Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
Prosze o sprawdzenie loga - popupy w czasie wchodzenia na c: • programosy.pl
Aktualizacje na programosy.pl: Movavi Video Editor PlusTablacus ExplorerTeamTalkOperaSpy EmergencyTixati PortableTixatiFlagfoxRarmaRadio  

  • Ogłoszenie:

Prosze o sprawdzenie loga - popupy w czasie wchodzenia na c:

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Prosze o sprawdzenie loga - popupy w czasie wchodzenia na c:

Postprzez sk8swirusek 15 Lis 2008, 17:24

reklama
Witam,

mam popupy jak wchodze na c: i katalogi wewnatrz, wydaje mi sie ze to jakis spyware, jak klikam anuluj to wlacza sie strona internetowa, ktora pokazuje jakby sie cos skanowalo w moim komputerze. Jak wlaczam komputer pokazuje mi sie instalator systemu windows i chce instalowac ta aplikacje. Nazywa sie to scansoft paperport 11, albo cos takiego. Prosze o pomoc!


Kod: Zaznacz wszystko
ComboFix 08-11-13.01 - test 2008-11-15 16:16:33.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.1329 [GMT 1:00]
Uruchomiony z: c:\documents and settings\test\Pulpit\ComboFix.exe
* Utworzono nowy punkt przywracania
.

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\k.txt
c:\windows\system32\sysbase32.dll

----- BITS: Możliwe zainfekowane strony -----

hxxp://megauplinkbindinstaller.com
.
(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_POWERMANAGER
-------\Service_PowerManager


(((((((((((((((((((((((((   Pliki utworzone od 2008-10-15 do 2008-11-15  )))))))))))))))))))))))))))))))
.

2008-11-15 16:03 . 2008-11-15 16:03   <DIR>   d--------   c:\program files\Trend Micro
2008-11-15 15:32 . 2008-11-15 15:32   <DIR>   d--------   c:\program files\Lavasoft
2008-11-15 15:32 . 2008-11-15 15:32   <DIR>   d--------   c:\program files\Common Files\Wise Installation Wizard
2008-11-15 15:32 . 2008-11-15 15:32   <DIR>   d--------   c:\documents and settings\All Users\Dane aplikacji\Lavasoft
2008-11-13 19:56 . 2008-11-15 14:01   <DIR>   d--------   c:\documents and settings\test\Dane aplikacji\WoDBO
2008-11-12 15:44 . 2008-11-12 15:44   <DIR>   dr-------   c:\documents and settings\test\Dane aplikacji\Brother
2008-11-12 14:49 . 2008-11-13 19:56   <DIR>   d--------   c:\windows\World of Dragon Ball Online 2.4
2008-11-05 20:41 . 2008-11-05 20:55   <DIR>   d--------   c:\documents and settings\test\Dane aplikacji\Mount&Blade
2008-11-05 20:40 . 2008-11-05 20:40   <DIR>   d--------   c:\windows\Logs
2008-10-18 07:24 . 2006-10-26 18:56   32,592   --a------   c:\windows\system32\msonpmon.dll
2008-10-18 07:23 . 2008-10-18 07:23   <DIR>   d--------   c:\program files\MSBuild
2008-10-18 07:23 . 2008-10-18 07:23   <DIR>   d--------   c:\program files\Microsoft Works
2008-10-18 07:21 . 2008-10-18 07:21   <DIR>   d--------   c:\program files\Microsoft.NET
2008-10-18 07:19 . 2008-10-18 07:22   <DIR>   d--------   c:\windows\SHELLNEW
2008-10-18 07:18 . 2008-10-18 07:18   <DIR>   dr-h-----   C:\MSOCache
2008-10-18 07:18 . 2008-10-18 07:24   <DIR>   d--------   c:\documents and settings\All Users\Dane aplikacji\Microsoft Help

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-15 15:02   ---------   d-----w   c:\program files\Uninstall
2008-11-15 15:01   ---------   d-----w   c:\documents and settings\test\Dane aplikacji\Skype
2008-11-15 07:00   ---------   d-----w   c:\documents and settings\test\Dane aplikacji\AVG7
2008-11-14 19:43   ---------   d-----w   c:\documents and settings\test\Dane aplikacji\Hamachi
2008-11-04 12:41   30   ----a-w   c:\documents and settings\test\jagex_runescape_preferences.dat
2008-10-28 18:40   ---------   d--h--w   c:\program files\InstallShield Installation Information
2008-10-24 11:10   453,632   ----a-w   c:\windows\system32\drivers\mrxsmb.sys
2008-10-21 13:08   ---------   d-----w   c:\program files\Gadu-Gadu
2008-10-08 17:24   ---------   d-----w   c:\program files\Brother
2008-10-07 15:02   ---------   d-----w   c:\program files\Common Files\INCA Shared
2008-10-05 13:04   107,888   ----a-w   c:\windows\system32\CmdLineExt.dll
2008-10-04 12:55   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\ScanSoft
2008-10-04 12:53   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\Brother
2008-09-30 15:43   1,286,152   ----a-w   c:\windows\system32\msxml4.dll
2008-09-15 15:40   1,846,272   ----a-w   c:\windows\system32\win32k.sys
2008-09-04 16:46   1,106,944   ----a-w   c:\windows\system32\msxml3.dll
2008-08-20 05:38   662,016   ----a-w   c:\windows\system32\wininet.dll
2008-05-22 14:56   1   ----a-w   c:\documents and settings\test\SI.bin
2007-07-02 08:48   110,592   ----a-w   c:\documents and settings\test\artpclnt.dll
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2007-01-30 1716224]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-06-08 23336488]
"BitComet"="e:\program files\BitComet\BitComet.exe" [2007-10-08 6338872]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-16 167368]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-31 36864]
"36X Raid Configurer"="c:\windows\system32\JMRaidSetup.exe" [2006-11-17 1953792]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"NeroCheck"="c:\windows\system32\\NeroCheck.exe" [2001-07-09 155648]
"AVG7_CC"="c:\progra~1\Grisoft\AVG7\avgcc.exe" [2008-10-17 590848]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"nwiz"="nwiz.exe" [2008-05-16 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 c:\windows\RTHDCPL.EXE]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
"AVG7_Run"="c:\progra~1\Grisoft\AVG7\avgw.exe" [2008-01-29 219136]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-06-09 278528]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-12-29 692224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv41"= ir41_32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"d:\\Program Files\\Electronic Arts\\Bitwa o Śródziemie II\\game.dat"=
"f:\\Program Files\\Valve\\hl.exe"=
"e:\\Program Files\\Valve\\hl.exe"=
"f:\\downland\\Soldat\\Soldat.exe"=
"e:\\Program Files\\Valve\\hlds.exe"=
"e:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"f:\\Program Files\\Valve\\hltv.exe"=
"f:\\Program Files\\Valve\\Steam\\SteamApps\\grzybu907\\counter-strike\\hl.exe"=
"f:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Complete\\Civilization4.exe"=
"f:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Complete\\Warlords\\Civ4Warlords.exe"=
"f:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Complete\\Beyond the Sword\\Civ4BeyondSword.exe"=
"f:\\Program Files\\PES08\\Pro Evolution Soccer 2008\\PES2008.exe"=
"e:\\Games\\Mass Effect\\Binaries\\MassEffect.exe"=
"e:\\Games\\Mass Effect\\MassEffectLauncher.exe"=
"e:\\Program Files\\FIFA 09\\FIFA09.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"e:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"e:\\Program Files\\Metin2_PL\\metin2.bin"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7192:TCP"= 7192:TCP:BitComet 7192 TCP
"7192:UDP"= 7192:UDP:BitComet 7192 UDP
"17793:TCP"= 17793:TCP:BitComet 17793 TCP
"17793:UDP"= 17793:UDP:BitComet 17793 UDP
"7171:TCP"= 7171:TCP:BitComet 7171 TCP
"7171:UDP"= 7171:UDP:BitComet 7171 UDP
"20772:TCP"= 20772:TCP:BitComet 20772 TCP
"20772:UDP"= 20772:UDP:BitComet 20772 UDP
"18000:TCP"= 18000:TCP:BitComet 18000 TCP
"18000:UDP"= 18000:UDP:BitComet 18000 UDP
"11555:TCP"= 11555:TCP:BitComet 11555 TCP
"11555:UDP"= 11555:UDP:BitComet 11555 UDP
"8712:TCP"= 8712:TCP:BitComet 8712 TCP
"8712:UDP"= 8712:UDP:BitComet 8712 UDP
"27193:TCP"= 27193:TCP:BitComet 27193 TCP
"27193:UDP"= 27193:UDP:BitComet 27193 UDP
"7454:TCP"= 7454:TCP:BitComet 7454 TCP
"7454:UDP"= 7454:UDP:BitComet 7454 UDP
"18090:TCP"= 18090:TCP:BitComet 18090 TCP
"18090:UDP"= 18090:UDP:BitComet 18090 UDP
"11332:TCP"= 11332:TCP:BitComet 11332 TCP
"11332:UDP"= 11332:UDP:BitComet 11332 UDP
"10020:TCP"= 10020:TCP:BitComet 10020 TCP
"10020:UDP"= 10020:UDP:BitComet 10020 UDP
"8262:TCP"= 8262:TCP:BitComet 8262 TCP
"8262:UDP"= 8262:UDP:BitComet 8262 UDP
"13481:TCP"= 13481:TCP:BitComet 13481 TCP
"13481:UDP"= 13481:UDP:BitComet 13481 UDP
"13247:TCP"= 13247:TCP:BitComet 13247 TCP
"13247:UDP"= 13247:UDP:BitComet 13247 UDP
"22800:TCP"= 22800:TCP:BitComet 22800 TCP
"22800:UDP"= 22800:UDP:BitComet 22800 UDP
"22871:TCP"= 22871:TCP:BitComet 22871 TCP
"22871:UDP"= 22871:UDP:BitComet 22871 UDP
"9403:TCP"= 9403:TCP:BitComet 9403 TCP
"9403:UDP"= 9403:UDP:BitComet 9403 UDP
"22799:TCP"= 22799:TCP:BitComet 22799 TCP
"22799:UDP"= 22799:UDP:BitComet 22799 UDP
"7108:TCP"= 7108:TCP:BitComet 7108 TCP
"7108:UDP"= 7108:UDP:BitComet 7108 UDP
"26349:TCP"= 26349:TCP:BitComet 26349 TCP
"26349:UDP"= 26349:UDP:BitComet 26349 UDP
"26083:TCP"= 26083:TCP:BitComet 26083 TCP
"26083:UDP"= 26083:UDP:BitComet 26083 UDP
"7442:TCP"= 7442:TCP:BitComet 7442 TCP
"7442:UDP"= 7442:UDP:BitComet 7442 UDP
"9721:TCP"= 9721:TCP:BitComet 9721 TCP
"9721:UDP"= 9721:UDP:BitComet 9721 UDP
"7484:TCP"= 7484:TCP:BitComet 7484 TCP
"7484:UDP"= 7484:UDP:BitComet 7484 UDP
"26498:TCP"= 26498:TCP:BitComet 26498 TCP
"26498:UDP"= 26498:UDP:BitComet 26498 UDP
"15235:TCP"= 15235:TCP:BitComet 15235 TCP
"15235:UDP"= 15235:UDP:BitComet 15235 UDP
"26634:TCP"= 26634:TCP:BitComet 26634 TCP
"26634:UDP"= 26634:UDP:BitComet 26634 UDP
"10562:TCP"= 10562:TCP:BitComet 10562 TCP
"10562:UDP"= 10562:UDP:BitComet 10562 UDP
"10937:TCP"= 10937:TCP:BitComet 10937 TCP
"10937:UDP"= 10937:UDP:BitComet 10937 UDP
"13913:TCP"= 13913:TCP:BitComet 13913 TCP
"13913:UDP"= 13913:UDP:BitComet 13913 UDP
"17465:TCP"= 17465:TCP:BitComet 17465 TCP
"17465:UDP"= 17465:UDP:BitComet 17465 UDP
"15861:TCP"= 15861:TCP:BitComet 15861 TCP
"15861:UDP"= 15861:UDP:BitComet 15861 UDP
"10306:TCP"= 10306:TCP:BitComet 10306 TCP
"10306:UDP"= 10306:UDP:BitComet 10306 UDP
"22567:TCP"= 22567:TCP:BitComet 22567 TCP
"22567:UDP"= 22567:UDP:BitComet 22567 UDP
"13816:TCP"= 13816:TCP:BitComet 13816 TCP
"13816:UDP"= 13816:UDP:BitComet 13816 UDP
"16599:TCP"= 16599:TCP:BitComet 16599 TCP
"16599:UDP"= 16599:UDP:BitComet 16599 UDP
"24822:TCP"= 24822:TCP:BitComet 24822 TCP
"24822:UDP"= 24822:UDP:BitComet 24822 UDP
"8494:TCP"= 8494:TCP:BitComet 8494 TCP
"8494:UDP"= 8494:UDP:BitComet 8494 UDP
"20924:TCP"= 20924:TCP:BitComet 20924 TCP
"20924:UDP"= 20924:UDP:BitComet 20924 UDP
"24482:TCP"= 24482:TCP:BitComet 24482 TCP
"24482:UDP"= 24482:UDP:BitComet 24482 UDP
"12866:TCP"= 12866:TCP:BitComet 12866 TCP
"12866:UDP"= 12866:UDP:BitComet 12866 UDP
"22390:TCP"= 22390:TCP:BitComet 22390 TCP
"22390:UDP"= 22390:UDP:BitComet 22390 UDP
"15803:TCP"= 15803:TCP:BitComet 15803 TCP
"15803:UDP"= 15803:UDP:BitComet 15803 UDP
"25512:TCP"= 25512:TCP:BitComet 25512 TCP
"25512:UDP"= 25512:UDP:BitComet 25512 UDP
"9535:TCP"= 9535:TCP:BitComet 9535 TCP
"9535:UDP"= 9535:UDP:BitComet 9535 UDP
"18072:TCP"= 18072:TCP:BitComet 18072 TCP
"18072:UDP"= 18072:UDP:BitComet 18072 UDP
"18813:TCP"= 18813:TCP:BitComet 18813 TCP
"18813:UDP"= 18813:UDP:BitComet 18813 UDP
"22942:TCP"= 22942:TCP:BitComet 22942 TCP
"22942:UDP"= 22942:UDP:BitComet 22942 UDP
"11222:TCP"= 11222:TCP:BitComet 11222 TCP
"11222:UDP"= 11222:UDP:BitComet 11222 UDP
"18811:TCP"= 18811:TCP:BitComet 18811 TCP
"18811:UDP"= 18811:UDP:BitComet 18811 UDP
"16616:TCP"= 16616:TCP:BitComet 16616 TCP
"16616:UDP"= 16616:UDP:BitComet 16616 UDP
"25672:TCP"= 25672:TCP:BitComet 25672 TCP
"25672:UDP"= 25672:UDP:BitComet 25672 UDP
"17692:TCP"= 17692:TCP:BitComet 17692 TCP
"17692:UDP"= 17692:UDP:BitComet 17692 UDP
"8784:TCP"= 8784:TCP:BitComet 8784 TCP
"8784:UDP"= 8784:UDP:BitComet 8784 UDP
"9005:TCP"= 9005:TCP:BitComet 9005 TCP
"9005:UDP"= 9005:UDP:BitComet 9005 UDP
"27342:TCP"= 27342:TCP:BitComet 27342 TCP
"27342:UDP"= 27342:UDP:BitComet 27342 UDP
"8462:TCP"= 8462:TCP:BitComet 8462 TCP
"8462:UDP"= 8462:UDP:BitComet 8462 UDP
"7647:TCP"= 7647:TCP:BitComet 7647 TCP
"7647:UDP"= 7647:UDP:BitComet 7647 UDP
"17470:TCP"= 17470:TCP:BitComet 17470 TCP
"17470:UDP"= 17470:UDP:BitComet 17470 UDP
"22843:TCP"= 22843:TCP:BitComet 22843 TCP
"22843:UDP"= 22843:UDP:BitComet 22843 UDP
"9607:TCP"= 9607:TCP:BitComet 9607 TCP
"9607:UDP"= 9607:UDP:BitComet 9607 UDP
"24375:TCP"= 24375:TCP:BitComet 24375 TCP
"24375:UDP"= 24375:UDP:BitComet 24375 UDP
"25991:TCP"= 25991:TCP:BitComet 25991 TCP
"25991:UDP"= 25991:UDP:BitComet 25991 UDP
"7881:TCP"= 7881:TCP:BitComet 7881 TCP
"7881:UDP"= 7881:UDP:BitComet 7881 UDP
"24388:TCP"= 24388:TCP:BitComet 24388 TCP
"24388:UDP"= 24388:UDP:BitComet 24388 UDP
"9399:TCP"= 9399:TCP:BitComet 9399 TCP
"9399:UDP"= 9399:UDP:BitComet 9399 UDP
"22335:TCP"= 22335:TCP:BitComet 22335 TCP
"22335:UDP"= 22335:UDP:BitComet 22335 UDP
"9682:TCP"= 9682:TCP:BitComet 9682 TCP
"9682:UDP"= 9682:UDP:BitComet 9682 UDP
"16608:TCP"= 16608:TCP:BitComet 16608 TCP
"16608:UDP"= 16608:UDP:BitComet 16608 UDP
"25646:TCP"= 25646:TCP:BitComet 25646 TCP
"25646:UDP"= 25646:UDP:BitComet 25646 UDP
"7597:TCP"= 7597:TCP:BitComet 7597 TCP
"7597:UDP"= 7597:UDP:BitComet 7597 UDP
"20964:TCP"= 20964:TCP:BitComet 20964 TCP
"20964:UDP"= 20964:UDP:BitComet 20964 UDP
"27459:TCP"= 27459:TCP:BitComet 27459 TCP
"27459:UDP"= 27459:UDP:BitComet 27459 UDP
"7483:TCP"= 7483:TCP:BitComet 7483 TCP
"7483:UDP"= 7483:UDP:BitComet 7483 UDP
"26971:TCP"= 26971:TCP:BitComet 26971 TCP
"26971:UDP"= 26971:UDP:BitComet 26971 UDP
"8917:TCP"= 8917:TCP:BitComet 8917 TCP
"8917:UDP"= 8917:UDP:BitComet 8917 UDP
"16957:TCP"= 16957:TCP:BitComet 16957 TCP
"16957:UDP"= 16957:UDP:BitComet 16957 UDP
"11244:TCP"= 11244:TCP:BitComet 11244 TCP
"11244:UDP"= 11244:UDP:BitComet 11244 UDP
"7226:TCP"= 7226:TCP:BitComet 7226 TCP
"7226:UDP"= 7226:UDP:BitComet 7226 UDP
"9642:TCP"= 9642:TCP:BitComet 9642 TCP
"9642:UDP"= 9642:UDP:BitComet 9642 UDP
"13631:TCP"= 13631:TCP:BitComet 13631 TCP
"13631:UDP"= 13631:UDP:BitComet 13631 UDP
"24055:TCP"= 24055:TCP:BitComet 24055 TCP
"24055:UDP"= 24055:UDP:BitComet 24055 UDP
"9762:TCP"= 9762:TCP:BitComet 9762 TCP
"9762:UDP"= 9762:UDP:BitComet 9762 UDP
"19657:TCP"= 19657:TCP:BitComet 19657 TCP
"19657:UDP"= 19657:UDP:BitComet 19657 UDP
"19765:TCP"= 19765:TCP:BitComet 19765 TCP
"19765:UDP"= 19765:UDP:BitComet 19765 UDP
"17587:TCP"= 17587:TCP:BitComet 17587 TCP
"17587:UDP"= 17587:UDP:BitComet 17587 UDP
"9994:TCP"= 9994:TCP:BitComet 9994 TCP
"9994:UDP"= 9994:UDP:BitComet 9994 UDP
"13590:TCP"= 13590:TCP:BitComet 13590 TCP
"13590:UDP"= 13590:UDP:BitComet 13590 UDP
"10046:TCP"= 10046:TCP:BitComet 10046 TCP
"10046:UDP"= 10046:UDP:BitComet 10046 UDP
"24270:TCP"= 24270:TCP:BitComet 24270 TCP
"24270:UDP"= 24270:UDP:BitComet 24270 UDP

S3 ddsxeiservice;ddsxeiservice2;c:\program files\sXe Injected\ddsxei.sys [ ]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\DRIVERS\gan_adapter.sys [2006-08-28 10664]
S3 pohci13F;pohci13F;c:\docume~1\test\USTAWI~1\Temp\pohci13F.sys [ ]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{335ce665-1654-11dc-9d08-806d6172696f}]
\Shell\AutoRun\command - H:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4131bffe-9b6f-11dd-bd9a-00e04c003098}]
\Shell\AutoRun\command - O:\
\Shell\open\Command - rundll32.exe .\desktop.dll,InstallM
.
- - - - USUNIĘTO PUSTE WPISY - - - -

BHO-{5F8C8A31-F802-3FC8-B271-953BAD6D29E4} - c:\windows\system32\mws40644.dll
HKCU-Run-ares - e:\program files\Ares\Ares.exe
HKCU-Run-DAEMON Tools Pro Agent - e:\daemon tools pro\DTProAgent.exe
HKCU-Run-TotalSecure2009 - c:\program files\TS-2009\scan.exe
HKLM-Run-Anti-Blaxx Manager - c:\program files\Anti-Blaxx\Anti-Blaxx.exe
HKLM-Run-SSBkgdUpdate - c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
MSConfigStartUp-IndexSearch - c:\program files\ScanSoft\PaperPort\IndexSearch.exe
MSConfigStartUp-PaperPort PTD - c:\program files\ScanSoft\PaperPort\pptd40nt.exe


.
------- Skan uzupełniający -------
.
FireFox -: Profile - c:\documents and settings\test\Dane aplikacji\Mozilla\Firefox\Profiles\t1ze0q28.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.wp.pl/
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-15 16:19:09
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\savedump.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\rundll32.exe
c:\program files\Brother\ControlCenter3\BrccMCtl.exe
c:\progra~1\Grisoft\AVG7\avgamsvr.exe
c:\progra~1\Grisoft\AVG7\avgupsvc.exe
c:\program files\Brother\Brmfcmon\BrMfcMon.exe
c:\progra~1\Grisoft\AVG7\avgemc.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\msiexec.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\windows\system32\msiexec.exe
c:\progra~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Czas ukończenia: 2008-11-15 16:22:04 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2008-11-15 15:22:01

Przed: 2 913 640 448 bajtów wolnych
Po: 5,207,330,816 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

382   --- E O F ---   2008-11-12 07:11:49


Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:03:28, on 2008-11-15
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Skype\Phone\Skype.exe
E:\Program Files\BitComet\BitComet.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\MsiExec.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: D - {5F8C8A31-F802-3FC8-B271-953BAD6D29E4} - C:\WINDOWS\system32\mws40644.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Phonomia - {A2F253AD-1F23-4D87-A64B-D6987F38D981} - C:\WINDOWS\system32\SYSBAS~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BitComet] "E:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ares] "E:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "E:\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TotalSecure2009] C:\Program Files\TS-2009\scan.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - E:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B25CBB1-1924-4820-A82E-3032434BDF64}: NameServer = 10.10.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3B25CBB1-1924-4820-A82E-3032434BDF64}: NameServer = 10.10.10.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{3B25CBB1-1924-4820-A82E-3032434BDF64}: NameServer = 10.10.10.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)

--
End of file - 9468 bytes
sk8swirusek
~user
 
Posty: 46
Dołączenie: 09 Lip 2006, 18:52


Góra

Prosze o sprawdzenie loga - popupy w czasie wchodzenia na c:

Postprzez Magik 15 Lis 2008, 17:29

zastosuj smitfraudfix

specjalne-narzedzia-czyszczace-vt96631.html

nastepnie
Zastosuj SDFix . Po pobraniu uruchom go a rozpakuje się do C:\SDFix. Uruchom komputer w trybie awaryjnym (F8 przy stracie systemu). Będąc w awaryjnym uruchom plik RunThis.bat z folderu SDFixa. Zatwierdź czyszczenie przez Y. Poczekaj aż ukończy i komputer zresetuje

Potem wejdz do folderu C:\SDFix wrzuc zawartość pliku Report.txt + log z combofixa oraz daj loga z hijacka
Image Image
Awatar użytkownika
Magik
~user
 
Posty: 7956
Dołączenie: 08 Maj 2004, 09:17
Miejscowość: Głogów
Pochwały: 886

Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 14 gości

Powered by phpBB © Group
Forum Programosy.pl