME~1\Qba\Moje dokumenty 2007-09-09 20:56 dr------- C:\DOCUME~1\Qba\Menu Start 2007-09-09 20:56 d--h----- C:\DOCUME~1\Qba\Ustawienia lokalne 2007-09-09 20:56 d--h----- C:\DOCUME~1\Qba\Szablony 2007-09-09 20:56 d-------- C:\DOCUME~1\Qba\Pulpit 2007-09-09 20:55 dr-h----- C:\DOCUME~1\Ania\Dane aplikacji 2007-09-09 20:55 dr------- C:\DOCUME~1\Ania\Ulubione 2007-09-09 20:55 dr------- C:\DOCUME~1\Ania\Moje dokumenty 2007-09-09 20:55 dr------- C:\DOCUME~1\Ania\Menu Start 2007-09-09 20:55 d--h----- C:\DOCUME~1\Ania\Ustawienia lokalne 2007-09-09 20:55 d--h----- C:\DOCUME~1\Ania\Szablony 2007-09-09 20:55 d-------- C:\DOCUME~1\Ania\Pulpit 2007-09-09 20:34 dr-h----- C:\DOCUME~1\Maciek\Dane aplikacji 2007-09-09 20:34 dr------- C:\DOCUME~1\Maciek\Ulubione 2007-09-09 20:34 dr------- C:\DOCUME~1\Maciek\Moje dokumenty 2007-09-09 20:34 dr------- C:\DOCUME~1\Maciek\Menu Start 2007-09-09 20:34 d--h----- C:\DOCUME~1\Maciek\Ustawienia lokalne 2007-09-09 20:34 d--h----- C:\DOCUME~1\Maciek\Szablony 2007-09-09 20:34 d-------- C:\DOCUME~1\Maciek\Pulpit 2007-09-09 20:10 664 --a------ C:\WINDOWS\system32\d3d9caps.dat 2007-09-09 19:58 62,672 --a------ C:\WINDOWS\system32\dxdllreg.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-15 21:32 928 --a------ C:\Program Files\snpgulsd.txt 2007-09-14 15:10 63 --a------ C:\Program Files\counter 2007-09-14 15:10 6 --a------ C:\Program Files\SnapRef.cf 2007-09-14 15:10 4898162 --a------ C:\Program Files\raw_system.cf 2007-09-14 15:10 292 --a------ C:\Program Files\errdbg.cf 2007-09-14 15:10 26900 --a------ C:\Program Files\raw_enum.cf 2007-09-14 15:10 17403 --a------ C:\Program Files\enum.cf 2007-09-14 15:10 1443 --a------ C:\Program Files\ComboFix.txt 2007-09-14 15:10 1087 --a------ C:\Program Files\active_setup.cf 2007-09-14 15:10 0 --a------ C:\Program Files\snapshotB.cf 2007-09-14 15:10 0 --a------ C:\Program Files\snapshot.cf 2007-09-14 15:10 0 --a------ C:\Program Files\rawreg.cf 2007-09-14 15:09 0 --a------ C:\Program Files\whitedone.cf 2007-09-14 15:09 0 --a------ C:\Program Files\ExecB.cf 2007-09-11 09:40 755200 --a------ C:\WINDOWS\system32\ir50_32.dll 2007-09-09 16:32 --------- d-------- C:\Program Files\microsoft frontpage 2007-09-06 12:09 801144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-09-06 12:05 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-06 12:05 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-06 12:03 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-06 12:02 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-06 12:00 95608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-09-06 12:00 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll --------- C:\Program Files\Usługi online . ((((((((((((((((((((((((((((( snapshot_2007-09-14_134827,87 ))))))))))))))))))))))))))))))))))))))))) . -c----w 2,086,400 2002-09-20 17:04:26 C:\WINDOWS\$MSI31Uninstall_KB893803$\msi.dll -c----w 64,512 2002-09-20 17:05:34 C:\WINDOWS\$MSI31Uninstall_KB893803$\msiexec.exe -c----w 305,664 2002-09-20 17:04:26 C:\WINDOWS\$MSI31Uninstall_KB893803$\msihnd.dll -c----w 847,872 2001-12-14 22:43:00 C:\WINDOWS\$MSI31Uninstall_KB893803$\msimsg.dll -c----w 39,936 2001-12-14 22:43:00 C:\WINDOWS\$MSI31Uninstall_KB893803$\msisip.dll -c----w 212,704 2005-03-21 13:00:10 C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe -c----w 387,296 2005-03-21 13:00:10 C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\updspapi.dll ----a-w 24,576 2002-07-25 16:13:18 C:\WINDOWS\Downloaded Program Files\dwusplay.dll ----a-w 196,608 2002-07-25 16:13:12 C:\WINDOWS\Downloaded Program Files\dwusplay.exe ----a-w 417,792 2005-08-11 14:30:30 C:\WINDOWS\Downloaded Program Files\isusweb.dll ----a-w 163,328 2007-03-13 08:57:10 C:\WINDOWS\erdnt\subs\F3M\ERDNT.EXE ----a-r 65,536 2007-09-14 16:04:23 C:\WINDOWS\Installer\{108FAA6F-DEEE-48EA-B3A9-1C5EB2605A6B}\ARPPRODUCTICON.exe ----a-r 65,536 2007-09-14 16:04:54 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\ARPPRODUCTICON.exe ----a-r 45,056 2007-09-14 16:04:54 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut90.exe ----a-r 45,056 2007-09-14 16:04:54 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut900.exe ----a-r 45,056 2007-09-14 16:04:55 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9000.exe ----a-r 45,056 2007-09-14 16:04:55 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9001.exe ----a-r 45,056 2007-09-14 16:04:54 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut901.exe ----a-r 45,056 2007-09-14 16:04:55 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut902.exe ----a-r 528,384 2007-09-14 16:04:55 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut903_CC5820041A9C446BB9018F9ECF582DD1.exe ----a-r 45,056 2007-09-14 16:04:54 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut91.exe ----a-r 45,056 2007-09-14 16:04:54 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut910.exe ----a-r 45,056 2007-09-14 16:04:55 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9100.exe ----a-r 45,056 2007-09-14 16:04:55 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9101.exe ----a-r 45,056 2007-09-14 16:04:54 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut911.exe ----a-r 45,056 2007-09-14 16:04:55 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut912.exe ----a-r 528,384 2007-09-14 16:04:55 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut913_CC5820041A9C446BB9018F9ECF582DD1.exe ----a-r 45,056 2007-09-14 16:04:55 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut92_CC5820041A9C446BB9018F9ECF582DD1.exe ----a-r 528,384 2007-09-14 16:04:55 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut93_CC5820041A9C446BB9018F9ECF582DD1.exe ----a-r 45,056 2007-09-14 16:04:54 C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9_1.exe ----a-r 22,758 2007-09-14 16:03:51 C:\WINDOWS\Installer\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}\ARPPRODUCTICON.exe ----a-r 65,536 2007-09-14 16:03:51 C:\WINDOWS\Installer\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}\NewShortcut1.exe ----a-r 65,536 2007-09-14 16:03:51 C:\WINDOWS\Installer\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}\NewShortcut2.exe ----a-r 65,536 2007-09-14 16:03:51 C:\WINDOWS\Installer\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}\NewShortcut4.exe ----a-r 65,536 2007-09-14 16:03:51 C:\WINDOWS\Installer\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}\NewShortcut5.exe ----a-r 65,536 2007-09-14 16:03:51 C:\WINDOWS\Installer\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}\NewShortcut8.exe ----a-r 295,606 2007-09-15 10:34:59 C:\WINDOWS\Installer\{AC76BA86-7AD7-1045-7B44-A80000000000}\SC_Reader.exe ----a-r 65,536 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\ARPPRODUCTICON.exe ----a-r 34,304 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe.D0DF3458_A845_11D3_8D0A_0050046416B9.exe ----a-r 34,304 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1028.D0DF3458_A845_11D3_8D0A_0050046416B9.exe ----a-r 34,304 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1031.D0DF3458_A845_11D3_8D0A_0050046416B9.exe ----a-r 34,304 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1036.D0DF3458_A845_11D3_8D0A_0050046416B9.exe ----a-r 34,304 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1040.D0DF3458_A845_11D3_8D0A_0050046416B9.exe ----a-r 34,304 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1041.D0DF3458_A845_11D3_8D0A_0050046416B9.exe ----a-r 34,304 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1042.D0DF3458_A845_11D3_8D0A_0050046416B9.exe ----a-r 34,304 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1043.D0DF3458_A845_11D3_8D0A_0050046416B9.exe ----a-r 34,304 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1046.D0DF3458_A845_11D3_8D0A_0050046416B9.exe ----a-r 34,304 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1053.D0DF3458_A845_11D3_8D0A_0050046416B9.exe ----a-r 34,304 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_2052.D0DF3458_A845_11D3_8D0A_0050046416B9.exe ----a-r 34,304 2007-09-14 16:04:44 C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_3082.D0DF3458_A845_11D3_8D0A_0050046416B9.exe ----a-w 89,088 2003-03-18 17:05:50 C:\WINDOWS\system32\atl71.dll ----a-w 1,129,232 1999-10-17 18:01:42 C:\WINDOWS\system32\FM20.DLL ----a-w 26,384 1999-10-17 18:01:16 C:\WINDOWS\system32\FM20ENU.DLL ----a-w 102,232 2007-09-14 16:07:03 C:\WINDOWS\system32\FNTCACHE.DAT ----a-w 40,960 2003-03-18 18:44:36 C:\WINDOWS\system32\MFC71CHS.DLL ----a-w 45,056 2003-03-18 18:44:36 C:\WINDOWS\system32\MFC71CHT.DLL ----a-w 65,536 2003-03-18 18:44:34 C:\WINDOWS\system32\MFC71DEU.DLL ----a-w 57,344 2003-03-18 18:44:38 C:\WINDOWS\system32\MFC71ENU.DLL ----a-w 61,440 2003-03-18 18:44:36 C:\WINDOWS\system32\MFC71ESP.DLL ----a-w 61,440 2003-03-18 18:44:34 C:\WINDOWS\system32\MFC71FRA.DLL ----a-w 61,440 2003-03-18 18:44:36 C:\WINDOWS\system32\MFC71ITA.DLL ----a-w 49,152 2003-03-18 18:44:34 C:\WINDOWS\system32\MFC71JPN.DLL ----a-w 49,152 2003-03-18 18:44:38 C:\WINDOWS\system32\MFC71KOR.DLL ----a-w 1,047,552 2003-03-18 19:12:12 C:\WINDOWS\system32\mfc71u.dll ----a-w 2,890,240 2005-03-21 13:00:20 C:\WINDOWS\system32\msi.dll ----a-w 78,848 2005-03-21 13:00:22 C:\WINDOWS\system32\msiexec.exe ----a-w 271,360 2005-03-21 13:00:22 C:\WINDOWS\system32\msihnd.dll ----a-w 884,736 2005-03-21 13:00:22 C:\WINDOWS\system32\msimsg.dll ----a-w 15,360 2005-03-21 13:00:22 C:\WINDOWS\system32\msisip.dll ----a-w 118,784 2000-04-03 18:05:58 C:\WINDOWS\system32\msstdfmt.dll ----a-w 94,208 2000-04-03 15:52:52 C:\WINDOWS\system32\msstkprp.dll ----a-w 39,992 2007-09-14 11:57:27 C:\WINDOWS\system32\perfc009.dat ----a-w 49,492 2007-09-14 11:57:27 C:\WINDOWS\system32\perfc015.dat ----a-w 311,604 2007-09-14 11:57:27 C:\WINDOWS\system32\perfh009.dat ----a-w 355,486 2007-09-14 11:57:27 C:\WINDOWS\system32\perfh015.dat ----a-w 15,872 1998-03-24 19:54:08 C:\WINDOWS\system32\SCP32.DLL ------w 15,584 2005-03-21 13:00:10 C:\WINDOWS\system32\spmsg.dll ----a-w 40,960 1999-11-24 16:40:50 C:\WINDOWS\system32\VBAME.DLL ----a-w 16,384 2007-09-15 08:43:18 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ---ha-w 262,144 2007-09-15 08:39:49 C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat ----a-w 32,768 2007-09-15 08:43:18 C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat ----a-w 32,768 2007-09-15 08:43:18 C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat -c----w 2,890,240 2005-03-21 13:00:20 C:\WINDOWS\system32\dllcache\msi.dll -c----w 78,848 2005-03-21 13:00:22 C:\WINDOWS\system32\dllcache\msiexec.exe -c----w 271,360 2005-03-21 13:00:22 C:\WINDOWS\system32\dllcache\msihnd.dll -c----w 884,736 2005-03-21 13:00:22 C:\WINDOWS\system32\dllcache\msimsg.dll -c----w 15,360 2005-03-21 13:00:22 C:\WINDOWS\system32\dllcache\msisip.dll ----atw 16,384 2007-09-16 18:57:50 C:\WINDOWS\Temp\Perflib_Perfdata_4f4.dat ----a-w 479,232 2005-09-22 21:48:08 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll ----a-w 548,864 2005-09-22 21:48:08 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll ----a-w 626,688 2005-09-22 21:48:06 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll . ----a-w 95,864 2007-09-13 23:09:51 C:\WINDOWS\system32\FNTCACHE.DAT ----a-w 2,086,400 2002-09-20 17:04:26 C:\WINDOWS\system32\msi.dll ----a-w 64,512 2002-09-20 17:05:34 C:\WINDOWS\system32\msiexec.exe ----a-w 305,664 2002-09-20 17:04:26 C:\WINDOWS\system32\msihnd.dll ----a-w 847,872 2001-12-14 22:43:00 C:\WINDOWS\system32\msimsg.dll ----a-w 39,936 2001-12-14 22:43:00 C:\WINDOWS\system32\msisip.dll ----a-w 39,992 2007-09-13 23:14:30 C:\WINDOWS\system32\perfc009.dat ----a-w 49,492 2007-09-13 23:14:30 C:\WINDOWS\system32\perfc015.dat ----a-w 311,604 2007-09-13 23:14:30 C:\WINDOWS\system32\perfh009.dat ----a-w 355,486 2007-09-13 23:14:30 C:\WINDOWS\system32\perfh015.dat ------w 9,216 2004-07-17 20:57:02 C:\WINDOWS\system32\spmsg.dll ----a-w 16,384 2007-09-13 23:23:23 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ----a-w 32,768 2007-09-13 23:23:23 C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat ----a-w 32,768 2007-09-13 23:23:23 C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat ------w 2,086,400 2002-09-20 17:04:26 C:\WINDOWS\system32\dllcache\msi.dll ------w 64,512 2002-09-20 17:05:34 C:\WINDOWS\system32\dllcache\msiexec.exe ------w 305,664 2002-09-20 17:04:26 C:\WINDOWS\system32\dllcache\msihnd.dll ------w 847,872 2001-12-14 22:43:00 C:\WINDOWS\system32\dllcache\msimsg.dll ------w 39,936 2001-12-14 22:43:00 C:\WINDOWS\system32\dllcache\msisip.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-08-06 09:45] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2006-08-11 15:43] "Ashampoo FireWall"="C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" [2007-04-05 14:57] "nwiz"="nwiz.exe" [2006-08-11 15:43 C:\WINDOWS\system32\nwiz.exe] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 16:30] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 16:30] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 13:24] C:\DOCUME~1\ALLUSE~1\MENUST~1\Programy\AUTOST~1\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 02:48:00] Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 01:01:00] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Notification Packages"= scecli scecli scecli . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-16 21:00:27 Windows 5.1.2600 Dodatek Service Pack. 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-16 21:02:42 C:\ComboFix-quarantined-files.txt ... 2007-09-16 21:02 . --- E O F ---