Anonim / 8 lat, 8 miesięcy temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
ComboFix 09-07-28.04 - Adrian 2009-07-29 15:23.1.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.3326.2723 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Adrian\Pulpit\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Outdated) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Security Suite Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.

(((((((((((((((((((((((((   Pliki utworzone od 2009-06-28 do 2009-07-29  )))))))))))))))))))))))))))))))
.

2009-07-29 12:56 . 2009-07-29 13:10	--------	d-----w-	c:\program files\SkanerOnline
2009-07-29 09:45 . 2009-07-29 09:45	129536	----a-w-	c:\windows\inout2.dll
2009-07-28 17:38 . 2005-10-21 01:47	12800	------w-	c:\windows\system32\drivers\usb8023x.sys
2009-07-28 17:38 . 2005-10-21 01:47	30592	------w-	c:\windows\system32\drivers\rndismpx.sys
2009-07-28 17:38 . 2009-07-28 17:38	--------	d-----w-	c:\program files\Microsoft ActiveSync
2009-07-28 08:30 . 2009-07-28 14:33	--------	d-----w-	c:\documents and settings\Adrian\Dane aplikacji\Skype
2009-07-28 08:01 . 2009-07-28 08:01	--------	d-----w-	c:\program files\Common Files\Skype
2009-07-28 08:01 . 2009-07-29 13:17	--------	d-----r-	c:\program files\Skype
2009-07-28 08:01 . 2009-07-28 08:01	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Skype
2009-07-27 12:42 . 2009-07-27 12:42	--------	d-----w-	c:\documents and settings\Adrian\Ustawienia lokalne\Dane aplikacji\Ahead
2009-07-27 12:32 . 2009-07-27 12:32	--------	d-----w-	c:\program files\Common Files\Nero
2009-07-27 12:32 . 2009-07-27 12:32	--------	d-----w-	c:\program files\Common Files\LightScribe
2009-07-27 12:30 . 2004-07-09 07:43	364544	------w-	c:\windows\system32\TwnLib4.dll
2009-07-27 12:30 . 2000-06-26 09:45	106496	----a-w-	c:\windows\system32\TwnLib20.dll
2009-07-27 12:30 . 2004-07-26 15:16	476320	------w-	c:\windows\system32\ImagXpr7.dll
2009-07-27 12:30 . 2004-07-26 15:16	471040	------w-	c:\windows\system32\ImagXRA7.dll
2009-07-27 12:30 . 2004-07-26 15:16	262144	------w-	c:\windows\system32\ImagXR7.dll
2009-07-27 12:30 . 2004-07-26 15:16	1568768	------w-	c:\windows\system32\ImagX7.dll
2009-07-27 12:30 . 2001-07-09 09:50	155648	----a-w-	c:\windows\system32\NeroCheck.exe
2009-07-27 12:29 . 2009-07-27 12:29	--------	d-----w-	c:\program files\Common Files\Ahead
2009-07-27 12:29 . 2009-07-27 12:31	--------	d-----w-	c:\program files\Ahead
2009-07-26 13:44 . 2001-10-26 16:28	1677824	-c--a-w-	c:\windows\system32\dllcache\chsbrkr.dll
2009-07-26 13:44 . 2001-10-26 16:28	1677824	----a-w-	c:\windows\system32\chsbrkr.dll
2009-07-26 13:44 . 2001-10-26 16:28	838144	-c--a-w-	c:\windows\system32\dllcache\chtbrkr.dll
2009-07-26 13:44 . 2001-10-26 16:28	838144	----a-w-	c:\windows\system32\chtbrkr.dll
2009-07-26 13:44 . 2001-10-26 16:28	70656	-c--a-w-	c:\windows\system32\dllcache\korwbrkr.dll
2009-07-26 13:44 . 2001-10-26 16:28	70656	----a-w-	c:\windows\system32\korwbrkr.dll
2009-07-26 13:44 . 2001-10-26 16:28	98304	-c--a-w-	c:\windows\system32\dllcache\msir3jp.dll
2009-07-26 13:44 . 2001-10-26 16:28	98304	----a-w-	c:\windows\system32\msir3jp.dll
2009-07-26 13:44 . 2001-10-26 16:27	19456	-c--a-w-	c:\windows\system32\dllcache\agt0404.dll
2009-07-26 13:43 . 2001-10-26 16:28	10096640	-c--a-w-	c:\windows\system32\dllcache\hwxcht.dll
2009-07-26 13:43 . 2001-10-26 16:27	19456	-c--a-w-	c:\windows\system32\dllcache\agt0804.dll
2009-07-26 13:43 . 2001-10-26 16:28	14336	-c--a-w-	c:\windows\system32\dllcache\padrs412.dll
2009-07-26 13:43 . 2001-08-17 21:55	6144	-c--a-w-	c:\windows\system32\dllcache\kbd101a.dll
2009-07-26 13:43 . 2001-08-17 21:55	6144	----a-w-	c:\windows\system32\kbd101a.dll
2009-07-26 13:43 . 2001-10-26 16:28	10129408	-c--a-w-	c:\windows\system32\dllcache\hwxkor.dll
2009-07-26 13:43 . 2001-10-26 16:28	36864	-c--a-w-	c:\windows\system32\dllcache\hanjadic.dll
2009-07-26 13:43 . 2001-08-17 20:56	44032	-c--a-w-	c:\windows\system32\dllcache\imekrmig.exe
2009-07-26 13:43 . 2001-08-17 20:56	59904	-c--a-w-	c:\windows\system32\dllcache\imkrinst.exe
2009-07-26 13:43 . 2001-10-26 16:27	19456	-c--a-w-	c:\windows\system32\dllcache\agt0412.dll
2009-07-26 13:41 . 2004-08-03 20:31	198656	-c--a-w-	c:\windows\system32\dllcache\cintime.dll
2009-07-26 13:38 . 2001-08-18 04:36	8704	-c--a-w-	c:\windows\system32\dllcache\kbdjpn.dll
2009-07-26 13:38 . 2001-08-18 04:36	8704	----a-w-	c:\windows\system32\kbdjpn.dll
2009-07-26 13:38 . 2001-08-18 04:36	8192	-c--a-w-	c:\windows\system32\dllcache\kbdkor.dll
2009-07-26 13:38 . 2001-08-18 04:36	8192	----a-w-	c:\windows\system32\kbdkor.dll
2009-07-26 13:38 . 2001-08-17 20:55	6144	-c--a-w-	c:\windows\system32\dllcache\kbd106.dll
2009-07-26 13:38 . 2001-08-17 20:55	6144	-c--a-w-	c:\windows\system32\dllcache\kbd101c.dll
2009-07-26 13:38 . 2001-08-17 20:55	6144	-c--a-w-	c:\windows\system32\dllcache\kbd101b.dll
2009-07-26 13:38 . 2001-08-17 20:55	6144	----a-w-	c:\windows\system32\kbd106.dll
2009-07-26 13:38 . 2001-08-17 20:55	6144	----a-w-	c:\windows\system32\kbd101c.dll
2009-07-26 13:38 . 2001-08-17 20:55	6144	----a-w-	c:\windows\system32\kbd101b.dll
2009-07-26 13:38 . 2001-08-17 20:55	5632	-c--a-w-	c:\windows\system32\dllcache\kbd103.dll
2009-07-26 13:38 . 2001-08-17 20:55	5632	----a-w-	c:\windows\system32\kbd103.dll
2009-07-26 13:29 . 2006-10-26 17:56	32592	----a-w-	c:\windows\system32\msonpmon.dll
2009-07-26 13:29 . 2009-07-26 13:29	--------	d-----w-	c:\program files\Microsoft Works
2009-07-26 13:29 . 2009-07-26 13:29	--------	d-----w-	c:\program files\MSBuild
2009-07-26 13:26 . 2009-07-26 13:28	--------	d-----w-	c:\windows\SHELLNEW
2009-07-26 13:26 . 2009-07-26 13:26	--------	d-----w-	c:\documents and settings\Adrian\Ustawienia lokalne\Dane aplikacji\Microsoft Help
2009-07-26 13:26 . 2009-07-28 14:53	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2009-07-26 13:25 . 2009-07-26 13:25	--------	d--h--r-	C:\MSOCache
2009-07-23 11:29 . 2009-07-23 11:29	28672	----a-r-	c:\documents and settings\Adrian\Dane aplikacji\Microsoft\Installer\{A05BE20E-6510-44BC-95ED-6E6D730407D3}\_CA18F2C35CF8_400D_9D49_6D74AFB2D0CC.exe
2009-07-23 11:29 . 2009-07-23 11:29	--------	d-----w-	c:\program files\Vplayer
2009-07-22 09:07 . 2009-07-29 13:16	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\stamina
2009-07-21 08:34 . 2009-07-21 08:34	3156992	--sh--w-	c:\documents and settings\Adrian\Moje dokumentyTrX69l_save2pc.exe
2009-07-21 08:32 . 2009-07-21 08:32	--------	d-----w-	c:\program files\Xvid
2009-07-19 23:07 . 2004-08-03 21:08	26496	-c--a-w-	c:\windows\system32\dllcache\usbstor.sys
2009-07-19 12:41 . 2009-07-19 12:41	--------	d-----w-	c:\documents and settings\Adrian\Ustawienia lokalne\Dane aplikacji\Help
2009-07-19 12:36 . 2009-07-21 12:39	--------	d-----w-	c:\documents and settings\Adrian\Dane aplikacji\Hamachi
2009-07-19 12:36 . 2009-07-19 12:36	25280	----a-w-	c:\windows\system32\drivers\hamachi.sys
2009-07-18 09:08 . 2009-07-18 09:08	--------	d-----w-	c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
2009-07-18 08:41 . 2008-09-16 19:23	168448	----a-w-	c:\windows\system32\unrar.dll
2009-07-18 08:41 . 2004-01-25 16:18	217088	----a-w-	c:\windows\system32\yv12vfw.dll
2009-07-18 08:41 . 2008-12-11 00:33	86016	----a-w-	c:\windows\system32\dpl100.dll
2009-07-18 08:41 . 2008-12-04 19:46	180224	----a-w-	c:\windows\system32\xvidvfw.dll
2009-07-18 08:41 . 2008-12-04 19:42	815104	----a-w-	c:\windows\system32\xvidcore.dll
2009-07-18 08:41 . 2008-11-06 16:37	3596288	----a-w-	c:\windows\system32\qt-dx331.dll
2009-07-18 08:41 . 2008-11-06 16:33	684032	----a-w-	c:\windows\system32\divx.dll
2009-07-18 08:41 . 2009-02-09 18:56	67584	----a-w-	c:\windows\system32\ff_vfw.dll
2009-07-18 08:41 . 2009-07-18 08:42	--------	d-----w-	c:\program files\K-Lite Codec Pack
2009-07-18 08:38 . 2003-03-19 03:14	499712	----a-w-	c:\windows\system32\msvcp71.dll
2009-07-18 08:38 . 2009-07-18 08:38	--------	d-----w-	c:\program files\Real Alternative
2009-07-18 08:38 . 2009-07-18 08:38	--------	d-----w-	c:\documents and settings\Adrian\Ustawienia lokalne\Dane aplikacji\Real
2009-07-18 08:35 . 2009-07-18 08:35	--------	d-----w-	c:\documents and settings\Adrian\Dane aplikacji\Media Player Classic
2009-07-17 18:21 . 2009-07-17 18:21	--------	d-----w-	c:\documents and settings\Adrian\Dane aplikacji\MailFrontier
2009-07-17 17:49 . 2009-07-17 17:49	--------	d-----w-	c:\program files\IrfanView
2009-07-17 17:19 . 2009-07-29 13:25	18468384	--sha-w-	c:\windows\system32\drivers\fidbox.dat
2009-07-17 17:06 . 2009-07-17 17:06	--------	d-----w-	c:\program files\ESET
2009-07-17 16:45 . 2009-07-17 16:45	--------	d-----w-	c:\program files\Zone Labs
2009-07-17 15:56 . 2009-07-17 15:56	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Tlen.pl
2009-07-17 08:35 . 2009-07-17 08:35	60416	----a-w-	c:\windows\ALCFDRTM.EXE
2009-07-17 08:35 . 2009-07-17 08:35	--------	d-----w-	c:\windows\system32\Lang
2009-07-17 08:20 . 2009-07-17 08:20	--------	d-----w-	c:\documents and settings\Adrian\Dane aplikacji\ESET
2009-07-17 08:18 . 2009-07-17 08:18	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\ESET
2009-07-16 23:48 . 2009-07-16 23:48	--------	d-----w-	c:\documents and settings\Adrian\Dane aplikacji\Gadu-Gadu
2009-07-16 22:17 . 2009-07-17 15:09	--------	d-----w-	c:\program files\PokerStars
2009-07-16 21:27 . 2009-07-16 21:28	--------	d-----w-	c:\documents and settings\Adrian\Dane aplikacji\Ventrilo
2009-07-16 20:32 . 2009-07-16 20:32	--------	d-----w-	c:\program files\Ventrilo
2009-07-16 20:32 . 2009-07-16 20:32	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2009-07-16 20:24 . 2009-07-29 12:47	--------	d-----w-	c:\windows\Internet Logs
2009-07-16 20:19 . 2009-07-18 16:21	--------	d-----w-	c:\documents and settings\Adrian\Gadu-Gadu
2009-07-16 20:19 . 2009-07-29 07:31	--------	d-----w-	c:\program files\Gadu-Gadu
2009-07-16 20:16 . 2009-07-16 20:16	0	----a-w-	c:\windows\nsreg.dat
2009-07-16 20:16 . 2009-07-16 20:16	--------	d-----w-	c:\documents and settings\Adrian\Ustawienia lokalne\Dane aplikacji\Mozilla

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-28 23:38 . 2009-07-17 17:19	200900	--sha-w-	c:\windows\system32\drivers\fidbox.idx
2009-07-28 17:52 . 2001-10-26 15:15	49492	----a-w-	c:\windows\system32\perfc015.dat
2009-07-28 17:52 . 2001-10-26 15:15	355486	----a-w-	c:\windows\system32\perfh015.dat
2009-07-28 07:30 . 2009-07-16 16:43	77752	----a-w-	c:\documents and settings\Adrian\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-07-26 13:18 . 2009-07-26 13:20	1477120	----a-w-	c:\windows\Internet Logs\xDB3.tmp
2009-07-26 13:18 . 2009-07-26 13:20	3139072	----a-w-	c:\windows\Internet Logs\xDB2.tmp
2009-07-20 08:48 . 2009-07-16 16:44	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-07-18 16:33 . 2009-07-16 16:36	86327	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-17 21:16 . 2009-07-17 17:16	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\MailFrontier
2009-07-17 21:14 . 2009-07-17 21:16	1380864	----a-w-	c:\windows\Internet Logs\xDB1.tmp
2009-07-17 17:29 . 2009-07-17 17:16	4212	---h--w-	c:\windows\system32\zllictbl.dat
2009-07-16 20:49 . 2009-07-16 20:46	--------	d-----w-	c:\documents and settings\Adrian\Dane aplikacji\Winamp
2009-07-16 20:48 . 2009-07-16 20:46	--------	d-----w-	c:\program files\Winamp
2009-07-16 17:08 . 2009-07-16 17:08	--------	d-----w-	c:\documents and settings\Adrian\Dane aplikacji\Tibia
2009-07-16 17:08 . 2009-07-16 17:07	--------	d-----w-	c:\program files\Tibia
2009-07-16 16:53 . 2009-07-16 16:53	33	----a-w-	c:\windows\system32\drivers\adidsl.cfg
2009-07-16 16:53 . 2009-07-16 16:53	--------	d-----w-	c:\program files\SAGEM
2009-07-16 16:53 . 2009-07-16 16:53	--------	d-----w-	c:\documents and settings\Adrian\Dane aplikacji\InstallShield
2009-07-16 16:44 . 2009-07-16 16:44	--------	d-----w-	c:\program files\Realtek AC97
2009-07-16 16:43 . 2009-07-16 16:43	--------	d-----w-	c:\program files\Common Files\InstallShield
2009-07-16 16:37 . 2009-07-16 16:37	--------	d-----w-	c:\program files\microsoft frontpage
2009-07-16 16:36 . 2009-07-16 16:36	--------	d-----w-	c:\program files\Usługi online
2009-07-16 16:34 . 2009-07-16 16:34	21856	----a-w-	c:\windows\system32\emptyregdb.dat
2009-07-18 07:20 . 2009-07-16 20:16	137208	----a-w-	c:\program files\mozilla firefox\components\brwsrcmp.dll
.

------- Sigcheck -------

[-] 2007-11-26 19:47	1548288	89878732D5EB0C845AD2356081142F2A	c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2007-04-17 2113536]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-12 8429568]
"SW20"="c:\windows\system32\sw20.exe" [2006-12-15 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-12-15 69632]
"WinSys2"="c:\windows\system32\winsys2.exe" [2006-12-15 217088]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"MSConfig"="c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-03 159744]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2006-11-16 577536]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-04-12 1626112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-7-16 1205840]

[HKLM\~\startupfolder\C:^Documents and Settings^Adrian^Menu Start^Programy^Autostart^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk]
path=c:\documents and settings\Adrian\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
backup=c:\windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Adrian^Menu Start^Programy^Autostart^WinCE3.exe]
path=c:\documents and settings\Adrian\Menu Start\Programy\Autostart\WinCE3.exe
backup=c:\windows\pss\WinCE3.exeStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-02-06 93336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-07-16 104344]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-07-16 69656]

--- Inne Usługi/Sterowniki w Pamięci ---

*NewlyCreated* - APPMGMT
.
.
------- Skan uzupełniający -------
.
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Adrian\Dane aplikacji\Mozilla\Firefox\Profiles\kbvsh8pr.default\
FF - prefs.js: browser.search.selectedEngine - Allegro
FF - prefs.js: browser.startup.homepage - google.pl

---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota",      5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history",     true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords",   false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads",   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies",     true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache",       true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history",                 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords",               false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads",               true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies",                 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache",                   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps",             false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings",            false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs",    false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-29 15:25
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...  

skanowanie ukrytych wpisów autostartu ... 

skanowanie ukrytych plików ...  

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
Czas ukończenia: 2009-07-29 15:26
ComboFix-quarantined-files.txt  2009-07-29 13:26

Przed: 12 397 035 520 bajtów wolnych
Po: 12 847 067 136 bajtów wolnych

267