logi

[tomasz912]

witam czy może mi ktoś sprawdzic logi

Kod: Zaznacz cały

ComboFix 09-07-14.08 - Tomasz 2009-07-16 21:19.2.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.1278.854 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Tomasz\Moje dokumenty\Pobieranie\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

(((((((((((((((((((((((((   Pliki utworzone od 2009-06-16 do 2009-07-16  )))))))))))))))))))))))))))))))
.

2009-07-16 19:12 . 2009-07-16 19:12	--------	d--h--w-	c:\windows\system32\GroupPolicy
2009-07-16 18:42 . 2009-07-16 18:42	96966	----a-w-	c:\windows\system32\drivers\klin.dat
2009-07-16 18:42 . 2009-07-16 18:42	88774	----a-w-	c:\windows\system32\drivers\klick.dat
2009-07-16 18:41 . 2009-07-16 19:01	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab
2009-07-16 18:41 . 2009-07-16 18:43	8224	--sha-w-	c:\windows\system32\drivers\fidbox2.dat
2009-07-16 18:41 . 2009-07-16 18:43	32	--sha-w-	c:\windows\system32\drivers\fidbox.dat
2009-07-16 18:41 . 2009-07-16 18:41	--------	d-----w-	c:\program files\Kaspersky Lab
2009-07-16 18:39 . 2009-07-16 18:39	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2009-07-16 18:38 . 2009-07-16 18:38	716	----a-w-	c:\windows\unins000.dat
2009-07-16 17:28 . 2004-08-03 22:44	25600	----a-w-	c:\documents and settings\LocalService\Dane aplikacji\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-07-16 17:07 . 2009-07-16 17:07	--------	d--h--w-	c:\windows\$hf_mig$
2009-07-16 16:58 . 2009-07-16 16:58	--------	d-----w-	c:\program files\InCode Solutions
2009-07-16 16:53 . 2009-07-16 16:53	--------	d-----w-	c:\program files\IObit
2009-07-16 16:44 . 2009-07-16 16:44	--------	d-----w-	c:\windows\Sun
2009-07-16 16:42 . 2009-07-16 16:42	410984	----a-w-	c:\windows\system32\deploytk.dll
2009-07-16 16:42 . 2009-07-16 16:42	--------	d-----w-	c:\program files\Java
2009-07-16 16:42 . 2009-07-16 16:42	152576	----a-w-	c:\documents and settings\Tomasz\Dane aplikacji\Sun\Java\jre1.6.0_14\lzma.dll
2009-07-16 16:34 . 2009-07-16 16:35	--------	d-----w-	c:\documents and settings\Tomasz\Gadu-Gadu
2009-07-16 16:33 . 2009-07-16 16:33	0	----a-w-	c:\windows\nsreg.dat
2009-07-16 16:33 . 2009-07-16 16:33	--------	d-----w-	c:\documents and settings\Tomasz\Ustawienia lokalne\Dane aplikacji\Mozilla
2009-07-16 16:07 . 2001-08-17 21:59	3072	----a-w-	c:\windows\system32\drivers\audstub.sys
2009-07-16 16:06 . 2004-08-04 00:35	58624	----a-w-	c:\windows\system32\drivers\redbook.sys
2009-07-16 16:06 . 2004-08-03 23:07	44672	----a-w-	c:\windows\system32\drivers\UAGP35.SYS
2009-07-16 16:05 . 2004-08-04 00:44	77312	----a-w-	c:\windows\system32\usbui.dll
2009-07-16 16:05 . 2004-08-03 22:31	20992	----a-w-	c:\windows\system32\drivers\RTL8139.sys
2009-07-16 16:03 . 2001-08-18 00:55	7168	-c--a-w-	c:\windows\system32\dllcache\kbdcz.dll
2009-07-16 16:01 . 2009-07-16 19:21	--------	d-----w-	c:\windows\system32\CatRoot2
2009-07-16 16:01 . 2009-07-16 18:25	--------	d-----w-	c:\windows\system32\CatRoot
2009-07-16 16:01 . 2009-07-16 18:41	--------	d--h--r-	c:\documents and settings\All Users\Dane aplikacji
2009-07-16 16:01 . 2009-07-16 16:03	--------	d--h--r-	c:\documents and settings\Default User\Dane aplikacji
2009-07-16 16:01 . 2009-07-16 18:09	--------	d--h--w-	c:\documents and settings\Default User
2009-07-16 16:01 . 2009-07-16 14:20	--------	d-----w-	C:\Documents and Settings
2009-07-16 16:01 . 2009-07-16 14:13	--------	d-----w-	c:\documents and settings\All Users

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-16 18:43 . 2009-07-16 18:41	32	--sha-w-	c:\windows\system32\drivers\fidbox.idx
2009-07-16 18:43 . 2009-07-16 18:41	1108	--sha-w-	c:\windows\system32\drivers\fidbox2.idx
2009-07-16 14:46 . 2009-07-16 14:46	33	----a-w-	c:\windows\system32\drivers\adidsl.cfg
2009-07-16 14:46 . 2009-07-16 14:27	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-07-16 14:46 . 2009-07-16 14:46	--------	d-----w-	c:\program files\SAGEM
2009-07-16 14:45 . 2009-07-16 14:45	--------	d-----w-	c:\documents and settings\Tomasz\Dane aplikacji\InstallShield
2009-07-16 14:42 . 2009-07-16 14:42	--------	d-----w-	c:\program files\Alwil Software
2009-07-16 14:37 . 2009-07-16 14:37	--------	d-----w-	c:\documents and settings\Tomasz\Dane aplikacji\ATI
2009-07-16 14:37 . 2009-07-16 14:37	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\ATI
2009-07-16 14:36 . 2009-07-16 14:36	0	----a-w-	c:\windows\ativpsrm.bin
2009-07-16 14:35 . 2009-07-16 14:35	--------	d-----w-	c:\program files\My Company Name
2009-07-16 14:34 . 2009-07-16 14:27	--------	d-----w-	c:\program files\ATI Technologies
2009-07-16 14:31 . 2009-07-16 14:31	9158	----a-r-	c:\documents and settings\Tomasz\Dane aplikacji\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
2009-07-16 14:31 . 2009-07-16 14:31	--------	d-----w-	c:\program files\Common Files\ATI Technologies
2009-07-16 14:31 . 2001-10-26 18:15	74230	----a-w-	c:\windows\system32\perfc015.dat
2009-07-16 14:31 . 2001-10-26 18:15	448004	----a-w-	c:\windows\system32\perfh015.dat
2009-07-16 14:27 . 2009-07-16 14:26	--------	d-----w-	c:\program files\Common Files\InstallShield
2009-07-16 14:26 . 2009-07-16 14:26	12328	----a-w-	c:\documents and settings\Tomasz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-07-16 14:15 . 2009-07-16 14:15	--------	d-----w-	c:\program files\microsoft frontpage
2009-07-16 14:14 . 2009-07-16 14:14	86327	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-16 14:13 . 2009-07-16 14:13	--------	d-----w-	c:\program files\Usługi online
2009-07-16 14:11 . 2009-07-16 14:11	21856	----a-w-	c:\windows\system32\emptyregdb.dat
2009-06-24 17:58 . 2009-07-16 16:33	137208	----a-w-	c:\program files\mozilla firefox\components\brwsrcmp.dll
.

(((((((((((((((((((((((((((((   SnapShot@2009-07-16_18.07.52   )))))))))))))))))))))))))))))))))))))))))
.
+ 2003-02-01 22:00 . 2003-02-01 22:00	87351              c:\windows\unins000.exe
+ 2009-07-16 19:01 . 2009-07-16 19:01	16384              c:\windows\Temp\Perflib_Perfdata_740.dat
+ 2001-07-30 15:40 . 2001-07-30 15:40	24576              c:\windows\system32\msxml3a.dll
+ 2008-04-25 16:21 . 2008-04-25 16:21	26964              c:\windows\system32\drivers\klopp.dat
+ 2008-03-25 18:07 . 2008-03-25 18:07	24592              c:\windows\system32\drivers\klim5.sys
+ 2008-01-29 16:29 . 2008-01-29 16:29	32784              c:\windows\system32\drivers\klbg.sys
+ 2008-04-25 16:22 . 2008-04-25 16:22	206088              c:\windows\system32\klogon.dll
+ 2009-07-16 18:41 . 2009-07-16 18:41	187408              c:\windows\system32\drivers\klif.sys
+ 2008-04-16 12:23 . 2008-04-16 12:23	112144              c:\windows\system32\drivers\kl1.sys
+ 2009-07-16 16:42 . 2009-07-16 16:42	536576              c:\windows\Installer\4f09a.msi
+ 2009-07-16 14:20 . 2009-07-16 14:20	265216              c:\windows\Installer\1d512.msi
+ 2009-07-16 14:34 . 2009-07-16 14:34	737280              c:\windows\Installer\112de.msi
+ 2009-07-16 14:34 . 2009-07-16 14:34	195072              c:\windows\Installer\112d9.msi
+ 2009-07-16 14:34 . 2009-07-16 14:34	248832              c:\windows\Installer\112d4.msi
+ 2009-07-16 14:34 . 2009-07-16 14:34	248832              c:\windows\Installer\112cf.msi
+ 2009-07-16 14:34 . 2009-07-16 14:34	251392              c:\windows\Installer\112ca.msi
+ 2009-07-16 14:34 . 2009-07-16 14:34	251392              c:\windows\Installer\112c5.msi
+ 2009-07-16 14:34 . 2009-07-16 14:34	251392              c:\windows\Installer\112c0.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	251392              c:\windows\Installer\112bb.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	251392              c:\windows\Installer\112b6.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	251392              c:\windows\Installer\112b1.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	251392              c:\windows\Installer\112ac.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	251392              c:\windows\Installer\112a7.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	248320              c:\windows\Installer\112a2.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	248832              c:\windows\Installer\1129d.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	248832              c:\windows\Installer\11298.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	251392              c:\windows\Installer\11293.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	249344              c:\windows\Installer\1128e.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	251392              c:\windows\Installer\11289.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	249344              c:\windows\Installer\11284.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	252416              c:\windows\Installer\1127f.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	251904              c:\windows\Installer\1127a.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	249344              c:\windows\Installer\11275.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	251904              c:\windows\Installer\11270.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	251392              c:\windows\Installer\1126b.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	268800              c:\windows\Installer\11266.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	268800              c:\windows\Installer\11261.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	267776              c:\windows\Installer\1125c.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	267776              c:\windows\Installer\11257.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	267776              c:\windows\Installer\11252.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	268800              c:\windows\Installer\1124d.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	268800              c:\windows\Installer\11248.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	267776              c:\windows\Installer\11243.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	267776              c:\windows\Installer\1123e.msi
+ 2009-07-16 14:33 . 2009-07-16 14:33	267776              c:\windows\Installer\11239.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	186880              c:\windows\Installer\11234.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	186880              c:\windows\Installer\1122f.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	264704              c:\windows\Installer\1122a.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	264704              c:\windows\Installer\11225.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	187392              c:\windows\Installer\11220.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	263680              c:\windows\Installer\1121b.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	265728              c:\windows\Installer\11216.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	264704              c:\windows\Installer\11211.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	265728              c:\windows\Installer\1120c.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	264704              c:\windows\Installer\11207.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	264704              c:\windows\Installer\11202.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	211456              c:\windows\Installer\111fd.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	180224              c:\windows\Installer\111f8.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	286208              c:\windows\Installer\111f3.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	181760              c:\windows\Installer\111ee.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	268288              c:\windows\Installer\111e9.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	318464              c:\windows\Installer\111e4.msi
+ 2009-07-16 14:32 . 2009-07-16 14:32	258048              c:\windows\Installer\111df.msi
+ 2009-07-16 14:31 . 2009-07-16 14:31	774144              c:\windows\Installer\111da.msi
+ 2004-07-17 09:35 . 2004-07-17 09:35	1356288              c:\windows\system32\webfldrs.msi
+ 2009-07-16 18:42 . 2009-07-16 18:42	2623488              c:\windows\Installer\1f679f.msi
+ 2009-07-16 14:35 . 2009-07-16 14:35	7336960              c:\windows\Installer\112ec.msi
+ 2009-07-16 14:35 . 2009-07-16 14:35	3650048              c:\windows\Installer\112e6.msi
+ 2009-07-16 14:29 . 2009-07-16 14:29	2109440              c:\windows\Installer\111d5.msi
+ 2005-09-23 05:48 . 2005-09-23 05:48	24863744              c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\netfx.msi
.
-- Migawka wyzerowana --
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 172032]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-16 148888]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-04-15 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-7-16 1205840]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[color=RED] Klucz Trybu Awaryjnego wymaga naprawy. Komputer nie może wejść w Tryb Awaryjny. [/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\WINDOWS\\system32\\CF30061.exe"=
"c:\\DOCUME~1\\Tomasz\\USTAWI~1\\Temp\\yhfrxu.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\nrgmn.sys --> c:\windows\system32\drivers\nrgmn.sys [?]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-07-16 104344]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-03-25 24592]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-07-16 69656]

--- Inne Usługi/Sterowniki w Pamięci ---

*NewlyCreated* - KL1
*NewlyCreated* - KLBG
.
.
------- Skan uzupełniający -------
.
TCP: {3706DE33-B1DD-4629-995D-67CAFF8594F4} = 213.241.79.37 83.238.255.76
FF - ProfilePath - c:\documents and settings\Tomasz\Dane aplikacji\Mozilla\Firefox\Profiles\9diehdl9.default\

---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota",      5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history",     true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords",   false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads",   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies",     true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache",       true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history",                 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords",               false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads",               true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies",                 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache",                   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps",             false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings",            false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs",    false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-16 21:22
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...  

skanowanie ukrytych wpisów autostartu ... 

skanowanie ukrytych plików ...  

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(792)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\klogon.dll
.
Czas ukończenia: 2009-07-16 21:23
ComboFix-quarantined-files.txt  2009-07-16 19:23
ComboFix2.txt  2009-07-16 18:09

Przed: 77 254 184 960 bajtów wolnych
Po: 77 265 072 128 bajtów wolnych

282

[Jo_gurt]

tomasz912, ale coś się dzieje konkretnego czy tak dla sportu?

[KrissTofferr]

"c:\\WINDOWS\\system32\\CF30061.exe"=
"c:\\DOCUME~1\\Tomasz\\USTAWI~1\\Temp\\yhfrxu.exe"=

Jeśli te pliki jeszcze istnieją na dysku to wyslij je do przeskanowania na http://www.virustotal.com/

2009-07-16 18:42 . 2009-07-16 18:42 96966 ----a-w- c:\windows\system32\drivers\klin.dat
2009-07-16 18:42 . 2009-07-16 18:42 88774 ----a-w- c:\windows\system32\drivers\klick.dat

Też do przeskanowania.

[tomasz912]

tak dzieje sie <font color="#FF00FF"><b>»»nie mogę««</b></font> zainstalowac antywirusa i uruchomi komputera awaryjnie

[artureal]

Niech zgadnę: miałeś zainstalowany poprzednio jakiś inny program antywirusowy? Odinstalowałeś go poprawnie przed instalacją następnego? One się z reguły gryzą