Dom - 06-12-27 15:23:31,58 Dodatek Service Pack 2 ComboFix 06.11.27 - Running from: “D:\Documents and Settings\Dom\Pulpit” ((((((((((((((((((((((((((((((( Files Created from 2006-11-27 to 2006-12-27 )))))))))))))))))))))))))))))))))) 2006-12-22 14:45 2006-12-14 16:17 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-27 08:54 -------- d-------- D:\Documents and Settings\Dom\Dane aplikacji\Skype 2006-12-27 08:51 -------- d-------- D:\Program Files\Common Files 2006-12-22 15:16 -------- d-------- D:\Program Files\Java 2006-12-22 15:14 -------- d-------- D:\Program Files\Google 2006-12-14 16:18 -------- d-------- D:\Program Files\Skype 2006-12-13 23:02 -------- d-------- D:\Program Files\Internet Explorer 2006-12-13 23:01 -------- d-------- D:\Program Files\Outlook Express 2006-12-13 23:01 -------- d-------- D:\Program Files\Common Files\System 2006-12-07 06:29 2374472 --a------ D:\WINDOWS\system32\wmvcore.dll 2006-11-28 18:00 -------- d-------- D:\Program Files\Common Files\Ahead 2006-11-28 18:00 -------- d-------- D:\Program Files\Ahead 2006-11-18 10:37 223128 --a------ D:\WINDOWS\system32\drivers\vaxscsi.sys 2006-11-08 06:07 679424 --a------ D:\WINDOWS\system32\inetcomm.dll 2006-11-02 09:36 12464 --a------ D:\WINDOWS\system32\drivers\secdrv.sys 2006-10-20 02:39 714240 --a------ D:\WINDOWS\system32\sxs.dll 2006-10-13 13:41 65536 --a------ D:\WINDOWS\system32\nwwks.dll 2006-10-13 13:41 64000 --a------ D:\WINDOWS\system32\nwapi32.dll 2006-10-13 13:41 143872 --a------ D:\WINDOWS\system32\nwprovau.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] “Zinio DLM”=“D:\Program Files\Zinio\ZinioDeliveryManager.exe /autostart” “Skype”="“D:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized" “Gadu-Gadu”="“C:\Program Files\Gadu-Gadu\gg.exe” /tray" “EdHTML”=“c:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe /none” “WITaj!”=“C:\Program Files\WITaj!\Wit2000.exe” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] “ccApp”="“D:\Program Files\Common Files\Symantec Shared\ccApp.exe”" “Symantec NetDriver Monitor”=“D:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer” “NeroFilterCheck”=“D:\WINDOWS\system32\NeroCheck.exe” “HPDJ Taskbar Utility”=“D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe” “DAEMON Tools-1033”="“C:\Program Files\D-Tools\daemon.exe” -lang 1033" “MKS_MENU”=“D:\Program Files\MKS\Bin\mks_menu.exe” “NvCplDaemon”=“RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup” “nwiz”=“nwiz.exe /install” “NvMediaCenter”=“RunDLL32.exe NvMCTray.dll,NvTaskbarInit” “WheelMouse”=“c:\PROGRA~1\A4Tech\Mouse\Amoumain.exe” “NWEReboot”="" “SunJavaUpdateSched”=“D:\Program Files\Java\jre1.5.0_09\bin\jusched.exe” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] “Installed”=“1” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] “NoChange”=“1” “Installed”=“1” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] “Installed”=“1” [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] “DeskHtmlVersion”=dword:00000110 “DeskHtmlMinorVersion”=dword:00000005 “Settings”=dword:00000001 “GeneralFlags”=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] “Source”=“About:Home” “SubscribedURL”=“About:Home” “FriendlyName”=“Moja bieżąca strona główna” “Flags”=dword:00000002 “Position”=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 “CurrentState”=hex:04,00,00,40 “OriginalStateInfo”=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 “RestoredStateInfo”=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “CTFMON.EXE”=“D:\WINDOWS\system32\CTFMON.EXE” [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] “CTFMON.EXE”=“D:\WINDOWS\system32\CTFMON.EXE” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] “{438755C2-A8BA-11D1-B96B-00A0C90312E1}”=“Moduł wstępnego ładowania interfejsu Browseui” “{8C7461EF-2B13-11d2-BE35-3078302C2030}”=“Demon buforu kategorii składników” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] “{AEB6717E-7E19-11d0-97EE-00C04FD91972}”="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] “NoDriveTypeAutoRun”=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “dontdisplaylastusername”=dword:00000000 “legalnoticecaption”="" “legalnoticetext”="" “shutdownwithoutlogon”=dword:00000001 “undockwithoutlogon”=dword:00000001 [HKEY_USERS.default\software\microsoft\windows\currentversion\policies\explorer] “NoDriveTypeAutoRun”=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] “NoDriveTypeAutoRun”=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] “PostBootReminder”="{7849596a-48ea-486e-8937-a2a3009f31a9}" “CDBurn”="{fbeb8a05-beee-4442-804e-409d6c4515e9}" “WebCheck”="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" “SysTray”="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Dom^Menu Start^Programy^Autostart^UniSpiker-2.2.lnk] “path”=“D:\Documents and Settings\Dom\Menu Start\Programy\Autostart\UniSpiker-2.2.lnk” “backup”=“D:\WINDOWS\pss\UniSpiker-2.2.lnkStartup” “location”=“Startup” “command”="C:\PROGRA~1\ivo\UNISPI~1.2\UNI_SP~1.EXE " “item”=“UniSpiker-2.2” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“hpgs2wnd” “hkey”=“HKLM” “command”=“C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“winampa” “hkey”=“HKLM” “command”=“c:\Program Files\Winamp\winampa.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] “SecurityProviders”=“msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll” Contents of the ‘Scheduled Tasks’ folder D:\WINDOWS\tasks\Norton AntiVirus - Skanuj komputer - Dom.job D:\WINDOWS\tasks\Symantec NetDetect.job Completion time: 06-12-27 15:25:16.46 D:\ComboFix.txt … 06-12-27 15:25