Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
Heur.w32 i jeszcze parę innych • programosy.pl
Aktualizacje na programosy.pl: WebCatalogZoteroDisplay Driver Uninstaller (DDU)Far ManagerShotcut1by1PeaZip PortablePeaZipSUPERAntiSpyware Free  

  • Ogłoszenie:

Heur.w32 i jeszcze parę innych

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Heur.w32 i jeszcze parę innych

Postprzez mirekg1963 29 Maj 2009, 10:12

reklama
Witam ponownie! Znowu atak Heur.W32 poza tym parę innych świństw. Niestety nie mogę uruchomić darmowego Clamwin - jak zwykle przy tego rodzaju ataku znika mi i chowa się. Przesyłam loga i proszę uniżenie o pomoc!
Kod: Zaznacz wszystko
OTListIt logfile created on: 2009-05-29 10:05:23 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8     Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

447,48 Mb Total Physical Memory | 225,04 Mb Available Physical Memory | 50,29% Memory free
1,03 Gb Paging File | 0,86 Gb Available in Paging File | 83,39% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 59,95 Gb Free Space | 80,45% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XPN08
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

[color=orange]========== Processes (SafeList) ==========[/color]

PRC - [2006-03-02 14:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007-01-30 12:54:36 | 16,116,224 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-05-15 14:14:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-05-15 14:14:17 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2006-10-31 08:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2005-01-28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2006-03-02 14:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2009-05-29 09:32:45 | 00,019,456 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Temp\winrmnkc.exe
PRC - [2009-05-29 10:05:09 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTListIt2.exe

[color=orange]========== Win32 Services (SafeList) ==========[/color]

SRV - [2006-03-02 14:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009-05-15 14:14:17 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009-05-29 09:21:35 | 01,075,536 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [On_Demand | Stopped])
SRV - [2006-10-31 08:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2005-01-28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])

[color=orange]========== Driver Services (SafeList) ==========[/color]

DRV - [2006-06-19 00:51:32 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - File not found --  -- (asc3360pr [On_Demand | Running])
DRV - [2009-02-09 15:07:51 | 00,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\gdrv.sys -- (gdrv [On_Demand | Stopped])
DRV - [2005-01-07 18:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007-01-30 12:57:50 | 04,474,368 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009-03-05 17:30:45 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV - [2006-10-31 08:35:00 | 03,964,256 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2006-10-18 17:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata [Boot | Running])
DRV - [2006-11-27 17:33:50 | 00,058,368 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2006-11-27 17:33:54 | 00,019,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2006-03-02 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006-03-02 14:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])

[color=orange]========== Standard Registry (SafeList) ==========[/color]


[color=orange]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=orange]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.5.1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-05-15 14:14:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009-05-18 14:14:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009-05-18 14:14:35 | 00,000,000 | ---D | M]

[2009-02-13 14:31:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Extensions
[2009-02-13 14:31:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-05-26 16:09:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\2r4atvdh.default\extensions
[2009-02-14 11:16:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\2r4atvdh.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009-05-26 16:09:08 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-04-28 17:23:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-05-15 14:14:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009-04-28 17:23:11 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-04-28 17:23:11 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2006-06-03 18:43:22 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2008-04-03 19:19:08 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2007-03-31 19:11:54 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2006-06-03 18:43:22 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2008-03-28 23:36:04 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2007-01-05 13:40:56 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon (alch)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-02-09 14:47:15 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{09be1160-1d1a-11de-9b7d-001a4d7a077c}\Shell\AutoRun\command - "" = D:\0bcobed.exe -- File not found
O33 - MountPoints2\{09be1160-1d1a-11de-9b7d-001a4d7a077c}\Shell\open\Command - "" = D:\0bcobed.exe -- File not found
O33 - MountPoints2\{30c9fc24-0d66-11de-9b38-001a4d7a077c}\Shell\AutoRun\command - "" = D:\u.com -- File not found
O33 - MountPoints2\{30c9fc24-0d66-11de-9b38-001a4d7a077c}\Shell\open\Command - "" = D:\u.com -- File not found
O33 - MountPoints2\{33489e06-0f05-11de-9b40-001a4d7a077c}\Shell\AutoRun\command - "" = D:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{33489e06-0f05-11de-9b40-001a4d7a077c}\Shell\open\command - "" = D:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{33489e07-0f05-11de-9b40-001a4d7a077c}\Shell\AutoRun\command - "" = E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{33489e07-0f05-11de-9b40-001a4d7a077c}\Shell\open\command - "" = E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{33e131d3-09a5-11de-9b2b-001a4d7a077c}\Shell\AutoRun\command - "" = D:\o.exe -- File not found
O33 - MountPoints2\{33e131d3-09a5-11de-9b2b-001a4d7a077c}\Shell\open\Command - "" = D:\o.exe -- File not found
O33 - MountPoints2\{3e95d024-1607-11de-9b5e-001a4d7a077c}\Shell\AutoRun\command - "" = D:\jm3cx96.bat -- File not found
O33 - MountPoints2\{3e95d024-1607-11de-9b5e-001a4d7a077c}\Shell\open\Command - "" = D:\jm3cx96.bat -- File not found
O33 - MountPoints2\{4ed936d2-332f-11de-9be9-001a4d7a077c}\Shell\AutoRun\command - "" = D:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
O33 - MountPoints2\{4ed936d2-332f-11de-9be9-001a4d7a077c}\Shell\open\command - "" = D:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
O33 - MountPoints2\{51c11cee-43a5-11de-9c30-001a4d7a077c}\Shell\AutoRun\command - "" = D:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isi32.exe -- File not found
O33 - MountPoints2\{51c11cee-43a5-11de-9c30-001a4d7a077c}\Shell\open\command - "" = D:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isi32.exe -- File not found
O33 - MountPoints2\{55b709ec-3a5b-11de-9c09-001a4d7a077c}\Shell\AutoRun\command - "" = wscript.exe AVG.vbs
O33 - MountPoints2\{55b709ec-3a5b-11de-9c09-001a4d7a077c}\Shell\open\Command - "" = wscript.exe AVG.vbs
O33 - MountPoints2\{7062b4b9-0f17-11de-9b41-001a4d7a077c}\Shell\AutoRun\command - "" = a2h2.com
O33 - MountPoints2\{7062b4b9-0f17-11de-9b41-001a4d7a077c}\Shell\open\Command - "" = a2h2.com
O33 - MountPoints2\{8e3f5aa8-2dd1-11de-9bd3-001a4d7a077c}\Shell\AutoRun\command - "" = D:\ej10fkdo.bat -- File not found
O33 - MountPoints2\{8e3f5aa8-2dd1-11de-9bd3-001a4d7a077c}\Shell\open\Command - "" = D:\ej10fkdo.bat -- File not found
O33 - MountPoints2\{9ad6bbd4-19ff-11de-9b70-001a4d7a077c}\Shell\AutoRun\command - "" = D:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{9ad6bbd4-19ff-11de-9b70-001a4d7a077c}\Shell\open\command - "" = D:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{b3a406f2-f6b0-11dd-9ad1-001a4d7a077c}\Shell\AutoRun\command - "" = D:\2.bat -- File not found
O33 - MountPoints2\{b3a406f2-f6b0-11dd-9ad1-001a4d7a077c}\Shell\open\Command - "" = D:\2.bat -- File not found
O33 - MountPoints2\{b4ac8b57-25d9-11de-9bb4-001a4d7a077c}\Shell\AutoRun\command - "" = D:\i.cmd -- File not found
O33 - MountPoints2\{b4ac8b57-25d9-11de-9bb4-001a4d7a077c}\Shell\open\Command - "" = D:\i.cmd -- File not found
O33 - MountPoints2\{c04e537e-04c2-11de-9b14-001a4d7a077c}\Shell\AutoRun\command - "" = D:\qphdin.com -- File not found
O33 - MountPoints2\{c04e537e-04c2-11de-9b14-001a4d7a077c}\Shell\open\Command - "" = D:\qphdin.com -- File not found
O33 - MountPoints2\{c1b129ba-073e-11de-9b1f-001a4d7a077c}\Shell\AutoRun\command - "" = D:\e.cmd -- File not found
O33 - MountPoints2\{c1b129ba-073e-11de-9b1f-001a4d7a077c}\Shell\explore\Command - "" = D:\e.cmd -- File not found
O33 - MountPoints2\{c1b129ba-073e-11de-9b1f-001a4d7a077c}\Shell\open\Command - "" = D:\e.cmd -- File not found
O33 - MountPoints2\{c707fc26-3bf7-11de-9c11-001a4d7a077c}\Shell\AUtOpLAY\coMMand - "" = D:\uqyl.pif -- File not found
O33 - MountPoints2\{c707fc26-3bf7-11de-9c11-001a4d7a077c}\Shell\AutoRun\command - "" = D:\uqyl.pif -- File not found
O33 - MountPoints2\{c707fc26-3bf7-11de-9c11-001a4d7a077c}\Shell\ExplORe\COMmAND - "" = D:\uqyl.pif -- File not found
O33 - MountPoints2\{c707fc26-3bf7-11de-9c11-001a4d7a077c}\Shell\open\cOmMaNd - "" = D:\uqyl.pif -- File not found
O33 - MountPoints2\{c707fc27-3bf7-11de-9c11-001a4d7a077c}\Shell\AutoplAy\COMMAnD - "" = E:\xbbtho.exe -- File not found
O33 - MountPoints2\{c707fc27-3bf7-11de-9c11-001a4d7a077c}\Shell\AutoRun\command - "" = E:\xbbtho.exe -- File not found
O33 - MountPoints2\{c707fc27-3bf7-11de-9c11-001a4d7a077c}\Shell\explore\coMMAnd - "" = E:\xbbtho.exe -- File not found
O33 - MountPoints2\{c707fc27-3bf7-11de-9c11-001a4d7a077c}\Shell\OPeN\COmMand - "" = E:\xbbtho.exe -- File not found
O33 - MountPoints2\{ca7fa0a8-2292-11de-9b9b-001a4d7a077c}\Shell\AUToplay\cOmmaND - "" = D:\vleg.pif -- File not found
O33 - MountPoints2\{ca7fa0a8-2292-11de-9b9b-001a4d7a077c}\Shell\AutoRun\command - "" = D:\vleg.pif -- File not found
O33 - MountPoints2\{ca7fa0a8-2292-11de-9b9b-001a4d7a077c}\Shell\EXpLOrE\cOMmanD - "" = D:\vleg.pif -- File not found
O33 - MountPoints2\{ca7fa0a8-2292-11de-9b9b-001a4d7a077c}\Shell\oPen\coMmAnD - "" = D:\vleg.pif -- File not found
O33 - MountPoints2\{d00dc90f-478d-11de-9c44-001a4d7a077c}\Shell\AUtoplaY\CommAnD - "" = D:\llyn.pif -- File not found
O33 - MountPoints2\{d00dc90f-478d-11de-9c44-001a4d7a077c}\Shell\AutoRun\command - "" = D:\llyn.pif -- File not found
O33 - MountPoints2\{d00dc90f-478d-11de-9c44-001a4d7a077c}\Shell\eXPlOrE\coMmaNd - "" = D:\llyn.pif -- File not found
O33 - MountPoints2\{d00dc90f-478d-11de-9c44-001a4d7a077c}\Shell\open\Command - "" = D:\llyn.pif -- File not found
O33 - MountPoints2\{db20906c-22dc-11de-9ba1-001a4d7a077c}\Shell - "" = AutoRun
O33 - MountPoints2\{e38e0d96-f6aa-11dd-9ace-001a4d7a077c}\Shell - "" = AutoRun
O33 - MountPoints2\{e38e0d96-f6aa-11dd-9ace-001a4d7a077c}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e38e0d97-f6aa-11dd-9ace-001a4d7a077c}\Shell\auToplAY\CommAND - "" = E:\kbjw.exe -- File not found
O33 - MountPoints2\{e38e0d97-f6aa-11dd-9ace-001a4d7a077c}\Shell\AutoRun\command - "" = E:\kbjw.exe -- File not found
O33 - MountPoints2\{e38e0d97-f6aa-11dd-9ace-001a4d7a077c}\Shell\expLOrE\commAnd - "" = E:\kbjw.exe -- File not found
O33 - MountPoints2\{e38e0d97-f6aa-11dd-9ace-001a4d7a077c}\Shell\OpeN\ComManD - "" = E:\kbjw.exe -- File not found
O33 - MountPoints2\{e6a8e7f8-3e30-11de-9c19-001a4d7a077c}\Shell\AutoRun\command - "" = D:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe -- File not found
O33 - MountPoints2\{e6a8e7f8-3e30-11de-9c19-001a4d7a077c}\Shell\open\command - "" = D:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe -- File not found
O33 - MountPoints2\{f220bd06-4464-11de-9c33-001a4d7a077c}\Shell\AutoRun\command - "" = D:\husyu8n.exe -- File not found
O33 - MountPoints2\{f220bd06-4464-11de-9c33-001a4d7a077c}\Shell\open\Command - "" = D:\husyu8n.exe -- File not found
O33 - MountPoints2\{f91362fe-0809-11de-9b23-001a4d7a077c}\Shell\AutoRun\command - "" = D:\dbrxubcw.com -- File not found
O33 - MountPoints2\{f91362fe-0809-11de-9b23-001a4d7a077c}\Shell\open\Command - "" = D:\dbrxubcw.com -- File not found
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009-05-29 10:05:09 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]

File not found -- C:\Documents and Settings\admin\Pulpit\Piasek - chodz, przytul, przebacz
File not found -- C:\Documents and Settings\admin\Pulpit\Mandy Moore - Only Hope
[2009-05-29 10:05:09 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTListIt2.exe
[2009-05-29 09:37:23 | 00,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2009-05-29 09:35:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\.clamwin
[2009-05-29 09:35:54 | 00,000,770 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ClamWin Antivirus.lnk
[2009-05-29 09:35:47 | 00,000,000 | ---D | C] -- C:\Program Files\ClamWin
[2009-05-29 09:29:56 | 27,864,708 | ---- | C] (alch                                                        ) -- C:\Documents and Settings\admin\Pulpit\clamwin-0.95.1-setup.exe
[2009-05-28 16:23:43 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Patch.flg
[2009-05-28 15:05:39 | 00,054,899 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\my.jpg
[2009-05-28 15:04:54 | 00,020,991 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\ja ja.jpg
[2009-05-28 14:38:28 | 00,008,689 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Hubba Bubba.jpg
[2009-05-27 16:51:20 | 20,393,405 | ---- | C] (CipSoft GmbH                                                ) -- C:\Documents and Settings\admin\Pulpit\tibia841.exe
[2009-05-27 16:50:08 | 00,001,838 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2009-05-27 16:49:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Pulpit\ipchanger7-842_unidownload.com
[2009-05-27 16:49:13 | 00,212,157 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\ipchanger7-842_unidownload.com.zip
[2009-05-27 14:56:56 | 00,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\Notatnik.lnk
[2009-05-26 17:36:51 | 00,000,016 | ---- | C] () -- C:\WINDOWS\system87sG.dat
[2009-05-26 17:36:44 | 00,000,000 | ---D | C] -- C:\Program Files\English Translator 3 Demo
[2009-05-22 17:17:22 | 00,000,574 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Metin2 PL.lnk
[2009-05-20 12:14:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2009-05-19 16:34:18 | 00,000,000 | ---D | C] -- C:\Program Files\DiskTrix
[2009-05-19 16:20:45 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009-05-19 11:25:30 | 00,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2009-05-19 11:25:18 | 00,000,000 | ---D | C] -- C:\Program Files\Nowe Gadu-Gadu
[2009-05-18 18:11:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Apple Computer
[2009-05-18 14:14:12 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009-05-18 14:14:10 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009-05-18 14:14:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple
[2009-05-16 11:05:19 | 00,000,633 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2009-05-13 18:04:06 | 00,000,022 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\zipnew.dat
[2009-05-13 18:04:06 | 00,000,020 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\rarnew.dat
[2009-05-13 18:04:05 | 00,923,136 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\WinRAR.exe
[2009-05-13 18:04:05 | 00,411,471 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\WinRAR.hlp
[2009-05-13 18:04:05 | 00,318,464 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Rar.exe
[2009-05-13 18:04:05 | 00,204,800 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\UnRAR.exe
[2009-05-13 18:04:05 | 00,126,464 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\RarExt.dll
[2009-05-13 18:04:05 | 00,100,864 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Default.SFX
[2009-05-13 18:04:05 | 00,098,816 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Uninstall.exe
[2009-05-13 18:04:05 | 00,079,872 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\WinCon.SFX
[2009-05-13 18:04:05 | 00,066,560 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Zip.SFX
[2009-05-13 18:04:05 | 00,044,032 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\RarExtLoader.exe
[2009-05-13 18:04:05 | 00,043,008 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\RarExt64.dll
[2009-05-13 18:04:05 | 00,010,320 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\WinRAR.cnt
[2009-05-13 18:04:05 | 00,003,081 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Order.htm
[2009-05-13 18:04:05 | 00,001,231 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\RarFiles.lst
[2009-05-13 18:04:05 | 00,001,169 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Descript.ion
[2009-05-13 18:04:05 | 00,000,694 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Uninstall.lst
[2009-05-13 18:04:05 | 00,000,615 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\File_Id.diz
[2009-05-13 18:04:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Formats
[2009-05-06 18:40:22 | 00,000,000 | ---D | C] -- C:\pulpit
[2009-05-06 18:38:37 | 00,086,016 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2009-05-06 18:38:34 | 00,000,000 | ---D | C] -- C:\Sierra
[2009-04-29 11:57:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Nowy folder
[2009-04-01 14:12:53 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006-10-31 08:35:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-10-31 08:35:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-10-31 08:35:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-10-31 08:35:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-10-31 08:35:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-10-31 08:35:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-10-31 08:35:00 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006-03-02 14:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006-03-02 14:00:00 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini
[2006-03-02 14:00:00 | 00,000,263 | ---- | C] () -- C:\WINDOWS\system.ini

[color=orange]========== Files - Modified Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
File not found -- C:\Documents and Settings\admin\Pulpit\Piasek - chodz, przytul, przebacz
File not found -- C:\Documents and Settings\admin\Pulpit\Mandy Moore - Only Hope
[2009-05-29 10:05:09 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTListIt2.exe
[2009-05-29 09:35:55 | 00,000,770 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ClamWin Antivirus.lnk
[2009-05-29 09:34:42 | 27,864,708 | ---- | M] (alch                                                        ) -- C:\Documents and Settings\admin\Pulpit\clamwin-0.95.1-setup.exe
[2009-05-29 09:28:28 | 00,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009-05-29 09:28:25 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\desktop.ini
[2009-05-29 09:28:25 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-05-29 09:28:23 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-05-29 09:22:16 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009-05-28 16:26:36 | 00,000,345 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\metin2.cfg
[2009-05-28 16:26:33 | 00,000,003 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\mouse.cfg
[2009-05-28 16:24:02 | 00,000,006 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\channel.inf
[2009-05-28 16:23:49 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\Patch.flg
[2009-05-28 15:05:11 | 00,054,899 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\my.jpg
[2009-05-28 15:04:46 | 00,020,991 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\ja ja.jpg
[2009-05-28 14:38:09 | 00,008,689 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\Hubba Bubba.jpg
[2009-05-28 14:19:38 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2009-05-27 18:00:00 | 00,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for admin.job
[2009-05-27 16:55:08 | 00,000,633 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2009-05-27 16:54:50 | 20,393,405 | ---- | M] (CipSoft GmbH                                                ) -- C:\Documents and Settings\admin\Pulpit\tibia841.exe
[2009-05-27 16:50:08 | 00,001,838 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2009-05-27 16:49:15 | 00,212,157 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\ipchanger7-842_unidownload.com.zip
[2009-05-26 17:36:51 | 00,000,016 | ---- | M] () -- C:\WINDOWS\system87sG.dat
[2009-05-26 15:19:29 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009-05-26 10:53:06 | 00,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2009-05-25 19:29:45 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009-05-25 12:03:51 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-05-19 16:22:18 | 00,000,263 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-05-19 11:25:30 | 00,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2009-05-13 18:04:06 | 00,000,022 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\zipnew.dat
[2009-05-13 18:04:06 | 00,000,020 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\rarnew.dat
[2009-05-08 10:14:27 | 01,806,336 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\SpeedTreeRT.dll
[2009-05-08 10:14:27 | 00,882,176 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\metin2.bin
[2009-05-08 10:14:27 | 00,843,892 | ---- | M] (PythonLabs at Zope Corporation) -- C:\Documents and Settings\admin\Moje dokumenty\python22.dll
[2009-05-08 10:14:27 | 00,434,252 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\admin\Moje dokumenty\MSVCRTD.DLL
[2009-05-08 10:14:27 | 00,401,462 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\admin\Moje dokumenty\msvcp60.dll
[2009-05-08 10:14:27 | 00,369,719 | ---- | M] (RAD Game Tools, Inc.) -- C:\Documents and Settings\admin\Moje dokumenty\granny2.dll
[2009-05-08 10:14:27 | 00,349,696 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\MSS32.DLL
[2009-05-08 10:14:27 | 00,339,968 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\config.exe
[2009-05-08 10:14:27 | 00,269,312 | ---- | M] (Abysmal Software) -- C:\Documents and Settings\admin\Moje dokumenty\devil.dll
[2009-05-08 10:14:27 | 00,204,800 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\PatchUpdater.exe
[2009-05-08 10:14:27 | 00,159,744 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\errorlog.exe
[2009-05-08 10:14:27 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\admin\Moje dokumenty\mscoree.dll
[2009-05-08 10:14:27 | 00,110,592 | ---- | M] (Pocket Soft, Inc.) -- C:\Documents and Settings\admin\Moje dokumenty\artpclnt.dll
[2009-05-08 10:14:27 | 00,027,648 | ---- | M] (Abysmal Software) -- C:\Documents and Settings\admin\Moje dokumenty\ilu.dll
[2009-05-08 10:10:43 | 00,000,015 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\locale.cfg
[2009-05-06 18:30:22 | 00,001,537 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk
< End of report >
mirekg1963
~user
 
Posty: 190
Dołączenie: 05 Lut 2009, 16:39
Miejscowość: Częstochowa


Góra

Heur.w32 i jeszcze parę innych

Postprzez wojtas 29 Maj 2009, 11:10

Uruchom OTListIt2 i w oknie Custom Scans/Fixes wklej :

:OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Reg Error: Key error. File not found
O33 - MountPoints2\{09be1160-1d1a-11de-9b7d-001a4d7a077c}\Shell\AutoRun\command - "" = D:\0bcobed.exe -- File not found
O33 - MountPoints2\{09be1160-1d1a-11de-9b7d-001a4d7a077c}\Shell\open\Command - "" = D:\0bcobed.exe -- File not found
O33 - MountPoints2\{30c9fc24-0d66-11de-9b38-001a4d7a077c}\Shell\AutoRun\command - "" = D:\u.com -- File not found
O33 - MountPoints2\{30c9fc24-0d66-11de-9b38-001a4d7a077c}\Shell\open\Command - "" = D:\u.com -- File not found
O33 - MountPoints2\{33489e06-0f05-11de-9b40-001a4d7a077c}\Shell\AutoRun\command - "" = D:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{33489e06-0f05-11de-9b40-001a4d7a077c}\Shell\open\command - "" = D:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{33489e07-0f05-11de-9b40-001a4d7a077c}\Shell\AutoRun\command - "" = E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{33489e07-0f05-11de-9b40-001a4d7a077c}\Shell\open\command - "" = E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{33e131d3-09a5-11de-9b2b-001a4d7a077c}\Shell\AutoRun\command - "" = D:\o.exe -- File not found
O33 - MountPoints2\{33e131d3-09a5-11de-9b2b-001a4d7a077c}\Shell\open\Command - "" = D:\o.exe -- File not found
O33 - MountPoints2\{3e95d024-1607-11de-9b5e-001a4d7a077c}\Shell\AutoRun\command - "" = D:\jm3cx96.bat -- File not found
O33 - MountPoints2\{3e95d024-1607-11de-9b5e-001a4d7a077c}\Shell\open\Command - "" = D:\jm3cx96.bat -- File not found
O33 - MountPoints2\{4ed936d2-332f-11de-9be9-001a4d7a077c}\Shell\AutoRun\command - "" = D:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
O33 - MountPoints2\{4ed936d2-332f-11de-9be9-001a4d7a077c}\Shell\open\command - "" = D:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
O33 - MountPoints2\{51c11cee-43a5-11de-9c30-001a4d7a077c}\Shell\AutoRun\command - "" = D:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isi32.exe -- File not found
O33 - MountPoints2\{51c11cee-43a5-11de-9c30-001a4d7a077c}\Shell\open\command - "" = D:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isi32.exe -- File not found
O33 - MountPoints2\{55b709ec-3a5b-11de-9c09-001a4d7a077c}\Shell\AutoRun\command - "" = wscript.exe AVG.vbs
O33 - MountPoints2\{55b709ec-3a5b-11de-9c09-001a4d7a077c}\Shell\open\Command - "" = wscript.exe AVG.vbs
O33 - MountPoints2\{7062b4b9-0f17-11de-9b41-001a4d7a077c}\Shell\AutoRun\command - "" = a2h2.com
O33 - MountPoints2\{7062b4b9-0f17-11de-9b41-001a4d7a077c}\Shell\open\Command - "" = a2h2.com
O33 - MountPoints2\{8e3f5aa8-2dd1-11de-9bd3-001a4d7a077c}\Shell\AutoRun\command - "" = D:\ej10fkdo.bat -- File not found
O33 - MountPoints2\{8e3f5aa8-2dd1-11de-9bd3-001a4d7a077c}\Shell\open\Command - "" = D:\ej10fkdo.bat -- File not found
O33 - MountPoints2\{9ad6bbd4-19ff-11de-9b70-001a4d7a077c}\Shell\AutoRun\command - "" = D:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{9ad6bbd4-19ff-11de-9b70-001a4d7a077c}\Shell\open\command - "" = D:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{b3a406f2-f6b0-11dd-9ad1-001a4d7a077c}\Shell\AutoRun\command - "" = D:\2.bat -- File not found
O33 - MountPoints2\{b3a406f2-f6b0-11dd-9ad1-001a4d7a077c}\Shell\open\Command - "" = D:\2.bat -- File not found
O33 - MountPoints2\{b4ac8b57-25d9-11de-9bb4-001a4d7a077c}\Shell\AutoRun\command - "" = D:\i.cmd -- File not found
O33 - MountPoints2\{b4ac8b57-25d9-11de-9bb4-001a4d7a077c}\Shell\open\Command - "" = D:\i.cmd -- File not found
O33 - MountPoints2\{c04e537e-04c2-11de-9b14-001a4d7a077c}\Shell\AutoRun\command - "" = D:\qphdin.com -- File not found
O33 - MountPoints2\{c04e537e-04c2-11de-9b14-001a4d7a077c}\Shell\open\Command - "" = D:\qphdin.com -- File not found
O33 - MountPoints2\{c1b129ba-073e-11de-9b1f-001a4d7a077c}\Shell\AutoRun\command - "" = D:\e.cmd -- File not found
O33 - MountPoints2\{c1b129ba-073e-11de-9b1f-001a4d7a077c}\Shell\explore\Command - "" = D:\e.cmd -- File not found
O33 - MountPoints2\{c1b129ba-073e-11de-9b1f-001a4d7a077c}\Shell\open\Command - "" = D:\e.cmd -- File not found
O33 - MountPoints2\{c707fc26-3bf7-11de-9c11-001a4d7a077c}\Shell\AUtOpLAY\coMMand - "" = D:\uqyl.pif -- File not found
O33 - MountPoints2\{c707fc26-3bf7-11de-9c11-001a4d7a077c}\Shell\AutoRun\command - "" = D:\uqyl.pif -- File not found
O33 - MountPoints2\{c707fc26-3bf7-11de-9c11-001a4d7a077c}\Shell\ExplORe\COMmAND - "" = D:\uqyl.pif -- File not found
O33 - MountPoints2\{c707fc26-3bf7-11de-9c11-001a4d7a077c}\Shell\open\cOmMaNd - "" = D:\uqyl.pif -- File not found
O33 - MountPoints2\{c707fc27-3bf7-11de-9c11-001a4d7a077c}\Shell\AutoplAy\COMMAnD - "" = E:\xbbtho.exe -- File not found
O33 - MountPoints2\{c707fc27-3bf7-11de-9c11-001a4d7a077c}\Shell\AutoRun\command - "" = E:\xbbtho.exe -- File not found
O33 - MountPoints2\{c707fc27-3bf7-11de-9c11-001a4d7a077c}\Shell\explore\coMMAnd - "" = E:\xbbtho.exe -- File not found
O33 - MountPoints2\{c707fc27-3bf7-11de-9c11-001a4d7a077c}\Shell\OPeN\COmMand - "" = E:\xbbtho.exe -- File not found
O33 - MountPoints2\{ca7fa0a8-2292-11de-9b9b-001a4d7a077c}\Shell\AUToplay\cOmmaND - "" = D:\vleg.pif -- File not found
O33 - MountPoints2\{ca7fa0a8-2292-11de-9b9b-001a4d7a077c}\Shell\AutoRun\command - "" = D:\vleg.pif -- File not found
O33 - MountPoints2\{ca7fa0a8-2292-11de-9b9b-001a4d7a077c}\Shell\EXpLOrE\cOMmanD - "" = D:\vleg.pif -- File not found
O33 - MountPoints2\{ca7fa0a8-2292-11de-9b9b-001a4d7a077c}\Shell\oPen\coMmAnD - "" = D:\vleg.pif -- File not found
O33 - MountPoints2\{d00dc90f-478d-11de-9c44-001a4d7a077c}\Shell\AUtoplaY\CommAnD - "" = D:\llyn.pif -- File not found
O33 - MountPoints2\{d00dc90f-478d-11de-9c44-001a4d7a077c}\Shell\AutoRun\command - "" = D:\llyn.pif -- File not found
O33 - MountPoints2\{d00dc90f-478d-11de-9c44-001a4d7a077c}\Shell\eXPlOrE\coMmaNd - "" = D:\llyn.pif -- File not found
O33 - MountPoints2\{d00dc90f-478d-11de-9c44-001a4d7a077c}\Shell\open\Command - "" = D:\llyn.pif -- File not found
O33 - MountPoints2\{db20906c-22dc-11de-9ba1-001a4d7a077c}\Shell - "" = AutoRun
O33 - MountPoints2\{e38e0d96-f6aa-11dd-9ace-001a4d7a077c}\Shell - "" = AutoRun
O33 - MountPoints2\{e38e0d96-f6aa-11dd-9ace-001a4d7a077c}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e38e0d97-f6aa-11dd-9ace-001a4d7a077c}\Shell\auToplAY\CommAND - "" = E:\kbjw.exe -- File not found
O33 - MountPoints2\{e38e0d97-f6aa-11dd-9ace-001a4d7a077c}\Shell\AutoRun\command - "" = E:\kbjw.exe -- File not found
O33 - MountPoints2\{e38e0d97-f6aa-11dd-9ace-001a4d7a077c}\Shell\expLOrE\commAnd - "" = E:\kbjw.exe -- File not found
O33 - MountPoints2\{e38e0d97-f6aa-11dd-9ace-001a4d7a077c}\Shell\OpeN\ComManD - "" = E:\kbjw.exe -- File not found
O33 - MountPoints2\{e6a8e7f8-3e30-11de-9c19-001a4d7a077c}\Shell\AutoRun\command - "" = D:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe -- File not found
O33 - MountPoints2\{e6a8e7f8-3e30-11de-9c19-001a4d7a077c}\Shell\open\command - "" = D:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe -- File not found
O33 - MountPoints2\{f220bd06-4464-11de-9c33-001a4d7a077c}\Shell\AutoRun\command - "" = D:\husyu8n.exe -- File not found
O33 - MountPoints2\{f220bd06-4464-11de-9c33-001a4d7a077c}\Shell\open\Command - "" = D:\husyu8n.exe -- File not found
O33 - MountPoints2\{f91362fe-0809-11de-9b23-001a4d7a077c}\Shell\AutoRun\command - "" = D:\dbrxubcw.com -- File not found
O33 - MountPoints2\{f91362fe-0809-11de-9b23-001a4d7a077c}\Shell\open\Command - "" = D:\dbrxubcw.com -- File not found

:Commands
[emptytemp]
[start explorer]
[Reboot]


Kliknij w Run Fix. I potwierdz reset kompa .

Następnie uruchamiasz OTListIt2 z opcją Run Scan. Pokazujesz nowy log OTListIt.txt (czyszczenie i skan ) oraz log z combofixa
Image
Awatar użytkownika
wojtas
*mod
 
Posty: 18165
Dołączenie: 13 Sty 2006, 16:00
Miejscowość: Krzeszyce
Pochwały: 1656


Góra

Re: heur.w32 i jeszcze parę innych

Postprzez mirekg1963 29 Maj 2009, 12:13

Bardzo proszę wykonałem co należało OTListIt2
Kod: Zaznacz wszystko
OTListIt logfile created on: 2009-05-29 11:59:25 - Run 2
OTListIt2 by OldTimer - Version 2.0.15.8     Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

447,48 Mb Total Physical Memory | 215,52 Mb Available Physical Memory | 48,16% Memory free
1,03 Gb Paging File | 0,86 Gb Available in Paging File | 83,88% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 60,42 Gb Free Space | 81,09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XPN08
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

[color=orange]========== Processes (SafeList) ==========[/color]

PRC - [2006-03-02 14:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009-05-15 14:14:17 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2006-10-31 08:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2005-01-28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2006-03-02 14:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2007-01-30 12:54:36 | 16,116,224 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-05-15 14:14:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-04-14 12:52:58 | 00,086,016 | ---- | M] (alch) -- C:\Program Files\ClamWin\bin\ClamTray.exe
PRC - [2009-02-06 18:39:29 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009-05-29 10:05:09 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTListIt2.exe

[color=orange]========== Win32 Services (SafeList) ==========[/color]

SRV - [2006-03-02 14:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009-05-15 14:14:17 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009-05-29 09:21:35 | 01,075,536 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [On_Demand | Stopped])
SRV - [2006-10-31 08:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2005-01-28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])

[color=orange]========== Driver Services (SafeList) ==========[/color]

DRV - [2006-06-19 00:51:32 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2009-02-09 15:07:51 | 00,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\gdrv.sys -- (gdrv [On_Demand | Stopped])
DRV - [2005-01-07 18:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007-01-30 12:57:50 | 04,474,368 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009-03-05 17:30:45 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV - [2006-10-31 08:35:00 | 03,964,256 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2006-10-18 17:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata [Boot | Running])
DRV - [2006-11-27 17:33:50 | 00,058,368 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2006-11-27 17:33:54 | 00,019,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2006-03-02 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006-03-02 14:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])

[color=orange]========== Standard Registry (SafeList) ==========[/color]


[color=orange]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=orange]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.5.1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-05-15 14:14:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009-05-18 14:14:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009-05-18 14:14:35 | 00,000,000 | ---D | M]

[2009-02-13 14:31:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Extensions
[2009-02-13 14:31:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-05-26 16:09:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\2r4atvdh.default\extensions
[2009-02-14 11:16:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\2r4atvdh.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009-05-26 16:09:08 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-04-28 17:23:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-05-15 14:14:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009-04-28 17:23:11 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-04-28 17:23:11 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2006-06-03 18:43:22 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2008-04-03 19:19:08 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2007-03-31 19:11:54 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2006-06-03 18:43:22 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2008-03-28 23:36:04 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2007-01-05 13:40:56 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon (alch)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-02-09 14:47:15 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009-05-29 11:58:51 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]

File not found -- C:\Documents and Settings\admin\Pulpit\Piasek - chodz, przytul, przebacz
File not found -- C:\Documents and Settings\admin\Pulpit\Mandy Moore - Only Hope
[2009-05-29 11:51:00 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009-05-29 10:05:09 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTListIt2.exe
[2009-05-29 09:37:23 | 00,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2009-05-29 09:35:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\.clamwin
[2009-05-29 09:35:54 | 00,000,770 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ClamWin Antivirus.lnk
[2009-05-29 09:35:47 | 00,000,000 | ---D | C] -- C:\Program Files\ClamWin
[2009-05-29 09:29:56 | 27,864,708 | ---- | C] (alch                                                        ) -- C:\Documents and Settings\admin\Pulpit\clamwin-0.95.1-setup.exe
[2009-05-28 16:23:43 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Patch.flg
[2009-05-28 15:05:39 | 00,054,899 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\my.jpg
[2009-05-28 15:04:54 | 00,020,991 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\ja ja.jpg
[2009-05-28 14:38:28 | 00,008,689 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Hubba Bubba.jpg
[2009-05-27 16:51:20 | 20,393,405 | ---- | C] (CipSoft GmbH                                                ) -- C:\Documents and Settings\admin\Pulpit\tibia841.exe
[2009-05-27 16:50:08 | 00,001,838 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2009-05-27 16:49:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Pulpit\ipchanger7-842_unidownload.com
[2009-05-27 16:49:13 | 00,212,157 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\ipchanger7-842_unidownload.com.zip
[2009-05-27 14:56:56 | 00,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\Notatnik.lnk
[2009-05-26 17:36:51 | 00,000,016 | ---- | C] () -- C:\WINDOWS\system87sG.dat
[2009-05-26 17:36:44 | 00,000,000 | ---D | C] -- C:\Program Files\English Translator 3 Demo
[2009-05-22 17:17:22 | 00,000,574 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Metin2 PL.lnk
[2009-05-20 12:14:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2009-05-19 16:34:18 | 00,000,000 | ---D | C] -- C:\Program Files\DiskTrix
[2009-05-19 16:20:45 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009-05-19 11:25:30 | 00,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2009-05-19 11:25:18 | 00,000,000 | ---D | C] -- C:\Program Files\Nowe Gadu-Gadu
[2009-05-18 18:11:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Apple Computer
[2009-05-18 14:14:12 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009-05-18 14:14:10 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009-05-18 14:14:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple
[2009-05-16 11:05:19 | 00,000,633 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2009-05-13 18:04:06 | 00,000,022 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\zipnew.dat
[2009-05-13 18:04:06 | 00,000,020 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\rarnew.dat
[2009-05-13 18:04:05 | 00,923,136 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\WinRAR.exe
[2009-05-13 18:04:05 | 00,411,471 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\WinRAR.hlp
[2009-05-13 18:04:05 | 00,318,464 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Rar.exe
[2009-05-13 18:04:05 | 00,204,800 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\UnRAR.exe
[2009-05-13 18:04:05 | 00,126,464 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\RarExt.dll
[2009-05-13 18:04:05 | 00,100,864 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Default.SFX
[2009-05-13 18:04:05 | 00,098,816 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Uninstall.exe
[2009-05-13 18:04:05 | 00,079,872 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\WinCon.SFX
[2009-05-13 18:04:05 | 00,066,560 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Zip.SFX
[2009-05-13 18:04:05 | 00,044,032 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\RarExtLoader.exe
[2009-05-13 18:04:05 | 00,043,008 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\RarExt64.dll
[2009-05-13 18:04:05 | 00,010,320 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\WinRAR.cnt
[2009-05-13 18:04:05 | 00,003,081 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Order.htm
[2009-05-13 18:04:05 | 00,001,231 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\RarFiles.lst
[2009-05-13 18:04:05 | 00,001,169 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Descript.ion
[2009-05-13 18:04:05 | 00,000,694 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Uninstall.lst
[2009-05-13 18:04:05 | 00,000,615 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\File_Id.diz
[2009-05-13 18:04:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Formats
[2009-05-06 18:40:22 | 00,000,000 | ---D | C] -- C:\pulpit
[2009-05-06 18:38:37 | 00,086,016 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2009-05-06 18:38:34 | 00,000,000 | ---D | C] -- C:\Sierra
[2009-04-01 14:12:53 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006-10-31 08:35:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-10-31 08:35:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-10-31 08:35:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-10-31 08:35:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-10-31 08:35:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-10-31 08:35:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-10-31 08:35:00 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006-03-02 14:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006-03-02 14:00:00 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini
[2006-03-02 14:00:00 | 00,000,263 | ---- | C] () -- C:\WINDOWS\system.ini

[color=orange]========== Files - Modified Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
File not found -- C:\Documents and Settings\admin\Pulpit\Piasek - chodz, przytul, przebacz
File not found -- C:\Documents and Settings\admin\Pulpit\Mandy Moore - Only Hope
[2009-05-29 11:58:52 | 00,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009-05-29 11:58:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-05-29 11:58:00 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\desktop.ini
[2009-05-29 11:57:59 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-05-29 10:05:09 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTListIt2.exe
[2009-05-29 09:35:55 | 00,000,770 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ClamWin Antivirus.lnk
[2009-05-29 09:34:42 | 27,864,708 | ---- | M] (alch                                                        ) -- C:\Documents and Settings\admin\Pulpit\clamwin-0.95.1-setup.exe
[2009-05-29 09:22:16 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009-05-28 16:26:36 | 00,000,345 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\metin2.cfg
[2009-05-28 16:26:33 | 00,000,003 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\mouse.cfg
[2009-05-28 16:24:02 | 00,000,006 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\channel.inf
[2009-05-28 16:23:49 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\Patch.flg
[2009-05-28 15:05:11 | 00,054,899 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\my.jpg
[2009-05-28 15:04:46 | 00,020,991 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\ja ja.jpg
[2009-05-28 14:38:09 | 00,008,689 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\Hubba Bubba.jpg
[2009-05-28 14:19:38 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2009-05-27 18:00:00 | 00,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for admin.job
[2009-05-27 16:55:08 | 00,000,633 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2009-05-27 16:54:50 | 20,393,405 | ---- | M] (CipSoft GmbH                                                ) -- C:\Documents and Settings\admin\Pulpit\tibia841.exe
[2009-05-27 16:50:08 | 00,001,838 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2009-05-27 16:49:15 | 00,212,157 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\ipchanger7-842_unidownload.com.zip
[2009-05-26 17:36:51 | 00,000,016 | ---- | M] () -- C:\WINDOWS\system87sG.dat
[2009-05-26 15:19:29 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009-05-26 10:53:06 | 00,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2009-05-25 19:29:45 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009-05-25 12:03:51 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-05-19 16:22:18 | 00,000,263 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-05-19 11:25:30 | 00,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2009-05-13 18:04:06 | 00,000,022 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\zipnew.dat
[2009-05-13 18:04:06 | 00,000,020 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\rarnew.dat
[2009-05-08 10:14:27 | 01,806,336 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\SpeedTreeRT.dll
[2009-05-08 10:14:27 | 00,882,176 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\metin2.bin
[2009-05-08 10:14:27 | 00,843,892 | ---- | M] (PythonLabs at Zope Corporation) -- C:\Documents and Settings\admin\Moje dokumenty\python22.dll
[2009-05-08 10:14:27 | 00,434,252 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\admin\Moje dokumenty\MSVCRTD.DLL
[2009-05-08 10:14:27 | 00,401,462 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\admin\Moje dokumenty\msvcp60.dll
[2009-05-08 10:14:27 | 00,369,719 | ---- | M] (RAD Game Tools, Inc.) -- C:\Documents and Settings\admin\Moje dokumenty\granny2.dll
[2009-05-08 10:14:27 | 00,349,696 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\MSS32.DLL
[2009-05-08 10:14:27 | 00,339,968 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\config.exe
[2009-05-08 10:14:27 | 00,269,312 | ---- | M] (Abysmal Software) -- C:\Documents and Settings\admin\Moje dokumenty\devil.dll
[2009-05-08 10:14:27 | 00,204,800 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\PatchUpdater.exe
[2009-05-08 10:14:27 | 00,159,744 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\errorlog.exe
[2009-05-08 10:14:27 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\admin\Moje dokumenty\mscoree.dll
[2009-05-08 10:14:27 | 00,110,592 | ---- | M] (Pocket Soft, Inc.) -- C:\Documents and Settings\admin\Moje dokumenty\artpclnt.dll
[2009-05-08 10:14:27 | 00,027,648 | ---- | M] (Abysmal Software) -- C:\Documents and Settings\admin\Moje dokumenty\ilu.dll
[2009-05-08 10:10:43 | 00,000,015 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\locale.cfg
[2009-05-06 18:30:22 | 00,001,537 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk
< End of report >

combofix
Kod: Zaznacz wszystko
ComboFix 09-05-28.07 - admin 2009-05-29 12:04.2 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1250.48.1045.18.447.207 [GMT 2:00]
Uruchomiony z: c:\documents and settings\admin\Pulpit\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ASC3360PR
-------\Service_asc3360pr


(((((((((((((((((((((((((   Pliki utworzone od 2009-04-28 do 2009-05-29  )))))))))))))))))))))))))))))))
.

2009-05-29 09:51 . 2009-05-29 09:51   --------   d-----w   C:\_OTListIt
2009-05-29 07:37 . 2009-05-29 07:48   --------   d-----w   c:\program files\SkanerOnline
2009-05-29 07:35 . 2009-05-29 07:35   --------   d-----w   c:\documents and settings\admin\Dane aplikacji\.clamwin
2009-05-29 07:35 . 2009-05-29 07:35   --------   d-----w   c:\program files\ClamWin
2009-05-29 07:35 . 2009-05-29 07:35   --------   d-----w   c:\documents and settings\All Users\.clamwin
2009-05-29 07:22 . 2009-05-29 07:22   314200   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\threatwork.exe
2009-05-29 07:22 . 2009-05-29 07:22   25440   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\savapibridge.dll
2009-05-29 07:22 . 2009-05-29 07:22   169312   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\lavamessage.dll
2009-05-29 07:22 . 2009-05-29 07:22   15688   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\lsdelete.exe
2009-05-29 07:22 . 2009-05-29 07:22   348496   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\lavalicense.dll
2009-05-29 07:22 . 2009-05-29 07:22   294240   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2009-05-29 07:22 . 2009-05-29 07:22   83808   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\ShellExt.dll
2009-05-29 07:21 . 2009-05-29 07:21   1630048   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Resources.dll
2009-05-29 07:21 . 2009-05-29 07:21   40288   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2009-05-29 07:21 . 2009-05-29 07:21   212848   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\RPAPI.dll
2009-05-29 07:21 . 2009-05-29 07:21   73064   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Drivers\32\AAWDriverTool.exe
2009-05-29 07:21 . 2009-05-29 07:21   640360   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-05-29 07:21 . 2009-05-29 07:21   540536   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-05-29 07:21 . 2009-05-29 07:21   559464   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-05-29 07:21 . 2009-05-29 07:21   2352456   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-05-29 07:21 . 2009-05-29 07:21   627536   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2009-05-29 07:21 . 2009-05-29 07:21   518488   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-05-29 07:21 . 2009-05-29 07:21   1005904   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-05-26 15:36 . 2009-05-26 15:36   16   ----a-w   c:\windows\system87sG.dat
2009-05-26 15:36 . 2009-05-26 15:36   --------   d-----w   c:\program files\English Translator 3 Demo
2009-05-19 14:34 . 2009-05-19 14:34   --------   d-----w   c:\program files\DiskTrix
2009-05-19 13:19 . 2009-05-19 13:19   --------   d-----w   c:\documents and settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple
2009-05-19 09:25 . 2009-05-19 10:11   --------   d-----w   c:\program files\Nowe Gadu-Gadu
2009-05-18 16:11 . 2009-05-18 16:11   --------   d-----w   c:\documents and settings\admin\Dane aplikacji\Apple Computer
2009-05-18 12:14 . 2009-05-18 12:14   --------   d-----w   c:\documents and settings\admin\Ustawienia lokalne\Dane aplikacji\Apple
2009-05-18 12:14 . 2009-05-18 12:14   --------   d-----w   c:\program files\Apple Software Update
2009-05-18 12:14 . 2009-05-18 12:14   --------   d-----w   c:\documents and settings\All Users\Dane aplikacji\Apple
2009-05-18 12:14 . 2009-05-18 12:14   --------   d-----w   c:\documents and settings\admin\Ustawienia lokalne\Dane aplikacji\Apple Computer
2009-05-16 09:05 . 2009-03-17 08:49   2424832   ----a-w   c:\documents and settings\Tibia\Tibia.exe
2009-05-15 12:14 . 2009-05-15 12:14   410984   ----a-w   c:\windows\system32\deploytk.dll
2009-05-15 12:13 . 2009-05-15 12:13   152576   ----a-w   c:\documents and settings\admin\Dane aplikacji\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-06 16:40 . 2009-05-06 16:40   --------   d-----w   C:\pulpit
2009-05-06 16:38 . 1999-12-17 07:13   86016   ----a-w   c:\windows\unvise32.exe
2009-05-06 16:38 . 2009-05-06 16:38   --------   d-----w   C:\Sierra

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-29 07:22 . 2009-02-26 18:33   15688   ----a-w   c:\windows\system32\lsdelete.exe
2009-05-27 14:55 . 2009-02-17 13:16   26327   ----a-w   c:\documents and settings\Tibia\unins000.dat
2009-05-27 14:55 . 2009-02-17 13:16   684313   ----a-w   c:\documents and settings\Tibia\unins000.exe
2009-05-27 13:57 . 2009-02-09 17:37   1   ----a-w   c:\documents and settings\admin\Dane aplikacji\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-05-19 14:20 . 2009-02-19 18:26   --------   d-----w   c:\documents and settings\admin\Dane aplikacji\Orbit
2009-05-19 14:19 . 2009-02-09 13:26   --------   d-----w   c:\documents and settings\admin\Dane aplikacji\Nowe Gadu-Gadu
2009-05-18 15:30 . 2009-02-19 19:32   --------   d-----w   c:\documents and settings\admin\Dane aplikacji\uTorrent
2009-05-15 12:14 . 2009-02-09 13:24   --------   d-----w   c:\program files\Java
2009-05-11 17:31 . 2009-02-09 13:12   --------   d-----w   c:\program files\Valve
2009-05-05 15:09 . 2009-04-27 10:59   --------   d-----w   c:\program files\Ganymede
2009-04-27 14:24 . 2009-04-27 14:24   --------   d-----w   c:\documents and settings\All Users\Dane aplikacji\NVIDIA
2009-04-27 11:25 . 2009-04-27 11:00   --------   d-----w   c:\documents and settings\admin\Dane aplikacji\GanymedeNet
2009-04-23 17:30 . 2009-04-23 17:30   64160   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Drivers\32\lbd.sys
2009-04-20 14:00 . 2009-04-20 13:59   --------   d-----w   c:\program files\Bus Driver
2009-04-20 13:53 . 2009-04-20 13:53   --------   d-----w   c:\program files\18 WoS Pedal to the Metal
2009-04-15 10:32 . 2006-03-02 12:00   49492   ----a-w   c:\windows\system32\perfc015.dat
2009-04-15 10:32 . 2006-03-02 12:00   355486   ----a-w   c:\windows\system32\perfh015.dat
2009-04-11 07:39 . 2009-04-11 07:39   --------   d-----w   c:\program files\Gadu-Gadu
2009-04-09 13:20 . 2009-02-09 13:09   --------   d-----w   c:\documents and settings\admin\Dane aplikacji\U3
2009-04-08 18:41 . 2009-04-04 07:18   --------   d-----w   c:\documents and settings\admin\Dane aplikacji\Skype
2009-04-04 07:18 . 2009-04-04 07:18   --------   d-----r   c:\program files\Skype
2009-04-04 07:18 . 2009-04-04 07:17   --------   d-----w   c:\documents and settings\All Users\Dane aplikacji\Skype
2009-04-03 07:13 . 2009-02-19 19:02   --------   d-----w   c:\program files\Opera
2009-03-17 10:55 . 2009-02-09 12:46   76487   ----a-w   c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-03-17 07:49 . 2009-02-17 13:16   232569   ----a-w   c:\documents and settings\Tibia\Tibia.dat
2009-03-07 12:04 . 2009-02-10 17:48   16504   ----a-w   c:\documents and settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-03-06 14:47 . 2006-03-02 12:00   285184   ----a-w   c:\windows\system32\pdh.dll
2009-03-05 15:30 . 2009-03-05 15:30   69664   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Drivers\64\lbd.sys
2009-03-05 15:30 . 2009-03-05 15:30   274792   ----a-w   c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Drivers\64\AAWDriverTool.exe
2009-03-05 15:30 . 2009-02-26 18:29   64160   ----a-w   c:\windows\system32\drivers\Lbd.sys
2009-02-13 12:15 . 2009-02-09 16:31   270970   --sha-r   c:\windows\system32\AVG.vbs
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-15 148888]
"ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2009-04-14 86016]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-01-30 16116224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^admin^Menu Start^Programy^Autostart^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\admin\Menu Start\Programy\Autostart\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Metin2_PL\\metin2.bin"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Documents and Settings\\admin\\Moje dokumenty\\metin2.bin"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\instal\\UltimateDefrag Freeware Edition 1.72\\UltimateDefragFREEPublicDomainEditionSetup.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jqsnotify.exe"=
"c:\\Documents and Settings\\admin\\Moje dokumenty\\metin2.exe"=
"c:\\Program Files\\OpenOffice.org 3\\program\\soffice.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Lavasoft\\Ad-Aware\\Ad-AwareAdmin.exe"=
"c:\\Program Files\\Mozilla Firefox\\crashreporter.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\wscntfy.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaws.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-26 64160]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 1075536]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{28ABC5C0-4FCB-11CF-AAX5-21CX1C643131}]
c:\system\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe
.
Zawartość folderu 'Zaplanowane zadania'

2009-05-25 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 07:21]

2009-05-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

SafeBoot-procexp90.Sys


.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/
mStart Page = hxxp://www.yahoo.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab
FF - ProfilePath - c:\documents and settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2r4atvdh.default\
FF - prefs.js: browser.startup.homepage - www.google.pl
FF - component: c:\documents and settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\2r4atvdh.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npganymedenet.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-29 12:06
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ... 

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ... 

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'explorer.exe'(1980)
c:\windows\system32\msi.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Czas ukończenia: 2009-05-29 12:09 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2009-05-29 10:09
ComboFix2.txt  2009-04-04 08:49

Przed: 64 861 937 664 bajtów wolnych
Po: 64 843 280 384 bajtów wolnych

182   --- E O F ---   2009-05-20 10:15
mirekg1963
~user
 
Posty: 190
Dołączenie: 05 Lut 2009, 16:39
Miejscowość: Częstochowa


Góra

Heur.w32 i jeszcze parę innych

Postprzez wojtas 29 Maj 2009, 12:16

wklej do notatnika

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{28ABC5C0-4FCB-11CF-AAX5-21CX1C643131}]


w notatniku u góry>>>plik zapisz jako>>>Zmien rozszerzenie z TXT na Wszystkie pliki *.* >>> Zapisz pod nazwą FIX.REG

Klikasz dwa razy na powstały plik fix i dodajesz go do rejestru....

Uruchom OTListIt2 z opcji CleanUp
Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
Wykonaj skan Dr. Web CureIt
Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

i tym (skasuj co znajdzie)

Malwarebytes Anti-Malware
Image
Awatar użytkownika
wojtas
*mod
 
Posty: 18165
Dołączenie: 13 Sty 2006, 16:00
Miejscowość: Krzeszyce
Pochwały: 1656


Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 1 gość

Powered by phpBB © Group
Forum Programosy.pl