“wisnia” - 2007-05-20 22:44:18 Dodatek Service Pack 2 ComboFix 07-05.21.3.V - Running from: “D:\Documents and Settings\wisnia\Pulpit” ((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-20 )))))))))))))))))))))))))))))))))) 2007-05-20 22:32 49,152 --a------ D:\WINDOWS\nircmd.exe 2007-05-20 21:11 2007-05-12 22:10 2007-05-12 21:32 2007-05-12 21:12 2007-05-09 20:15 2007-05-07 22:15 2007-05-06 12:28 2007-05-06 12:22 2007-05-05 09:34 2007-05-04 21:21 5,504 --a------ D:\WINDOWS\system32\drivers\MSTEE.sys 2007-05-04 21:21 10,880 --a------ D:\WINDOWS\system32\drivers\NdisIP.sys 2007-05-04 21:20 85,376 --a------ D:\WINDOWS\system32\drivers\NABTSFEC.sys 2007-05-04 21:20 59,264 --a------ D:\WINDOWS\system32\drivers\USBAUDIO.sys 2007-05-04 21:20 54,784 --a------ D:\WINDOWS\system32\vfwwdm32.dll 2007-05-04 21:20 19,328 --a------ D:\WINDOWS\system32\drivers\WSTCODEC.SYS 2007-05-04 21:20 17,024 --a------ D:\WINDOWS\system32\drivers\CCDECODE.sys 2007-05-04 21:20 15,360 --a------ D:\WINDOWS\system32\drivers\StreamIP.sys 2007-05-04 21:20 11,136 --a------ D:\WINDOWS\system32\drivers\SLIP.sys 2007-05-04 21:19 31,616 --a------ D:\WINDOWS\system32\drivers\usbccgp.sys 2007-05-04 21:17 90,112 --a------ D:\WINDOWS\system32\LQCUI2.dll 2007-05-04 21:17 856,064 --a------ D:\WINDOWS\system32\Ltwvc12n.dll 2007-05-04 21:17 78,336 --a------ D:\WINDOWS\system32\lffax12n.dll 2007-05-04 21:17 65,536 --a------ D:\WINDOWS\system32\MFC71DEU.DLL 2007-05-04 21:17 61,440 --a------ D:\WINDOWS\system32\MFC71ITA.DLL 2007-05-04 21:17 61,440 --a------ D:\WINDOWS\system32\MFC71ESP.DLL 2007-05-04 21:17 57,344 --a------ D:\WINDOWS\system32\MFC71ENU.DLL 2007-05-04 21:17 53,248 -ra------ D:\WINDOWS\system32\InstMed.exe 2007-05-04 21:17 49,152 --a------ D:\WINDOWS\system32\MFC71KOR.DLL 2007-05-04 21:17 49,152 --a------ D:\WINDOWS\system32\MFC71JPN.DLL 2007-05-04 21:17 466,944 --a------ D:\WINDOWS\system32\QCUI2.dll 2007-05-04 21:17 462,848 --a------ D:\WINDOWS\system32\LCamCpl.dll 2007-05-04 21:17 45,056 --a------ D:\WINDOWS\system32\MFC71CHT.DLL 2007-05-04 21:17 406,016 --a------ D:\WINDOWS\system32\ltkrn12n.dll 2007-05-04 21:17 40,960 --a------ D:\WINDOWS\system32\MFC71CHS.DLL 2007-05-04 21:17 372,736 --a------ D:\WINDOWS\system32\LVUI2RC.dll 2007-05-04 21:17 328,704 --a------ D:\WINDOWS\system32\LFCMP12n.DLL 2007-05-04 21:17 30,720 --a------ D:\WINDOWS\system32\lfbmp12n.dll 2007-05-04 21:17 259,072 --a------ D:\WINDOWS\system32\LTDIS12n.dll 2007-05-04 21:17 22,016 --a------ D:\WINDOWS\system32\drivers\LVUSBSta.sys 2007-05-04 21:17 215,552 --a------ D:\WINDOWS\system32\Lvkrn12n.dll 2007-05-04 21:17 207,872 --a------ D:\WINDOWS\system32\ltefx12n.dll 2007-05-04 21:17 204,800 --a------ D:\WINDOWS\system32\LVUI2.dll 2007-05-04 21:17 204,800 --a------ D:\WINDOWS\system32\lvcodec2.dll 2007-05-04 21:17 2,180,096 --a------ D:\WINDOWS\system32\drivers\lvsvf2.sys 2007-05-04 21:17 164,864 --a------ D:\WINDOWS\system32\ltimg12n.dll 2007-05-04 21:17 141,312 --a------ D:\WINDOWS\system32\lftif12n.dll 2007-05-04 21:17 131,072 --a------ D:\WINDOWS\system32\ltfil12n.DLL 2007-05-04 21:17 106,496 --a------ D:\WINDOWS\system32\lvcoinst.dll 2007-05-04 21:17 1,317,152 --a------ D:\WINDOWS\system32\drivers\lvcm.sys 2007-05-04 21:17 1,060,864 --a------ D:\WINDOWS\system32\MFC71.dll 2007-05-04 21:17 1,047,552 --a------ D:\WINDOWS\system32\MFC71u.dll 2007-05-04 21:17 2007-05-04 21:16 2007-05-01 20:08 2007-05-01 19:03 2007-04-29 13:49 2007-04-29 13:49 2007-04-29 13:49 2007-04-29 13:49 2007-04-29 13:30 266,329 -ra------ D:\WINDOWS\VLaunch.exe 2007-04-29 13:27 2007-04-28 15:18 2007-04-27 14:08 808 --a------ D:\WINDOWS\unins000.dat 2007-04-26 19:19 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-20 20:46:35 49,492 ----a-w D:\WINDOWS\system32\perfc015.dat 2007-05-20 20:46:35 355,486 ----a-w D:\WINDOWS\system32\perfh015.dat 2007-05-20 20:42:30 -------- d-----w D:\Program Files\AutoConnect 2007-05-20 18:47:17 -------- d-----w D:\Program Files\NAPI-PROJEKT 2007-05-20 18:37:38 -------- d-----w D:\DOCUME~1\wisnia\DANEAP~1\uTorrent 2007-05-18 16:43:00 -------- d-----w D:\DOCUME~1\wisnia\DANEAP~1\Skype 2007-05-12 20:12:42 -------- d-----w D:\Program Files\Neostrada TP 2007-05-12 20:11:04 -------- d-----w D:\Program Files\VstPlugins 2007-05-12 20:11:04 -------- d-----w D:\Program Files\Image-Line 2007-05-12 20:06:34 -------- d-----w D:\Program Files\Winamp 2007-05-07 20:06:03 -------- d-----w D:\Program Files\Gadu-Gadu 2007-05-04 19:17:18 -------- d–h--w D:\Program Files\InstallShield Installation Information 2007-04-26 03:29:30 -------- d-----w D:\DOCUME~1\wisnia\DANEAP~1\XnView 2007-04-15 18:40:53 -------- d-----w D:\Program Files\MP3 Remix 2007-04-15 18:40:07 -------- d-----w D:\Program Files\Common Files\Wise Installation Wizard 2007-04-15 15:39:22 -------- d-----w D:\Program Files\Audacity 2007-04-12 16:27:57 1,768 ----a-w D:\WINDOWS\system32\tmp.reg 2007-04-09 08:40:56 -------- d-----w D:\Program Files\Picasa2 2007-04-09 08:40:29 -------- d-----w D:\Program Files\Google 2007-04-08 09:09:07 -------- d-----w D:\Program Files\XnView 2007-04-03 08:17:15 -------- d-----w D:\Program Files\Gadwin Systems 2007-03-31 17:01:44 -------- d-----w D:\Program Files\SubEdit-Player 2007-03-30 19:12:16 -------- d-----w D:\Program Files\URUSoft 2007-03-28 18:36:50 -------- d-----w D:\DOCUME~1\wisnia\DANEAP~1\Ahead 2007-03-28 18:28:20 -------- d-----w D:\Program Files\Ahead 2007-03-28 18:28:05 -------- d-----w D:\Program Files\Common Files\Ahead 2007-03-25 12:36:36 -------- d-----w D:\Program Files\AC3Filter 2007-03-25 12:31:04 -------- d-----w D:\Program Files\XviD 2007-03-25 12:29:10 -------- d-----w D:\Program Files\ffdshow 2007-03-24 18:00:44 1,289 ----a-w D:\WINDOWS\mozver.dat 2007-03-24 17:16:20 -------- d-----w D:\Program Files\MarBit 2007-03-24 16:58:29 -------- d-----w D:\Program Files\DivX 2007-03-24 16:28:09 -------- d-----w D:\Program Files\K-Lite Codec Pack 2007-03-22 15:50:57 -------- d-----w D:\DOCUME~1\wisnia\DANEAP~1\DivX 2007-03-22 14:26:20 -------- d-----w D:\Program Files\AVIcodec 2007-03-22 13:04:53 -------- d-----w D:\Program Files\uTorrent 2007-03-22 12:40:52 -------- d-----w D:\Program Files\Kaspersky Lab 2007-03-22 12:35:11 -------- d-----w D:\Program Files\Skype 2007-03-22 12:35:10 -------- d-----w D:\Program Files\Common Files\Skype 2007-03-22 12:19:56 -------- d-----w D:\Program Files\Common Files\ODBC 2007-03-22 12:19:53 -------- d-----w D:\Program Files\Common Files\SpeechEngines 2007-03-22 11:55:58 0 ----a-w D:\WINDOWS\nsreg.dat 2007-03-22 11:42:55 -------- d-----w D:\Program Files\Common Files\InstallShield 2007-03-22 11:37:19 -------- d-----w D:\Program Files\Thomson 2007-03-22 11:30:01 -------- d-----w D:\Program Files\microsoft frontpage 2007-03-22 11:28:14 -------- d–h--w D:\Program Files\WindowsUpdate 2007-03-22 11:28:11 -------- d-----w D:\Program Files\Usługi online 2007-03-22 11:27:29 -------- d-----w D:\Program Files\Common Files\MSSoap 2007-03-22 11:27:22 -------- d-----w D:\Program Files\Movie Maker 2007-03-22 11:26:32 21,856 ----a-w D:\WINDOWS\system32\emptyregdb.dat 2007-03-22 11:26:06 -------- d-----w D:\Program Files\Messenger 2007-03-22 11:26:02 -------- d-----w D:\Program Files\MSN Gaming Zone 2007-03-22 11:25:55 -------- d-----w D:\Program Files\Windows NT 2007-03-07 23:51:00 43,528 ------w D:\WINDOWS\system32\drivers\pxhelp20.sys 2007-03-07 23:51:00 129,784 ------w D:\WINDOWS\system32\pxafs.dll 2007-02-07 20:14:38 10,752 ----a-w D:\WINDOWS\system32\ff_vfw.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 06:12] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 14:22] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “WooCnxMon”=“D:\PROGRA~1\NEOSTR~1\CnxMon.exe” [2003-10-16 19:07] “SpeedTouch USB Diagnostics”=“D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” [2004-01-26 12:38] “WOOWATCH”=“D:\PROGRA~1\NEOSTR~1\Watch.exe” [2003-10-16 19:07] “WOOTASKBARICON”=“D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe” [2003-10-16 19:07] “NvCplDaemon”=“D:\WINDOWS\system32\NvCpl.dll” [2005-06-15 11:20] “nwiz”=“nwiz.exe” [2005-06-15 11:20 D:\WINDOWS\system32\nwiz.exe] “NvMediaCenter”=“D:\WINDOWS\system32\NvMcTray.dll” [2005-06-15 11:20] “kis”=“D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe” [2006-03-24 20:09] “@”="" [] “SoundMan”=“SOUNDMAN.EXE” [] “SunJavaUpdateSched”=“D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe” [2005-11-10 14:03] “NeroFilterCheck”=“D:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 11:50] “Picasa Media Detector”=“D:\Program Files\Picasa2\PicasaMediaDetector.exe” [2007-02-01 04:52] “LVCOMSX”=“D:\WINDOWS\system32\LVCOMSX.EXE” [2005-07-19 17:32] “LogitechVideoRepair”=“D:\Program Files\Logitech\Video\ISStart.exe” [2005-06-08 15:24] “LogitechVideoTray”=“D:\Program Files\Logitech\Video\LogiTray.exe” [2005-06-08 15:14] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “AutoConnect”=“D:\Program Files\AutoConnect\AutoConnect.exe” [2004-08-28 20:27] “LogitechSoftwareUpdate”=“D:\Program Files\Logitech\Video\ManifestEngine.exe” [2005-06-08 14:44] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] “appinit_dlls”=D:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll ~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ backup-20070520-222446-586 O4 - HKLM…\Run: [svchost] D:\Program Files\Internet Explorer\Setup\svchost.exe ******************************************************************** catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-20 22:46:14 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ******************************************************************** Completion time: 2007-05-20 22:47:14 — E O F —