amd - 07-09-14 16:37:58,28 Dodatek Service Pack 2 ComboFix 06.10.16 - Running from: “C:\Documents and Settings\amd\Pulpit” ((((((((((((((((((((((((((((((( Files Created from 2007-08-14 to 2007-09-14 )))))))))))))))))))))))))))))))))) No new files created in this timespan (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-09-11 21:21 -------- d-------- C:\Program Files\Mozilla Firefox 2007-09-11 17:37 -------- d-------- C:\Program Files\mIRC 2007-09-10 19:15 -------- d-------- C:\Program Files\Szkola podstawowa klasa 6 - Przyroda 2007-09-05 18:46 -------- d-------- C:\Documents and Settings\amd\Dane aplikacji\Google 2007-09-05 18:45 -------- d-------- C:\Program Files\Google 2007-09-05 16:43 -------- d-------- C:\Program Files\Lx_cats 2007-08-15 20:01 -------- d-------- C:\Program Files\Internet Explorer 2007-08-10 19:02 108144 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-08-10 19:02 -------- dr-h----- C:\Documents and Settings\amd\Dane aplikacji\SecuROM 2007-08-10 18:53 -------- d-------- C:\Program Files\Electronic Arts 2007-08-06 19:21 -------- d–h----- C:\Program Files\InstallShield Installation Information 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-29 22:30 -------- d-------- C:\Program Files\TuneUp Utilities 2006 2007-07-29 12:09 -------- d-------- C:\Documents and Settings\amd\Dane aplikacji\Skype 2007-07-18 17:29 -------- d-------- C:\Program Files\Skype 2007-07-18 17:29 -------- d-------- C:\Program Files\Common Files\Skype 2007-07-18 17:29 -------- d-------- C:\Program Files\Common Files 2007-07-18 14:42 60416 --------- C:\WINDOWS\system32\tzchange.exe 2007-06-27 16:09 6058496 --a------ C:\WINDOWS\system32\ieframe.dll 2007-06-27 16:09 52224 --a------ C:\WINDOWS\system32\msfeedsbs.dll 2007-06-27 16:09 459264 --a------ C:\WINDOWS\system32\msfeeds.dll 2007-06-27 16:09 44544 --a------ C:\WINDOWS\system32\iernonce.dll 2007-06-27 16:09 267776 --a------ C:\WINDOWS\system32\iertutil.dll 2007-06-27 16:09 232960 --a------ C:\WINDOWS\system32\webcheck.dll 2007-06-27 16:09 105984 --a------ C:\WINDOWS\system32\url.dll 2007-06-27 16:09 102400 --a------ C:\WINDOWS\system32\occache.dll 2007-06-27 16:08 384512 --a------ C:\WINDOWS\system32\iedkcs32.dll 2007-06-27 16:08 383488 --a------ C:\WINDOWS\system32\ieapfltr.dll 2007-06-27 16:08 230400 --a------ C:\WINDOWS\system32\ieaksie.dll 2007-06-27 16:08 153088 --a------ C:\WINDOWS\system32\ieakeng.dll 2007-06-27 16:08 124928 --a------ C:\WINDOWS\system32\advpack.dll 2007-06-27 10:27 63488 --a------ C:\WINDOWS\system32\ie4uinit.exe 2007-06-27 10:27 13824 --a------ C:\WINDOWS\system32\ieudinit.exe 2007-06-27 09:00 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2007-06-26 08:10 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] “ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” “swg”=“C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” @="" “MSMSGS”="“C:\Program Files\Messenger\msmsgs.exe” /background" “BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”="“C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe”" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] “SoundMan”=“SOUNDMAN.EXE” “NvCplDaemon”=“RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup” “nwiz”=“nwiz.exe /install” “NvMediaCenter”=“RunDLL32.exe NvMCTray.dll,NvTaskbarInit” “LXCCCATS”=“rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16” “lxccmon.exe”="“C:\Program Files\Lexmark 3300 Series\lxccmon.exe”" “SunJavaUpdateSched”="“C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe”" “FaxCenterServer”="“C:\Program Files\Lexmark Fax Solutions\fm3032.exe” /s" “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” “AVP”="“C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe”" “RemoteControl”="“C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe”" “Adobe Reader Speed Launcher”="“C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] “Installed”=“1” @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] “NoChange”=“1” “Installed”=“1” @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] “Installed”=“1” @="" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] “DeskHtmlVersion”=dword:00000110 “DeskHtmlMinorVersion”=dword:00000005 “Settings”=dword:00000001 “GeneralFlags”=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] “Source”=“About:Home” “SubscribedURL”=“About:Home” “FriendlyName”=“Moja bieżšca strona główna” “Flags”=dword:00000002 “Position”=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 “CurrentState”=hex:04,00,00,40 “OriginalStateInfo”=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 “RestoredStateInfo”=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] “{438755C2-A8BA-11D1-B96B-00A0C90312E1}”=“Moduł wstępnego ładowania interfejsu Browseui” “{8C7461EF-2B13-11d2-BE35-3078302C2030}”=“Demon buforu kategorii składników” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] “{AEB6717E-7E19-11d0-97EE-00C04FD91972}”="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] “NoDriveTypeAutoRun”=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “dontdisplaylastusername”=dword:00000000 “legalnoticecaption”="" “legalnoticetext”="" “shutdownwithoutlogon”=dword:00000001 “undockwithoutlogon”=dword:00000001 [HKEY_USERS.default\software\microsoft\windows\currentversion\policies\explorer] “NoDriveTypeAutoRun”=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] “NoDriveTypeAutoRun”=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] “PostBootReminder”="{7849596a-48ea-486e-8937-a2a3009f31a9}" “CDBurn”="{fbeb8a05-beee-4442-804e-409d6c4515e9}" “WebCheck”="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" “SysTray”="{35CEC8A3-2BE6-11D2-8773-92E220524153}" “WPDShServiceObj”="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] “Gadu-Gadu”="“C:\Program Files\Gadu-Gadu\gg.exe” /tray" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“ccApp” “hkey”=“HKLM” “command”="“c:\Program Files\Common Files\Symantec Shared\ccApp.exe”" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“gg” “hkey”=“HKCU” “command”="“C:\Program Files\Gadu-Gadu\gg.exe” /tray" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“msmsgs” “hkey”=“HKCU” “command”="“C:\Program Files\Messenger\msmsgs.exe” /background" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“NeroCheck” “hkey”=“HKLM” “command”=“C:\WINDOWS\system32\NeroCheck.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“Skype” “hkey”=“HKCU” “command”="“C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“GoogleToolbarNotifier” “hkey”=“HKCU” “command”=“C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] “SecurityProviders”=“msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll” Completion time: 07-09-14 16:39:02.56 C:\ComboFix.txt … 07-09-14 16:39 C:\ComboFix2.txt … 07-09-12 16:48 C:\ComboFix3.txt … 07-09-12 16:44