ComboFix 11-08-31.04 - Użytkownik 2011-09-01   0:18:46.1.1 - x86 MINIMAL
Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.511.352 [GMT 2:00]
Uruchomiony z: d:\Documents and Settings\Użytkownik\Moje dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!


(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\All Users\csrs.exe
C:\Documents and Settings\All Users\Dane aplikacji\ScanQuery
C:\Documents and Settings\All Users\Dane aplikacji\TorrentEasy\fdmbtsupp.dll
C:\Documents and Settings\All Users\Dane aplikacji\xmlCF.tmp
C:\Documents and Settings\All Users\Dane aplikacji\xmlD0.tmp
C:\Documents and Settings\All Users\Dane aplikacji\xmlD1.tmp
C:\Documents and Settings\All Users\Dane aplikacji\xmlE6.tmp
C:\Documents and Settings\All Users\Dane aplikacji\xmlE7.tmp
C:\Program Files\Common Files\svhost.exe
C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}
C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\chrome.manifest
C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\chrome\scanquery.jar
C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\defaults\preferences\prefs.js
C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\install.rdf
C:\Program Files\ScanQuery
C:\Program Files\ScanQuery\uninstall.exe
C:\Program Files\Search Toolbar
C:\Program Files\Search Toolbar\SearchToolbarUninstall.exe
C:\WINDOWS\d.ini
C:\WINDOWS\IsUn0415.exe
C:\WINDOWS\system\smss.exe
C:\WINDOWS\system32\install
C:\WINDOWS\system32\mfc100deu.dll
C:\WINDOWS\system32\muzapp.exe
D:\install.exe


(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SCANQUERY_SERVICE


(((((((((((((((((((((((((   Pliki utworzone od 2011-07-28 do 2011-08-31  )))))))))))))))))))))))))))))))


2011-08-31 22:29:03 . 2011-08-31 22:29:03	--------	d-----w-	C:\WINDOWS\system32\wbem\snmp
2011-08-31 22:29:02 . 2011-08-31 22:29:02	--------	d-----w-	C:\WINDOWS\system32\xircom
2011-08-31 22:29:02 . 2011-08-31 22:29:02	--------	d-----w-	C:\Program Files\microsoft frontpage
2011-08-31 21:11:35 . 2011-08-31 21:11:35	--------	d--h--w-	C:\WINDOWS\PIF
2011-08-31 08:04:43 . 2009-10-28 09:32:32	809560	----a-r-	C:\WINDOWS\system32\tmp82.tmp
2011-08-31 08:02:55 . 2011-08-31 08:02:55	--------	d-----w-	C:\Documents and Settings\Użytkownik\Ustawienia lokalne\Dane aplikacji\BitTorrentBar
2011-08-30 14:16:31 . 2011-08-31 21:48:50	9428992	---ha-w-	C:\Documents and Settings\Użytkownik\ntuser.tmp
2011-08-17 19:33:53 . 2011-08-17 19:33:53	--------	d-----w-	C:\WINDOWS\Cache
2011-08-15 21:46:14 . 2011-08-15 21:46:14	--------	d-----w-	C:\Program Files\UPHClean
2011-08-05 20:19:39 . 2011-08-05 20:19:39	--------	d-----w-	C:\Program Files\MSXML 4.0
2011-08-05 19:52:34 . 2011-08-06 20:48:37	--------	d-----w-	C:\Program Files\Microsoft Games
2011-08-04 16:27:15 . 2011-08-04 16:27:15	--------	d-----w-	C:\Program Files\GameTop.com
.


((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-08-17 07:58:54 . 2011-05-19 13:05:21	404640	----a-w-	C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2011-07-30 16:02:44 . 2011-07-22 18:18:36	183112	----a-w-	C:\WINDOWS\system32\PnkBstrB.exe
2011-07-26 12:43:50 . 2011-07-22 18:59:45	138184	----a-w-	C:\WINDOWS\system32\drivers\PnkBstrK.sys
2011-07-22 19:24:02 . 2011-07-22 18:59:47	66872	----a-w-	C:\WINDOWS\system32\PnkBstrA.exe
2011-07-22 18:12:43 . 2011-07-22 18:12:43	12088	----a-w-	C:\WINDOWS\system32\ealregsnapshot1.reg
2011-07-04 11:43:53 . 2011-04-09 08:02:05	40112	----a-w-	C:\WINDOWS\avastSS.scr
2011-07-04 11:43:51 . 2010-02-08 17:37:07	199304	----a-w-	C:\WINDOWS\system32\aswBoot.exe
2011-07-04 11:36:43 . 2011-04-09 08:02:19	441176	----a-w-	C:\WINDOWS\system32\drivers\aswSnx.sys
2011-07-04 11:36:32 . 2010-02-08 17:37:21	309848	----a-w-	C:\WINDOWS\system32\drivers\aswSP.sys
2011-07-04 11:35:23 . 2010-02-08 17:37:21	43608	----a-w-	C:\WINDOWS\system32\drivers\aswTdi.sys
2011-07-04 11:35:12 . 2010-02-08 17:37:21	102616	----a-w-	C:\WINDOWS\system32\drivers\aswmon2.sys
2011-07-04 11:35:09 . 2010-02-08 17:37:21	96344	----a-w-	C:\WINDOWS\system32\drivers\aswmon.sys
2011-07-04 11:32:32 . 2010-02-08 17:37:21	25432	----a-w-	C:\WINDOWS\system32\drivers\aswRdr.sys
2011-07-04 11:32:13 . 2010-02-08 17:37:21	30808	----a-w-	C:\WINDOWS\system32\drivers\aavmker4.sys
2011-07-04 11:32:12 . 2010-02-08 17:37:21	19544	----a-w-	C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-06-07 09:13:44 . 2011-06-24 14:11:05	4659712	----a-w-	C:\WINDOWS\system32\Redemption.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	974848	----a-w-	C:\WINDOWS\system32\cis-2.4.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	90112	----a-w-	C:\WINDOWS\MAMCityDownload.ocx
2011-06-07 09:13:38 . 2011-06-07 09:13:38	81920	----a-w-	C:\WINDOWS\system32\issacapi_bs-2.3.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	65536	----a-w-	C:\WINDOWS\system32\issacapi_pe-2.3.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	57344	----a-w-	C:\WINDOWS\system32\MTXSYNCICON.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	57344	----a-w-	C:\WINDOWS\system32\issacapi_se-2.3.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	569344	----a-w-	C:\WINDOWS\system32\muzdecode.ax
2011-06-07 09:13:38 . 2011-06-07 09:13:38	491520	----a-w-	C:\WINDOWS\system32\muzapp.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	49152	----a-w-	C:\WINDOWS\system32\MaJGUILib.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	45056	----a-w-	C:\WINDOWS\system32\MaXMLProto.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	40960	----a-w-	C:\WINDOWS\system32\MTTELECHIP.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	352256	----a-w-	C:\WINDOWS\system32\MSLUR71.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	325552	----a-w-	C:\WINDOWS\MASetupCaller.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	30568	----a-w-	C:\WINDOWS\MusiccityDownload.exe
2011-06-07 09:13:38 . 2011-06-07 09:13:38	24576	----a-w-	C:\WINDOWS\system32\MASetupCleaner.exe
2011-06-07 09:13:38 . 2011-06-07 09:13:38	200704	----a-w-	C:\WINDOWS\system32\muzwmts.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	155648	----a-w-	C:\WINDOWS\system32\MSFLib.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	143360	----a-w-	C:\WINDOWS\system32\3DAudio.ax
2011-06-07 09:13:38 . 2011-06-07 09:13:38	14336	----a-w-	C:\WINDOWS\system32\avrt.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	135168	----a-w-	C:\WINDOWS\system32\muzaf1.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	131072	----a-w-	C:\WINDOWS\system32\muzmpgsp.ax
2011-06-07 09:13:38 . 2011-06-07 09:13:38	122880	----a-w-	C:\WINDOWS\system32\muzeffect.ax
2011-06-07 09:13:38 . 2011-06-07 09:13:38	118784	----a-w-	C:\WINDOWS\system32\MaDRM.dll
2011-06-07 09:13:38 . 2011-06-07 09:13:38	110592	----a-w-	C:\WINDOWS\system32\muzmp4sp.ax
2011-06-07 09:13:36 . 2011-06-24 14:08:53	821824	----a-w-	C:\WINDOWS\system32\dgderapi.dll
2011-06-07 09:13:36 . 2011-06-24 14:08:53	319456	----a-w-	C:\WINDOWS\system32\DIFxAPI.dll
2011-06-07 09:13:36 . 2011-06-24 14:08:53	20032	----a-w-	C:\WINDOWS\system32\drivers\dgderdrv.sys
2011-06-07 09:13:36 . 2011-06-07 09:13:36	57344	----a-w-	C:\WINDOWS\system32\MK_Lyric.dll
2011-06-07 09:13:36 . 2011-06-07 09:13:36	45056	----a-w-	C:\WINDOWS\system32\MACXMLProto.dll
2011-06-07 09:13:36 . 2011-06-07 09:13:36	40960	----a-w-	C:\WINDOWS\system32\MAMACExtract.dll
2011-06-07 09:13:36 . 2011-06-07 09:13:36	258048	----a-w-	C:\WINDOWS\system32\muzoggsp.ax
2011-06-07 09:13:36 . 2011-06-07 09:13:36	245760	----a-w-	C:\WINDOWS\system32\MSCLib.dll
2005-03-31 21:17:42 . 2010-02-08 17:19:45	40960	----a-w-	C:\Program Files\Uninstall_CDS.exe


------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.

[-] 2008-05-02 06:48:16 . 8E036EEC565910417EA020CE0962AA24 . 361344 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\tcpip.sys

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))


*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43:46	122512	----a-w-	C:\Program Files\AVAST Software\Avast\ashShell.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 00:00:00 90112]
"CTHelper"="CTHELPER.EXE" [2003-08-28 08:45:38 24576]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 04:02:26 37296]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 04:59:06 937920]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-28 20:05:00 344064]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 22:32:54 61440]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-06-29 00:09:28 32768]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2011-07-04 11:43:54 3493720]
"winloqon"="C:\Documents and Settings\All Users\winloqon.exe" [2011-05-07 09:35:00 331776]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 10:59:52 254696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 20:51:12 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2009-03-08 02:32:48 128512]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ATI CATALYST – pasek zadań.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ATI CATALYST – pasek zadań.lnk
backup=C:\WINDOWS\pss\ATI CATALYST – pasek zadań.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BDARemote.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BDARemote.lnk
backup=C:\WINDOWS\pss\BDARemote.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^GamersFirst LIVE!.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk
backup=C:\WINDOWS\pss\GamersFirst LIVE!.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Image Zone - szybkie uruchamianie.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Image Zone - szybkie uruchamianie.lnk
backup=C:\WINDOWS\pss\HP Image Zone - szybkie uruchamianie.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Użytkownik^Menu Start^Programy^Autostart^DesktopEarth AutoStart.lnk]
path=C:\Documents and Settings\Użytkownik\Menu Start\Programy\Autostart\DesktopEarth AutoStart.lnk
backup=C:\WINDOWS\pss\DesktopEarth AutoStart.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Użytkownik^Menu Start^Programy^Autostart^Real Desktop.lnk]
path=C:\Documents and Settings\Użytkownik\Menu Start\Programy\Autostart\Real Desktop.lnk
backup=C:\WINDOWS\pss\Real Desktop.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02:26	37296	----a-w-	C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
2010-03-23 23:23:14	1432064	----a-w-	C:\Program Files\ALLPlayer\ALLUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10]
2011-07-04 17:45:30	13374048	----a-w-	C:\Program Files\Gadu-Gadu 10\gg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-11 22:12:54	49152	----a-w-	C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-29 00:00:00	28672	----a-w-	C:\Program Files\Creative\SBLive\Program\ADGJDet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
2011-06-09 16:52:42	940944	----a-w-	C:\Program Files\Samsung\Kies\KiesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2011-06-09 16:52:54	20880	----a-w-	C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2011-06-09 16:52:44	3373968	----a-w-	C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxClock]
2008-12-09 12:17:36	720482	----a-w-	C:\mxClock\mxClock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50:42	155648	----a-w-	C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 16:57:20	26192168	----a-r-	C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-07 22:20:31	1242448	----a-w-	C:\Program Files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"UPS"=3 (0x3)
"TermService"=3 (0x3)
"RemoteRegistry"=2 (0x2)
"LanmanServer"=2 (0x2)
"ImapiService"=3 (0x3)
"ERSvc"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\Gadu-Gadu 10\\gg.exe"=
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"C:\\Program Files\\Ares\\Ares.exe"=
"C:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"D:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"D:\\Program Files\\Empire Interactive\\FlatOut2\\FlatOut2.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"C:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"C:\\Program Files\\USArmy\\America's Army 3\\Binaries\\AA3Game.exe"=
"C:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MP.exe"=
"C:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MPLite.exe"=
"C:\\Program Files\\Valve\\hl.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"C:\\Documents and Settings\\Użytkownik\\Games\\Tom Clancy's H.A.W.X\\HAWX.exe"=
"C:\\Documents and Settings\\Użytkownik\\Games\\Tom Clancy's H.A.W.X\\HAWX_dx10.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Metin2_PL\\metin2.bin"=
"C:\\Program Files\\Metin2_PL\\metin2client.bin"=
"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLI.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16955:TCP"= 16955:TCP:BitComet 16955 TCP
"16955:UDP"= 16955:UDP:BitComet 16955 UDP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 HFXP2;HFXP2;C:\WINDOWS\system32\drivers\hfxp2.sys [2010-06-11 22:31:18 17264]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 17:11:18 35328]
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [2010-08-13 19:14:04 436792]
R1 aswSnx;aswSnx;C:\WINDOWS\system32\drivers\aswSnx.sys [2011-04-09 10:02:19 441176]
R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [2010-02-08 19:37:21 309848]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-02-08 19:37:21 19544]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [2010-11-06 18:17:44 233472]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [2010-11-06 18:17:44 36608]
S2 gupdate;Usługa Google Update (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-18 10:55:54 136176]
S3 AmdTools;AMD Special Tools Driver;C:\WINDOWS\system32\DRIVERS\AmdTools.sys --> C:\WINDOWS\system32\DRIVERS\AmdTools.sys [?]
S3 EagleXNt;EagleXNt;\??\C:\WINDOWS\system32\drivers\EagleXNt.sys --> C:\WINDOWS\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Usługa Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-18 10:55:54 136176]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\WINDOWS\system32\drivers\ssadbus.sys [2011-06-24 16:13:34 121192]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\WINDOWS\system32\drivers\ssadmdfl.sys [2011-06-24 16:13:36 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\WINDOWS\system32\drivers\ssadmdm.sys [2011-06-24 16:13:36 136680]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\WINDOWS\system32\drivers\ssadserd.sys [2011-06-24 16:13:37 114152]

--- Inne Usługi/Sterowniki w Pamięci ---

*Deregistered* - uphcleanhlp

Zawartość folderu 'Zaplanowane zadania'

2011-08-31 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-18 08:55:54 . 2010-07-29 13:39:52]

2011-08-31 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-18 08:55:54 . 2010-07-29 13:39:52]


------- Skan uzupełniający -------

uStart Page = hxxp://www.qooqlle.com/
mStart Page = hxxp://home.sweetim.com
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: E&ksport do programu Microsoft Excel - C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
TCP: Interfaces\{1322BBDD-A21E-4D3F-8B25-49262CAE7031}: NameServer = 194.204.159.1,194.204.152.34
TCP: Interfaces\{3EB95836-325C-4AD2-8E7D-63717A35265E}: NameServer = 194.204.159.1,194.204.152.34
FF - ProfilePath - C:\Documents and Settings\Użytkownik\Dane aplikacji\Mozilla\Firefox\Profiles\tmx9o7fe.default\
FF - prefs.js: browser.search.selectedEngine - qooqlle
FF - prefs.js: browser.startup.homepage - hxxp://www.qooqlle.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q=
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 9666
FF - prefs.js: network.proxy.gopher - 127.0.0.1
FF - prefs.js: network.proxy.gopher_port - 9666
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 9666
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 9666
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 9666
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - C:\Program Files\Java\jre6\lib\deploy\jqs\ff

- - - - USUNIĘTO PUSTE WPISY - - - -

BHO-{0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll
WebBrowser-{5B291E6C-9A74-4034-971B-A4B007A0B315} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKLM-Run-csrs - C:\Documents and Settings\All Users\csrs.exe
HKLM-Run-svhost - C:\Program Files\Common Files\svhost.exe
MSConfigStartUp-Real Desktop - C:\Program Files\Real Desktop\Real Desktop.exe
MSConfigStartUp-RemoteControl - C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
MSConfigStartUp-RGSC - C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
MSConfigStartUp-SoundMan - SOUNDMAN.EXE
MSConfigStartUp-SweetIM - C:\Program Files\SweetIM\Messenger\SweetIM.exe
AddRemove-ESSpray 2.11 - C:\ESSpray2\DeIsL1.isu
AddRemove-ScanQuery - C:\Program Files\ScanQuery\uninstall.exe
AddRemove-01_Simmental - C:\Program Files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - C:\Program Files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - C:\Program Files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - C:\Program Files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - C:\Program Files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - C:\Program Files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - C:\Program Files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - C:\Program Files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - C:\Program Files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - C:\Program Files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - C:\Program Files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - C:\Program Files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - C:\Program Files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - C:\Program Files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - C:\Program Files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - C:\Program Files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - C:\Program Files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - C:\Program Files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - C:\Program Files\Samsung\USB Drivers\25_escape\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-01 00:29:42
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...