Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
Prosze o pomoc w sprawie wirusa win32 • programosy.pl
Aktualizacje na programosy.pl: Tablacus Explorerfoobar2000RarmaRadioTails (The Amnesic Incognito Live System)Prism Video ConverterMixPadFarbar Recovery Scan ToolPITy IPSpdfMachine White  

  • Ogłoszenie:

Prosze o pomoc w sprawie wirusa win32

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Prosze o pomoc w sprawie wirusa win32

Postprzez kaczor12361 12 Wrz 2008, 12:00

reklama
proszę o sprawdzenie moich logów z hijack i combofix bo miałem zawirusowany komputer i przeczytałem na tym forum co mam zrobic założyc temet z logami by ktoś mógł mi je sprawdzic
log z hijack
Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:55:44, on 2008-09-12
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe
C:\WINDOWS\RTHDCPL.EXE
c:\program files\panda software\panda antivirus 2007\WebProxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\explorer.exe
C:\Program Files\neostrada tp\neostradatp.exe
C:\Program Files\neostrada tp\ComComp.exe
C:\PROGRA~1\NEOSTR~1\Toaster.exe
C:\PROGRA~1\NEOSTR~1\Inactivity.exe
C:\PROGRA~1\NEOSTR~1\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\neostrada tp\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\programy\hj\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\programy\demon\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3EE260D9-D984-4DE5-BF41-476C45790780}: NameServer = 194.204.159.1 217.98.63.164
O17 - HKLM\System\CS1\Services\Tcpip\..\{3EE260D9-D984-4DE5-BF41-476C45790780}: NameServer = 194.204.159.1 217.98.63.164
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

--
End of file - 4594 bytes


Kod: Zaznacz wszystko
ComboFix 08-09-10.04 - Musielek 2008-09-12 11:42:34.1 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Home Edition  5.1.2600.2.1250.1.1045.18.649 [GMT 2:00]
Uruchomiony z: D:\programy\combof\ComboFix.exe
* Utworzono nowy punkt przywracania

[color=red][b]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/b][/color]
.

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\WINDOWS\system32\cpuinf32.dll
C:\WINDOWS\system32\dflgh8jkd2q8.exe
C:\WINDOWS\system32\DivXsm.exe
C:\WINDOWS\system32\iconv.dll
C:\WINDOWS\system32\kbdusg.exe
C:\WINDOWS\system32\mplvpx.dll
C:\WINDOWS\system32\ogg.dll
C:\WINDOWS\system32\OggDS.dll
C:\WINDOWS\system32\tcpwrk.dll
C:\WINDOWS\system32\vorbis.dll
C:\WINDOWS\system32\vorbisenc.dll
C:\WINDOWS\system32\winds32.exe
C:\WINDOWS\system32\winprint.dll
C:\WINDOWS\system32\WMV9VCM.dll
D:\Autorun.inf
E:\Autorun.inf
F:\Autorun.inf

.
(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TAPISRVFASTUSERSWITCHINGCOMPATIBILITY
-------\Service_TapiSrvFastUserSwitchingCompatibility


(((((((((((((((((((((((((   Pliki utworzone od 2008-08-12 do 2008-09-12  )))))))))))))))))))))))))))))))
.

2008-09-12 08:38 . 2008-09-12 08:38   37   --a------   C:\WINDOWS\h7Ö
2008-09-11 16:12 . 2008-09-11 16:12   <DIR>   d--------   C:\Documents and Settings\Musielek\Dane aplikacji\Ubisoft
2008-09-11 16:11 . 2008-09-11 16:12   <DIR>   d--------   C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
2008-09-11 16:10 . 2008-09-11 16:10   <DIR>   d--------   C:\Documents and Settings\Musielek\Dane aplikacji\InstallShield
2008-09-11 16:09 . 2008-09-11 16:09   <DIR>   d--------   C:\Program Files\DAEMON Tools Toolbar
2008-09-11 16:07 . 2008-09-11 16:07   <DIR>   d--------   C:\Documents and Settings\Musielek\Dane aplikacji\DAEMON Tools
2008-09-11 16:07 . 2008-09-11 16:07   717,296   --a------   C:\WINDOWS\system32\drivers\sptd.sys
2008-09-10 20:50 . 2008-09-10 20:50   468   --a------   C:\WINDOWS\system32\xvid.ax
2008-09-10 20:50 . 2008-09-10 20:50   468   --a------   C:\WINDOWS\system32\lmpgvd.ax
2008-09-10 20:50 . 2008-09-10 20:50   468   --a------   C:\WINDOWS\system32\lmpgspl.ax
2008-09-10 20:50 . 2008-09-10 20:50   468   --a------   C:\WINDOWS\system32\l3codecp.acm
2008-09-10 20:50 . 2008-09-10 20:50   468   --a------   C:\WINDOWS\system32\DVDVideo.ax
2008-09-10 20:50 . 2008-09-10 20:50   468   --a------   C:\WINDOWS\system32\DivXMedia.ax
2008-09-10 20:50 . 2008-09-10 20:50   468   --a------   C:\WINDOWS\system32\divxdec.ax
2008-09-10 20:50 . 2008-09-10 20:50   468   --a------   C:\WINDOWS\system32\CoreAAC.ax
2008-09-10 20:50 . 2008-09-10 20:50   468   --a------   C:\WINDOWS\system32\ac3filter.ax
2008-09-10 20:45 . 2008-09-10 20:45   <DIR>   d--------   C:\WINDOWS\speech
2008-09-10 20:45 . 2008-09-10 20:45   <DIR>   d--------   C:\Program Files\ivo
2008-09-10 20:44 . 2008-09-10 20:44   <DIR>   d--------   C:\Program Files\MarBit
2008-09-10 20:42 . 2008-09-10 20:42   <DIR>   d--------   C:\Documents and Settings\Musielek\Gadu-Gadu
2008-09-10 20:34 . 2008-09-10 20:34   <DIR>   d--------   C:\Documents and Settings\Musielek\Dane aplikacji\Media Player Classic
2008-09-10 20:31 . 2008-09-10 20:31   <DIR>   d--------   C:\Documents and Settings\Musielek\Dane aplikacji\winamp
2008-09-10 20:28 . 2008-09-10 20:28   <DIR>   d--------   C:\WINDOWS\system32\NtmsData
2008-09-10 20:24 . 2008-09-10 20:24   940,794   --a------   C:\WINDOWS\system32\LoopyMusic.wav
2008-09-10 20:24 . 2008-09-10 20:24   146,650   --a------   C:\WINDOWS\system32\BuzzingBee.wav
2008-09-10 20:23 . 2008-09-10 20:24   <DIR>   d--------   C:\WINDOWS\system32\Lang
2008-09-10 20:21 . 2008-09-10 20:21   <DIR>   d--------   C:\WINDOWS\system32\RTCOM
2008-09-10 20:20 . 2008-09-10 20:20   <DIR>   d--------   C:\Program Files\Realtek
2008-09-10 20:20 . 2007-04-10 09:28   16,126,464   -r-------   C:\WINDOWS\RTHDCPL.exe
2008-09-10 18:47 . 2008-09-10 18:47   13,646   --a------   C:\WINDOWS\system32\wpa.bak
2008-09-10 18:37 . 2007-01-23 17:49   71,680   ---------   C:\WINDOWS\system32\drivers\PAVDRV51.SYS
2008-09-10 18:37 . 2008-09-10 18:37   248   --a------   C:\WINDOWS\system32\PavCPL.dat
2008-09-10 18:37 . 2008-09-10 18:37   37   --a------   C:\WINDOWS\r007
2008-09-10 18:36 . 2008-09-10 18:36   <DIR>   d--------   C:\WINDOWS\system32\PAV
2008-09-10 18:36 . 2008-09-10 18:36   <DIR>   d--------   C:\Program Files\Panda Software
2008-09-10 18:36 . 2003-03-18 18:14   499,712   --a------   C:\WINDOWS\system32\MSVCP71.DLL
2008-09-10 18:36 . 2003-02-21 02:42   348,160   --a------   C:\WINDOWS\system32\MSVCR71.DLL
2008-09-10 18:36 . 2006-05-02 09:40   49,152   --a------   C:\WINDOWS\system32\pavcpl.cpl
2008-09-10 18:36 . 2006-07-14 13:46   45,056   --a------   C:\WINDOWS\system32\avldr.dll
2008-09-10 18:10 . 2008-09-10 18:10   <DIR>   d--hs----   C:\Recycled
2008-09-10 18:00 . 2008-09-12 11:45   53,280   --ahs----   C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-10 18:00 . 2008-09-12 11:45   3,788   --ahs----   C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-10 17:58 . 2008-09-10 17:58   <DIR>   d--------   C:\Program Files\Common Files\PC Tools
2008-09-10 17:58 . 2008-09-10 17:58   <DIR>   d--------   C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2008-09-10 17:56 . 2008-09-10 17:56   <DIR>   d--------   C:\Program Files\Zone Labs
2008-09-10 17:56 . 2008-09-10 17:56   <DIR>   d--------   C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier
2008-09-10 17:50 . 2008-09-10 17:50   20,480   --ahs----   C:\WINDOWS\system32\driverss.dll
2008-09-10 17:40 . 2006-03-02 14:00   176,157   --a------   C:\WINDOWS\system32\dllcache\dgrpsetu.dll
2008-09-10 17:39 . 2008-09-10 17:39   0   --a------   C:\WINDOWS\nsreg.dat
2008-09-10 17:35 . 2008-09-10 17:35   <DIR>   d--------   C:\Documents and Settings\Musielek\Dane aplikacji\ATI
2008-09-10 17:32 . 2008-09-10 17:32   <DIR>   d--------   C:\Program Files\Common Files\ATI Technologies
2008-09-10 17:29 . 2006-12-20 21:05   520,192   ---------   C:\WINDOWS\system32\ati2sgag.exe
2008-09-10 17:29 . 2006-12-17 04:41   307,200   -ra------   C:\WINDOWS\system32\atiiiexx.dll
2008-09-10 17:28 . 2008-09-10 17:28   <DIR>   d--------   C:\Program Files\ATI Technologies
2008-09-10 17:28 . 2006-12-17 04:30   3,107,788   -ra------   C:\WINDOWS\system32\ativvaxx.dat
2008-09-10 17:28 . 2006-08-24 00:27   655,842   -ra------   C:\WINDOWS\system32\drivers\ativcaxx.cpa
2008-09-10 17:28 . 2006-11-28 21:55   142,347   -ra------   C:\WINDOWS\system32\atiicdxx.dat
2008-09-10 17:28 . 2006-12-17 05:08   38,944   -ra------   C:\WINDOWS\system32\drivers\ativvpxx.vp
2008-09-10 17:28 . 2006-11-22 00:48   6,973   -ra------   C:\WINDOWS\system32\atifglpf.xml
2008-09-10 17:28 . 2006-08-24 00:26   2,096   -ra------   C:\WINDOWS\system32\drivers\ativdkxx.vp
2008-09-10 17:28 . 2006-08-24 00:26   2,096   -ra------   C:\WINDOWS\system32\drivers\ativckxx.vp
2008-09-10 17:28 . 2006-08-24 00:27   929   -ra------   C:\WINDOWS\system32\drivers\ativcaxx.vp
2008-09-10 17:28 . 2008-09-10 18:00   87   --a-s----   C:\WINDOWS\system32\3818887764.dat
2008-09-10 17:06 . 2008-09-10 17:06   <DIR>   d--------   C:\Program Files\SAGEM
2008-09-10 17:05 . 2008-09-10 17:05   <DIR>   d--------   C:\WINDOWS\system32\AlertModule
2008-09-10 17:05 . 2008-09-10 17:05   <DIR>   d--------   C:\Program Files\Java
2008-09-10 17:05 . 2008-09-10 17:05   <DIR>   d--------   C:\Program Files\Common Files\InstallShield
2008-09-10 17:05 . 2002-11-01 20:15   45,175   ---------   C:\WINDOWS\system32\plugincpl140_03.cpl
2008-09-10 17:05 . 2002-11-01 20:15   41,068   ---------   C:\WINDOWS\system32\ActPanel.dll
2008-09-10 17:05 . 2004-08-23 14:49   40,960   --a------   C:\WINDOWS\system32\FTRTSVC.exe
2008-09-10 17:05 . 2005-10-06 15:55   36,864   --a------   C:\WINDOWS\system32\IfHelper.dll

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-10 18:20   315,392   ----a-w   C:\WINDOWS\HideWin.exe
2008-09-10 15:06   33   ----a-w   C:\WINDOWS\system32\drivers\adidsl.cfg
2008-09-10 13:57   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
2008-09-10 13:56   ---------   d-----w   C:\Program Files\neostrada tp
2008-09-10 13:49   ---------   d-----w   C:\Program Files\microsoft frontpage
2008-09-10 13:48   ---------   d-----w   C:\Program Files\Usługi online
2008-07-25 08:34   81,920   ----a-w   C:\WINDOWS\system32\dpl100.dll
2008-07-25 08:34   683,520   ----a-w   C:\WINDOWS\system32\divx.dll
2008-07-23 16:50   3,596,288   ----a-w   C:\WINDOWS\system32\qt-dx331.dll
2008-07-09 07:05   75,248   ----a-w   C:\WINDOWS\zllsputility.exe
2008-07-09 07:05   1,086,952   ----a-w   C:\WINDOWS\system32\zpeng24.dll
2008-06-12 18:36   7,680   ----a-w   C:\WINDOWS\system32\ff_vfw.dll
.

------- Sigcheck -------

2006-03-02 12:00  359040  1745b00fc1141404b28f4b94f69a8871   C:\WINDOWS\system32\drivers\tcpip.sys
2006-03-02 12:00  359040  1745b00fc1141404b28f4b94f69a8871   C:\WINDOWS\system32\dllcache\tcpip.sys
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="D:\programy\demon\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\GestMaj.exe" [2004-10-14 32768]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 90112]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"APVXDWIN"="C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE" [2007-01-25 321072]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2006-07-14 13:46 45056 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\PandaAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\PandaFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-09-19 116992]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2006-09-15 64000]
S2 NQSVRTMU;NQSVRTMU;C:\WINDOWS\system32\drivers\NQSVRTMU.sys [ ]
S2 RXPOXVIP;RXPOXVIP;C:\WINDOWS\system32\drivers\RXPOXVIP.sys [ ]
S3 SetupNTGLM7X;SetupNTGLM7X;K:\NTGLM7X.sys [ ]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKLM-Run-WinampAgent - D:\programy\winamp\winampa.exe


.
------- Skan uzupełniający -------
.
FireFox -: Profile - C:\Documents and Settings\Musielek\Dane aplikacji\Mozilla\Firefox\Profiles\hzv6j7f4.default\
FF -: plugin - C:\Program Files\Java\j2re1.4.0_03\bin\NPJava11.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.0_03\bin\NPJava12.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.0_03\bin\NPJava13.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.0_03\bin\NPJava32.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.0_03\bin\NPJPI140_03.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.0_03\bin\NPOJI610.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-12 11:47:05
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe
C:\program files\panda software\panda antivirus 2007\WebProxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
.
**************************************************************************
.
Czas ukończenia: 2008-09-12 11:48:20 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2008-09-12 09:48:14

Przed: 4,915,347,456 bajt˘w wolnych
Po: 4,921,933,824 bajt˘w wolnych

207

z góry dziękuje za pomoc
Ostatnio edytowany przez kaczor12361, 13 Wrz 2008, 10:28, edytowano w sumie 1 raz
kaczor12361
~user
 
Posty: 3
Dołączenie: 08 Mar 2008, 12:30


Góra

Logi z hijack i combofix

Postprzez Okocza 12 Wrz 2008, 14:33

kaczor12361, popraw nazwę tematu
eMachines E730G - Core i5-430M, 2GiB RAM, ATI Mobility Radeon HD5470, WD 320GiB; Cort Z-44,DR 0.09-0.42, Peavey Backstage
Mac OS X 10.7.4 Lion // Windows 7 Professional x64 // NIE POMAGAM NA PW/GG/E-MAIL
Image
"Moje Ego i Anima spotykają się i wymieniają przepisami na ciasteczka" - Maynard James Keenan
Awatar użytkownika
Okocza
~user
 
Posty: 8001
Dołączenie: 19 Mar 2006, 11:53
Pochwały: 406

Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 3 gości

Powered by phpBB © Group
Forum Programosy.pl