ComboFix 07-06-13.7 - C:\Documents and Settings\oem\Pulpit\ComboFix.exe “oem” - 2007-06-18 21:53:30 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\DOCUME~1\oem\MENUST~1\Programy.\MovieBox C:\DOCUME~1\oem\MENUST~1\Programy.\MovieBox\Uninstall.lnk C:\Program Files\MovieBox C:\Program Files\MovieBox\Uninstall.exe ((((((((((((((((((((((((( Files Created from 2007-05-18 to 2007-06-18 ))))))))))))))))))))))))))))))) 2007-06-18 21:53 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-18 18:03 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll 2007-06-18 18:03 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll 2007-06-18 18:03 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2007-06-18 18:03 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll 2007-06-18 18:03 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll 2007-06-18 18:03 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll 2007-06-18 18:03 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll 2007-06-18 18:03 2007-06-18 10:44 2007-06-18 10:13 79,904 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-06-18 10:13 5,338,400 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-06-18 10:13 2007-06-18 10:10 2007-06-16 11:13 2007-06-15 17:07 2007-06-15 15:23 32 -ra------ C:\DOCUME~1\ALLUSE~1\hash.dat 2007-06-15 14:53 2007-06-12 22:43 2007-06-12 22:29 2007-06-12 18:37 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL 2007-06-12 18:37 69,632 --a------ C:\WINDOWS\system32\xmltok.dll 2007-06-12 18:37 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll 2007-06-12 18:37 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe 2007-06-12 18:37 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll 2007-06-12 18:37 2007-06-12 07:48 2007-06-10 20:05 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2007-06-10 20:05 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2007-06-10 20:05 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2007-06-08 17:52 86,016 --a------ C:\WINDOWS\system32\OpenAL32.dll 2007-06-08 17:52 262,144 --a------ C:\WINDOWS\system32\wrap_oal.dll 2007-06-07 21:28 40,866 --a------ C:\WINDOWS\SICALIB2.DAT 2007-06-07 21:20 2007-06-07 21:17 20,976 --a------ C:\WINDOWS\CTL3D.DLL 2007-06-07 21:17 2007-06-07 21:16 26,768 --a------ C:\WINDOWS\system\CTL3D.DLL 2007-06-07 21:16 248,176 --a------ C:\WINDOWS\UNINST16.EXE 2007-06-07 21:15 96,256 --a------ C:\WINDOWS\system32\Csp2osu.dll 2007-06-07 21:15 63,488 --a------ C:\WINDOWS\ScFBPPM2.DLL 2007-06-07 21:15 384,512 --------- C:\WINDOWS\system32\MFCO40.DLL 2007-06-07 21:15 271,872 --a------ C:\WINDOWS\system32\Ucs32p.dll 2007-06-07 21:15 16,896 --a------ C:\WINDOWS\system32\Csp2utl.dll 2007-06-07 21:15 16,384 --a------ C:\WINDOWS\Photo Express 2 SE.scr 2007-06-07 21:15 15,488 --a------ C:\WINDOWS\system32\drivers\ScFBPNT2.sys 2007-06-07 21:15 133,120 --a------ C:\WINDOWS\Sifbp2.dll 2007-06-07 21:15 2007-06-07 21:15 2007-06-07 21:15 2007-06-07 21:14 2007-06-07 10:55 2007-06-07 10:52 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-05-26 19:00 708 --a------ C:\WINDOWS\eReg.dat 2007-05-26 18:59 737,280 --a------ C:\WINDOWS\iun6002.exe 2007-05-26 18:59 2007-05-23 19:56 14 --a------ C:\WINDOWS\system32\systeminfo3.dll 2007-05-23 19:55 81,920 --a------ C:\DOCUME~1\oem\DANEAP~1\ezpinst.exe 2007-05-23 19:55 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys 2007-05-23 19:55 47,360 --a------ C:\DOCUME~1\oem\DANEAP~1\pcouffin.sys 2007-05-23 19:55 2007-05-23 19:55 2007-05-22 17:55 2007-05-22 17:55 2007-05-22 17:46 2007-05-21 19:29 2007-05-19 20:30 2007-05-19 13:41 2007-05-19 13:00 (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-18 17:15:23 -------- d–h--w C:\Program Files\InstallShield Installation Information 2007-06-09 15:50:54 -------- d-----w C:\DOCUME~1\oem\DANEAP~1\BearShare 2007-06-09 15:48:19 -------- d-----w C:\DOCUME~1\oem\DANEAP~1\uTorrent 2007-06-09 15:41:22 -------- d-----w C:\Program Files\uTorrent 2007-06-08 17:20:43 -------- d-----w C:\Program Files\GameSpy Arcade 2007-05-31 13:41:00 -------- d-----w C:\Program Files\Save 2007-05-31 13:36:56 -------- d-----w C:\Program Files\DAEMON Tools SearchBar 2007-05-25 12:17:56 -------- d-----w C:\Program Files\DarkSwords 2007-05-19 12:03:35 -------- d-----w C:\Program Files\AGEIA Technologies 2007-05-19 12:03:15 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-05-19 11:29:45 -------- d-----w C:\Program Files\IceBreaker 2007-05-17 12:16:43 -------- d-----w C:\Program Files\VS Online 2007-05-16 15:18:58 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-05-15 18:30:26 -------- d-----w C:\Program Files\Tibia 2007-05-13 07:59:51 -------- d-----w C:\Program Files\Monsters 2007-05-13 07:47:04 -------- d-----w C:\Program Files\Amaya 2007-05-13 07:46:22 335 ----a-w C:\WINDOWS\nsreg.dat 2007-05-13 07:46:15 8,307 ----a-w C:\WINDOWS\mozver.dat 2007-05-13 07:46:15 118,784 ----a-w C:\WINDOWS\SeaMonkeyUninstall.exe 2007-05-13 07:46:08 118,784 ----a-w C:\WINDOWS\GREUninstall.exe 2007-05-13 07:46:05 -------- d-----w C:\Program Files\Common Files\mozilla.org 2007-05-13 07:46:00 -------- d-----w C:\Program Files\mozilla.org 2007-05-12 16:32:32 -------- d-----w C:\Program Files\Webzen 2007-05-11 21:57:31 -------- d-----w C:\Program Files\Neophyte 2007-05-11 21:53:29 50,176 ----a-w C:\WINDOWS\uninstyler.exe 2007-05-08 17:29:11 -------- d-----w C:\Program Files\Windows Media Connect 2 2007-05-08 04:56:19 0 ----a-r C:\logwmemory.bin 2007-05-07 20:21:15 49,985 ----a-w C:\Uninstal.exe 2007-05-07 20:21:07 -------- d-----w C:\Program Files\Eagle3D 2007-05-07 13:31:03 -------- d-----w C:\Program Files\GEOM v1.4 2007-05-07 12:16:57 -------- d–h--r C:\DOCUME~1\oem\DANEAP~1\SecuROM 2007-05-07 12:16:56 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-05-06 21:07:10 -------- d-----w C:\DOCUME~1\oem\DANEAP~1\Hamachi 2007-05-06 17:13:59 -------- d-----w C:\Program Files\Bongfish 2007-05-06 16:33:49 -------- d-----w C:\Program Files\Virgin Interactive Entertainment 2007-05-06 15:53:23 -------- d-----w C:\Program Files\K-Lite Codec Pack 2007-05-06 11:49:51 -------- d-----w C:\DOCUME~1\oem\DANEAP~1\InstallShield 2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AvastSS.scr 2007-04-28 12:33:34 -------- d-----w C:\Program Files\TerraWars Demo 2007-04-28 09:40:06 -------- d-----w C:\Program Files\Another Day 2007-04-28 08:36:13 -------- d-----w C:\Program Files\Common Files\InstallShield 2007-04-27 10:50:26 49,712 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-04-27 10:50:26 355,830 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-04-26 21:26:03 -------- d-----w C:\Program Files\Messenger 2007-04-25 19:03:10 -------- d-----w C:\Program Files\Frater 2007-04-25 18:58:36 -------- d-----w C:\Program Files\SOCCERnPOOL 2007-04-25 17:49:18 4,096 ----a-w C:\WINDOWS\d3dx.dat 2007-04-25 16:27:14 -------- d-----w C:\Program Files\Common Files\L&H 2007-04-25 16:27:07 -------- d-----w C:\Program Files\Microsoft.NET 2007-04-25 16:26:59 -------- d-----w C:\Program Files\Microsoft ActiveSync 2007-04-25 16:26:29 -------- d-----w C:\Program Files\Microsoft Works 2007-04-25 14:23:30 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-24 18:18:59 23 ----a-w C:\WINDOWS\clofghls.dll 2007-04-24 12:12:00 -------- d-----w C:\Program Files\Hamachi 2007-04-24 12:11:49 26,056 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys 2007-04-23 18:42:56 -------- d-----w C:\Program Files\Neostrada TP 2007-04-23 15:14:06 -------- d-----w C:\Program Files\SAGEM WiFi manager 2007-04-23 14:11:49 -------- d-----w C:\Program Files\SAGEM 2007-04-21 09:02:44 -------- d-----w C:\Program Files\InnerBrain 2007-04-21 09:01:50 -------- d-----w C:\Program Files\MOfSound 2007-04-21 06:22:50 -------- d-----w C:\DOCUME~1\oem\DANEAP~1\Media Player Classic 2007-04-21 06:20:33 271,360 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys 2007-04-21 06:07:01 -------- d-----w C:\Program Files\BearShare applications 2007-04-20 13:56:11 406,418 ----a-w C:\WINDOWS\Mario_Forever_Toolbar_Uninstaller_1984.exe 2007-04-20 13:56:11 -------- d-----w C:\Program Files\Mario Forever Toolbar 2007-04-20 13:56:07 -------- d-----w C:\Program Files\Mario Forever 2007-04-20 13:24:57 -------- d-----w C:\Program Files\ScreenMates 2007-04-19 17:15:51 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-04-19 17:00:28 -------- d-----w C:\DOCUME~1\oem\DANEAP~1\Gadu-Gadu 2007-04-19 16:54:21 -------- d-----w C:\Program Files\Common Files\EasyInfo 2007-04-19 16:28:44 -------- d-----w C:\DOCUME~1\oem\DANEAP~1\WhenU 2007-04-19 16:28:42 -------- d-----w C:\Program Files\Common Files\WhenU 2007-04-19 16:24:08 682,232 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-04-19 16:02:06 -------- d-----w C:\Program Files\Gadu-Gadu 2007-04-19 15:58:06 -------- d-----w C:\DOCUME~1\oem\DANEAP~1\Help 2007-04-18 16:14:32 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-18 16:09:10 -------- d-----w C:\DOCUME~1\oem\DANEAP~1\Google 2007-04-18 14:01:15 -------- d-----w C:\Program Files\Google 2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-04-14 12:48:30 135,168 ----a-w C:\WINDOWS\system32\UAService7.exe 2007-04-14 11:58:11 967 ----a-w C:\WINDOWS\ScUnin.pif 2007-04-14 11:58:11 94,208 ----a-w C:\WINDOWS\ScUnin.exe 2007-04-14 11:58:11 27,997 ----a-w C:\WINDOWS\scunin.dat 2007-04-13 09:39:51 0 --sha-r C:\MSDOS.SYS 2007-04-13 09:39:51 0 --sha-r C:\IO.SYS 2007-04-13 09:39:51 0 ----a-w C:\CONFIG.SYS 2007-04-13 09:39:51 0 ----a-w C:\AUTOEXEC.BAT ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] {8036D4D7-AAD3-4793-AB49-329E437155A8}=C:\Program Files\Mario Forever Toolbar\v2.0.0.4\Mario_Forever_Toolbar.dll [2007-04-20 15:56] {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar1.dll [2007-01-19 23:55] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-06-18 21:33] {BA2325ED-F9EB-4830-8FCE-0BC35B16969B}=C:\Program Files\DAEMON Tools SearchBar\search.dll [2006-08-17 17:30] {DBE5BEE8-F032-11DB-826A-C4BB56D89593}=C:\Program Files\ContraVirus\secieaddin.dll [2007-04-21 20:52] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “nwiz”=“nwiz.exe” [2006-08-16 09:35 C:\WINDOWS\system32\nwiz.exe] “SoundMAXPnP”=“C:\Program Files\Analog Devices\Core\smax4pnp.exe” [2006-05-01 12:07] “SoundMAX”=“C:\Program Files\Analog Devices\SoundMAX\Smax4.exe” [2006-04-10 09:19] “avgnt”=“C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” [] “RemoteControl”=“C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” [2004-11-02 20:24] “autoclk”=“autoclk.exe” [] “adiras”=“adiras.exe” [] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 17:42] “ISUSPM Startup”=“C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe” [2004-04-17 12:41] “ISUSScheduler”=“C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” [2004-04-13 06:07] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe” [2007-03-14 03:43] “BearShare”=“D:\BearShare\BearShare.exe” [2006-07-26 13:48] “PE2CKFNT SE”=“C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe” [1998-07-03 12:51] “Adobe Reader Speed Launcher”=“C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2007-05-11 03:06] “ContraVirus”=“C:\Program Files\ContraVirus\ContraVirusPro.exe” [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2006-03-02 14:00] “swg”=“C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-06-18 21:33] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-04-17 23:41] “DAEMON Tools”=“D:\DAEMON Tools\daemon.exe” [2007-04-04 00:29] “MoSBouncer”=“C:\Program Files\ScreenMates\HildaTurkey.exe” [1999-09-19 22:58] “SeaMonkey Quick Launch”=“C:\Program Files\mozilla.org\SeaMonkey\SeaMonkey.exe” [2007-02-22 08:29] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] “System”=“lsass.exe” [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{020564f4-e9a6-11db-98ed-806d6172696f}] AutoRun\command- E:\cda_menu.exe install\command- E:\Setup.exe *Newly Created Service* - AVP *Newly Created Service* - KLIF ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-18 21:55:24 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-18 21:55:41 C:\ComboFix-quarantined-files.txt … 2007-06-18 21:55 — E O F —