ComboFix 07-11-19.4 - PAWEL 2007-11-28 18:43:20.5 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.108 [GMT 1:00] Running from: C:\Documents and Settings\PAWEL\Pulpit\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Menu Start\Live Safety Center.lnk C:\Documents and Settings\All Users\Menu Start\Online Security Guide.lnk C:\Documents and Settings\PAWEL\Pulpit\Live Safety Center.lnk C:\Documents and Settings\PAWEL\Pulpit\Online Security Guide.lnk C:\Documents and Settings\PAWEL\Ulubione\Online Security Guide.lnk C:\WINDOWS\system32\awtqn.dll C:\WINDOWS\system32\nqtwa.ini C:\WINDOWS\system32\nqtwa.ini2 C:\WINDOWS\system32\rttss.ini2 C:\WINDOWS\system32\udeqbjpu.dllbox . ((((((((((((((((((((((((( Files Created from 2007-10-28 to 2007-11-28 ))))))))))))))))))))))))))))))) . 2007-11-28 18:13 2007-11-28 16:47 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll 2007-11-28 16:47 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll 2007-11-28 16:47 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll 2007-11-28 16:47 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll 2007-11-28 16:47 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll 2007-11-28 16:47 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll 2007-11-28 16:47 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll 2007-11-28 16:47 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll 2007-11-28 16:47 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll 2007-11-27 20:49 2007-11-26 16:27 2007-11-26 16:27 2007-11-26 16:27 51,072 --a------ C:\WINDOWS\system32\drivers\ikhlayer.sys 2007-11-26 16:27 30,592 --a------ C:\WINDOWS\system32\drivers\ikhfile.sys 2007-11-25 22:05 79,936 --a------ C:\WINDOWS\system32\gfhgdgrc.dll 2007-11-25 22:02 3,832,763 --ahs---- C:\WINDOWS\system32\erkitjru.ini 2007-11-25 22:02 85,056 --a------ C:\WINDOWS\system32\urjtikre.dll 2007-11-25 21:59 71,232 --a------ C:\WINDOWS\system32\wsxnimxd.exe 2007-11-25 21:56 145,984 --a------ C:\WINDOWS\system32\vqijbcmc.dll 2007-11-24 22:24 2007-11-24 22:24 132,880 --a------ C:\WINDOWS\system32\MSINET.OCX 2007-11-24 22:24 75,264 --a------ C:\WINDOWS\system32\pkLink.ocx 2007-11-24 17:17 39,424 --a------ C:\WINDOWS\system32\qomnmll.dll 2007-11-24 16:58 2007-11-24 11:14 19,616 -ra------ C:\WINDOWS\system32\drivers\PhTVTune.sys 2007-11-23 18:16 2007-11-23 18:15 2007-11-23 18:15 204,800 --a------ C:\WINDOWS\system32\IVIresizeW7.dll 2007-11-23 18:15 200,704 --a------ C:\WINDOWS\system32\IVIresizeA6.dll 2007-11-23 18:15 192,512 --a------ C:\WINDOWS\system32\IVIresizeP6.dll 2007-11-23 18:15 192,512 --a------ C:\WINDOWS\system32\IVIresizeM6.dll 2007-11-23 18:15 188,416 --a------ C:\WINDOWS\system32\IVIresizePX.dll 2007-11-23 18:15 20,480 --a------ C:\WINDOWS\system32\IVIresize.dll 2007-11-23 18:11 449,888 -ra------ C:\WINDOWS\system32\drivers\Cap7134.sys 2007-11-23 18:11 94,208 -ra------ C:\WINDOWS\system32\34api.dll 2007-11-23 18:11 90,112 -ra------ C:\WINDOWS\system32\34dialog.dll 2007-11-23 18:11 90,112 -ra------ C:\WINDOWS\system32\34COM.dll 2007-11-23 18:11 73,728 -ra------ C:\WINDOWS\system32\34dd.dll 2007-11-23 18:11 69,632 -ra------ C:\WINDOWS\system32\34TvCtrl.dll 2007-11-23 18:11 32,768 -ra------ C:\WINDOWS\system32\Prop7134.dll 2007-11-03 16:08 2007-11-03 16:07 2007-11-01 14:45 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-28 17:47 --------- d-----w C:\Documents and Settings\PAWEL\Dane aplikacji\Hamachi 2007-11-28 17:45 --------- d-----w C:\Program Files\Kalendarz XP 2007-11-28 17:20 --------- d-----w C:\Documents and Settings\PAWEL\Dane aplikacji\Skype 2007-11-28 15:57 --------- d–h--w C:\Program Files\InstallShield Installation Information 2007-11-28 15:47 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys 2007-11-28 15:28 --------- d—a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2007-11-14 16:31 --------- d-----w C:\Program Files\Real Alternative 2007-11-08 18:17 --------- d-----w C:\Program Files\PhotoFiltre 2007-10-31 17:51 --------- d-----w C:\Program Files\Opera 2007-10-31 17:32 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys 2007-10-22 19:47 304,182 ----a-w C:\StiImg.dat 2007-10-21 13:04 --------- d-----w C:\Program Files\GameSpy Arcade 2007-10-20 18:43 --------- d-----w C:\Program Files\WorldNet 2007-10-20 16:27 86,528 ----a-w C:\WINDOWS\bnetunin.exe 2007-10-20 16:27 61,440 ----a-w C:\WINDOWS\diabunin.exe 2007-10-18 21:18 61,440 ----a-w C:\WINDOWS\diabswun.exe 2007-10-18 14:29 --------- d-----w C:\Program Files\TimeOff 2007-10-13 11:21 --------- d-----w C:\Program Files\SystemRequirementsLab 2007-10-13 04:47 --------- d-----w C:\Program Files\GG Skin Manager 2007-10-12 12:43 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-10-09 20:14 --------- d-----w C:\Program Files\FDRLab 2007-10-06 18:10 --------- d–h--r C:\Documents and Settings\PAWEL\Dane aplikacji\SecuROM 2007-09-19 21:08 774,144 ----a-w C:\Program Files\RngInterstitial.dll 2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-09-02 13:48 451,072 ----a-w C:\WINDOWS\Radeon Omega Drivers v3.8.205 Uninstall.exe . ((((((((((((((((((((((((((((( snapshot@2007-11-27_22.01.12.34 ))))))))))))))))))))))))))))))))))))))))) . - 2006-11-18 12:34:06 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2007-11-28 16:10:22 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll - 2006-11-18 12:34:06 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll + 2007-11-28 16:10:22 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll - 2006-11-18 12:34:06 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2007-11-28 16:10:22 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll - 2006-11-18 12:34:05 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2007-11-28 16:10:15 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2006-11-18 12:34:05 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2007-11-28 16:10:16 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2006-11-18 12:34:05 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2007-11-28 16:10:17 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2006-11-18 12:34:05 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2007-11-28 16:10:17 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2006-11-18 12:34:05 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2007-11-28 16:10:18 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2006-11-18 12:34:05 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2007-11-28 16:10:19 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2006-11-18 12:34:06 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2007-11-28 16:10:19 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2006-11-18 12:34:06 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2007-11-28 16:10:20 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2006-11-18 12:34:06 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2007-11-28 16:10:20 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2006-11-18 12:34:06 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2007-11-28 16:10:22 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2006-11-18 12:34:06 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2007-11-28 16:10:23 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll - 2006-11-18 12:34:06 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll + 2007-11-28 16:10:23 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll - 2006-11-18 12:34:06 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2007-11-28 16:10:23 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll - 2006-11-18 12:34:07 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll + 2007-11-28 16:10:23 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll - 2006-11-18 12:34:06 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2007-11-28 16:10:21 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2007-03-12 15:42:30 1,123,696 ----a-w C:\WINDOWS\system32\D3DCompiler_33.dll + 2007-05-16 15:45:16 1,124,720 ----a-w C:\WINDOWS\system32\D3DCompiler_34.dll + 2007-07-19 17:14:42 1,358,192 ----a-w C:\WINDOWS\system32\D3DCompiler_35.dll + 2007-03-15 15:57:58 443,752 ----a-w C:\WINDOWS\system32\d3dx10_33.dll + 2007-05-16 15:45:16 443,752 ----a-w C:\WINDOWS\system32\d3dx10_34.dll + 2007-07-19 17:14:42 444,776 ----a-w C:\WINDOWS\system32\d3dx10_35.dll + 2006-09-28 15:05:20 2,414,360 ----a-w C:\WINDOWS\system32\d3dx9_31.dll + 2006-11-29 12:06:18 3,426,072 ----a-w C:\WINDOWS\system32\d3dx9_32.dll + 2007-03-12 15:42:30 3,495,784 ----a-w C:\WINDOWS\system32\d3dx9_33.dll + 2007-05-16 15:45:16 3,497,832 ----a-w C:\WINDOWS\system32\d3dx9_34.dll + 2007-07-19 17:14:42 3,727,720 ----a-w C:\WINDOWS\system32\d3dx9_35.dll + 2007-11-28 17:46:16 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_604.dat + 2006-12-01 21:56:00 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2006-12-01 21:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll + 2006-12-01 21:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll + 2006-12-01 21:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll + 2006-12-01 23:25:52 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll + 2006-12-01 23:25:56 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll + 2006-12-01 23:25:58 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll + 2006-12-01 23:26:00 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll + 2006-12-01 23:08:00 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll + 2006-12-01 23:08:00 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll + 2006-12-01 23:08:00 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll + 2006-12-01 23:08:00 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll + 2006-12-01 23:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll + 2006-12-01 23:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll + 2006-12-01 23:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll + 2006-12-01 23:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll + 2006-12-01 23:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll + 2006-12-01 23:46:44 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll . – Snapshot reset to current date – . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE~\Browser Helper Objects{140BD8E3-C167-11D4-B4A3-080000180323}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{2AD64422-D97E-4ED6-99E2-486201E97D75}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{529dd7a4-4ad1-42f3-8d11-fd567da1d883}] 2007-11-25 22:05 79936 --a------ C:\WINDOWS\system32\gfhgdgrc.dll [HKEY_LOCAL_MACHINE~\Browser Helper Objects{A8C759B2-0E08-41FC-A4A8-ACFED186D055}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{B986DA45-4B66-4E23-A65C-D64CBC13AA93}] C:\WINDOWS\system32\ssttr.dll [HKEY_LOCAL_MACHINE~\Browser Helper Objects{D68F7301-B543-4842-84E3-D05CAC6EDE79}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 13:00] “MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe” [2004-08-04 00:55] “Skype”=“C:\Program Files\Skype\Phone\Skype.exe” [2006-12-11 20:54] “InternetCalls”=“C:\program files\internetcalls.com\internetcalls\internetcalls.exe” [2007-07-24 09:25] “EPSON Stylus DX4400 Series”=“C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.exe” [2007-01-25 07:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SoundMan”=“SOUNDMAN.EXE” [2004-11-15 11:20 C:\WINDOWS\SOUNDMAN.EXE] “QuickTime Task”=“C:\WINDOWS\system32\qttask.exe” [2006-11-13 22:22] “DAEMON Tools-1033”=“C:\Program Files\D-Tools\daemon.exe” [2004-08-22 17:05] “ISUSPM Startup”=“C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe” [2004-06-16 06:03] “ISUSScheduler”=“C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” [2004-06-16 06:03] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 10:50] “ANIWZCS2Service”=“C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe” [2004-12-16 17:49] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-09-06 11:06] “Flashget”=“D:\GRYIPR~1\FlashGet\FlashGet\Flashget.exe” [2007-01-17 14:55] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe” [2007-07-12 03:00] “Tweak UI”=“RUNDLL32.exe” [2004-08-04 13:00 C:\WINDOWS\system32\rundll32.exe] “zBrowser Launcher”=“D:\GRY I PROGRAMY\Logitech\iTouch\iTouch.exe” [2002-05-29 00:59] “ATICCC”=“C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” [2005-08-12 13:43] “WINSCHEDULER”=“C:\PROGRA~1\INTERV~1\WinDVR\WINSCH~1.EXE” [2003-09-03 18:49] “WinRemote”=“C:\Program Files\InterVideo\WinDVR\WinRemote.exe” [2003-09-03 18:57] “5462be35”=“C:\WINDOWS\system32\urjtikre.dll” [2007-11-25 22:02] [HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE” [2004-08-04 13:00] “Spyware Doctor”="" [] C:\Documents and Settings\PAWEL\Menu Start\Programy\Autostart\ hamachi.lnk - D:\GRY I PROGRAMY\hamachi\hamachi.exe [2007-09-14 17:04:30] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 14:44:06] InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-11-23 18:15:20] Kalendarz XP.lnk - C:\Program Files\Kalendarz XP\Kalendarz.exe [2007-05-12 16:34:03] VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe [2006-11-06 20:01:28] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] “Authentication Packages”= msv1_0 C:\WINDOWS\system32\awtqn.dll R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys R2 Cap7134;TV Capture Card 7130;C:\WINDOWS\system32\DRIVERS\Cap7134.sys R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys R3 PhTVTune;TV Capture Card tv tuner;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys S0 viasraid;viasraid;C:\WINDOWS\system32\drivers\viasraid.sys S1 ATITool;ATITool Overclocking Utility;C:\WINDOWS\system32\DRIVERS\ATITool.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{cf454e03-cfec-11db-a60f-001195e8f268}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe \Shell\Open(&0)\command - Recycled\ctfmon.exe . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-28 18:46:34 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-28 18:48:19 - machine was rebooted C:\ComboFix2.txt … 2007-11-27 22:01 C:\ComboFix3.txt … 2007-11-27 21:52 . — E O F —