“Sznels” - 2007-06-25 2:35:06 - ComboFix 07-06-23.5 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-25 to 2007-06-25 ))))))))))))))))))))))))))))))) 2007-06-23 01:31 2007-06-21 17:56 2007-06-21 00:23 2007-06-21 00:22 2007-06-21 00:22 2007-06-21 00:22 2007-06-21 00:22 2007-06-21 00:22 2007-06-21 00:20 2007-06-21 00:19 6,144 --a------ C:\WINDOWS\system32\drivers\k750cm.sys 2007-06-21 00:19 5,744 --a------ C:\WINDOWS\system32\drivers\k750wh.sys 2007-06-21 00:19 2007-06-19 16:03 2007-06-18 17:39 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-06-18 12:48 2007-06-17 01:02 2007-06-16 23:28 2007-06-16 23:28 2007-06-16 23:28 2007-06-16 23:27 2007-06-16 22:53 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-06-16 17:51 2007-06-16 16:37 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-15 23:00 2007-06-15 20:00 2007-06-15 19:52 2007-06-14 17:46 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-06-11 23:04 2007-06-11 22:14 2007-06-11 22:14 2007-06-10 20:31 23 --ahs---- C:\WINDOWS\system32\bcfeaaeac_r.dll 2007-06-10 17:48 532,480 --a------ C:\WINDOWS\system32\imagx5.dll 2007-06-10 17:48 507,904 --a------ C:\WINDOWS\system32\imagr5.dll 2007-06-10 17:48 49,152 --------- C:\WINDOWS\system32\MultiSZ.dll 2007-06-10 17:48 35,328 --a------ C:\WINDOWS\system32\picn20.dll 2007-06-10 17:48 275,312 --a------ C:\WINDOWS\system32\ImagXpr5.dll 2007-06-10 17:48 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe 2007-06-10 17:48 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll 2007-06-10 16:47 2007-06-10 14:30 2007-06-10 14:29 2007-06-08 21:09 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll 2007-06-08 21:09 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll 2007-06-08 21:09 6,144 --a------ C:\WINDOWS\system32\kbd106.dll 2007-06-08 21:09 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll 2007-06-08 21:09 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll 2007-06-08 21:09 5,632 --a------ C:\WINDOWS\system32\kbd103.dll 2007-06-07 19:31 2007-06-07 15:41 1,077,248 --------- C:\WINDOWS\Unnero.exe 2007-06-07 15:41 2007-06-07 15:03 2007-06-07 11:03 2007-06-07 11:00 2007-06-07 10:26 20,640 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys 2007-06-07 01:10 2007-06-07 01:04 86,016 --a------ C:\WINDOWS\unvise32.exe 2007-06-07 01:04 2007-06-07 00:52 2007-06-07 00:26 20,338 --a------ C:\WINDOWS\BricoPackUninst.cmd 2007-06-07 00:24 1,093 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd 2007-06-07 00:24 2007-06-07 00:04 2007-06-06 22:13 2007-06-06 22:13 2007-06-06 21:59 2007-06-06 21:57 2007-06-06 21:55 2007-06-06 21:36 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2007-06-06 19:53 2007-06-06 19:53 2007-06-06 19:51 2007-06-06 19:42 2007-06-06 19:39 2007-06-06 19:34 592 --a------ C:\WINDOWS\chgkey.vbs 2007-06-06 18:32 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-06-06 18:31 77,312 --a------ C:\WINDOWS\system32\usbui.dll 2007-06-06 18:31 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys 2007-06-06 18:31 58,624 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-06-06 18:29 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2007-06-06 18:29 9,168 --a------ C:\WINDOWS\system\VER.DLL 2007-06-06 18:29 85,532 --a------ C:\WINDOWS\system32\dgsetup.dll 2007-06-06 18:29 83,456 --a------ C:\WINDOWS\system\OLECLI.DLL 2007-06-06 18:29 8,704 --a------ C:\WINDOWS\system32\batt.dll 2007-06-06 18:29 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2007-06-06 18:29 75,776 --a------ C:\WINDOWS\system32\storprop.dll 2007-06-06 18:29 70,144 --a------ C:\WINDOWS\notepad.exe 2007-06-06 18:29 70,096 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-06-06 18:29 7,168 --a------ C:\WINDOWS\system32\kbdcz.dll 2007-06-06 18:29 69,552 --a------ C:\WINDOWS\system\MMSYSTEM.DLL 2007-06-06 18:29 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2007-06-06 18:29 6,656 --a------ C:\WINDOWS\system32\kbdycl.dll 2007-06-06 18:29 6,656 --a------ C:\WINDOWS\system32\kbdsl1.dll 2007-06-06 18:29 6,656 --a------ C:\WINDOWS\system32\kbdsl.dll 2007-06-06 18:29 6,656 --a------ C:\WINDOWS\system32\kbdhu.dll 2007-06-06 18:29 6,656 --a------ C:\WINDOWS\system32\kbdcz2.dll 2007-06-06 18:29 6,656 --a------ C:\WINDOWS\system32\kbdcz1.dll 2007-06-06 18:29 6,656 --a------ C:\WINDOWS\system32\kbdcr.dll 2007-06-06 18:29 6,656 --a------ C:\WINDOWS\system32\KBDAL.DLL 2007-06-06 18:29 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2007-06-06 18:29 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-11 20:54:12 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2007-06-10 19:08:42 49,712 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-06-10 19:08:42 355,830 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-06-06 20:47:08 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll 2007-06-06 14:37:51 -------- d-----w C:\Program Files\Usługi online 2007-04-25 14:23:30 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-18 16:14:32 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {53707962-6F74-2D53-2644-206D7942484F}=C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 01:04] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “nwiz”=“nwiz.exe” [2005-09-18 02:32 C:\WINDOWS\system32\nwiz.exe] “High Definition Audio Property Page Shortcut”=“HDAShCut.exe” [2005-01-07 17:07 C:\WINDOWS\system32\HdAShCut.exe] “RTHDCPL”=“RTHDCPL.EXE” [2005-07-13 04:37 C:\WINDOWS\RTHDCPL.EXE] “DAEMON Tools”=“C:\Program Files\DAEMON Tools\daemon.exe” [2006-11-12 12:48] “Adobe Reader Speed Launcher”=“C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2007-05-11 03:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Steam”=“d:\games\vaule\steam.exe” [2007-05-31 08:54] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2006-03-24 10:53] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] “{57B86673-276A-48B2-BAE7-C6DBB3020EB8}”=“D:\Install\AVG Anti-Spyware 7.5\shellexecutehook.dll” [2007-05-30 14:29] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg!AVG Anti-Spyware] “D:\Install\AVG Anti-Spyware 7.5\avgas.exe” /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-25 02:37:14 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-25 2:38:28 — E O F —