Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
powtarzające sie problemy z czytaniem stron • programosy.pl
Aktualizacje na programosy.pl: EverNoteQimageCypheros TS-DoctorGridinSoft Anti-MalwareLoaris Trojan RemoverMonkey′s AudioMozilla FirefoxAtlantis Word ProcessorMachinery HDR Effects  

  • Ogłoszenie:

powtarzające sie problemy z czytaniem stron

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Zablokowany temat

Powtarzające sie problemy z czytaniem stron

Postprzez gus 24 Lip 2008, 13:32

reklama
Pomimo wcześniejszej, nieocenionej pomocy nadal pojawiają sie te same błędy - niektóre strony sie nie wczytują, a google i youtube nie wyszukują. Przeczyściłem kompa wszystkimi programami, które tu polecacie, ale po kilkudziesięciu minutach lub kilku godzinach sytuacja wraca do normy. Mam zainstalowanego Avasta home edition. Nie chodzę po żadnych podejrzanych stronach. Co jeszcze powinienem zrobić lub zainstalować?

Załączam logi

Hijack:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:48, on 2008-07-24
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20815)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {B865F8F5-8E63-4A56-B5A2-141156A7667C} - C:\WINDOWS\system32\ljJDUonn.dll (file missing)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Launch Ai Booster] "C:\Program Files\ASUS\Ai Booster\OverClk.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BM6b6f3bed] Rundll32.exe "C:\WINDOWS\system32\ysmwxgjs.dll",s
O4 - HKLM\..\Run: [685c0871] rundll32.exe "C:\WINDOWS\system32\pysfwlqh.dll",b
O4 - HKLM\..\RunOnce: [KB926239] rundll32.exe apphelp.dll,ShimFlushCache
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier - Szybkie uruchomienie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 8168 bytes




Combofix:



ComboFix 08-07-21.2 - krzysiek 2008-07-24 12:53:00.3 - NTFSx86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.822 [GMT 2:00]
Running from: D:\Programy\Problemy z kompem\Rejestr\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\hqlwfsyp.ini
C:\WINDOWS\system32\nnoUDJjl.ini
C:\WINDOWS\system32\nnoUDJjl.ini2
C:\WINDOWS\system32\pysfwlqh.dll
C:\WINDOWS\system32\ysmwxgjs.dll
.
---- Previous Run -------
.
C:\WINDOWS\BM6b6f3bed.txt
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\acjbivrf.dll
C:\WINDOWS\system32\afcgfoyx.dll
C:\WINDOWS\system32\ckeephhm.dll
C:\WINDOWS\system32\eqtwmlfw.dll
C:\WINDOWS\system32\frvibjca.ini
C:\WINDOWS\system32\gxapnckr.ini
C:\WINDOWS\system32\ixfkmmis.dll
C:\WINDOWS\system32\mhhpeekc.ini
C:\WINDOWS\system32\nnoUDJjl.ini
C:\WINDOWS\system32\nnoUDJjl.ini2
C:\WINDOWS\system32\qoMfcddd.dll
C:\WINDOWS\system32\rkcnpaxg.dll
C:\WINDOWS\system32\tptkwkur.dll
C:\WINDOWS\system32\tuvVPHAQ.dll

.
((((((((((((((((((((((((( Files Created from 2008-06-24 to 2008-07-24 )))))))))))))))))))))))))))))))
.

2008-07-24 11:55 . 2008-07-24 11:55 1,320 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-07-24 10:35 . 2008-07-24 10:35 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-23 18:57 . 2008-07-23 22:35 384 --a------ C:\WINDOWS\SIERRA.INI
2008-07-23 18:31 . 2008-07-23 18:31 <DIR> d-------- C:\Documents and Settings\krzysiek.PRIVATE-28C405B\Dane aplikacji\DAEMON Tools
2008-07-23 18:30 . 2008-07-23 18:30 <DIR> d-------- C:\Documents and Settings\krzysiek.PRIVATE-28C405B\Dane aplikacji\Gadu-Gadu
2008-07-23 15:20 . 2008-07-23 15:20 <DIR> d-------- C:\WINDOWS\ERUNT
2008-07-23 15:05 . 2008-07-23 15:30 <DIR> d-------- C:\SDFix
2008-07-23 09:32 . 2008-07-23 09:32 <DIR> d-------- C:\Documents and Settings\krzysiek.PRIVATE-28C405B\Dane aplikacji\AdobeUM
2008-07-23 08:51 . 2008-07-23 08:51 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-23 08:38 . 2008-07-23 08:38 <DIR> d-------- C:\WINDOWS\system32\xircom
2008-07-23 08:38 . 2008-07-23 08:38 <DIR> d-------- C:\WINDOWS\srchasst
2008-07-23 08:38 . 2008-07-23 08:38 <DIR> d-------- C:\Program Files\microsoft frontpage
2008-07-22 22:32 . 2008-07-22 22:32 <DIR> d--h----- C:\ErdUndoCache
2008-07-22 21:57 . 2008-07-22 21:57 <DIR> d-------- C:\Documents and Settings\krzysiek.PRIVATE-28C405B\Dane aplikacji\DivX
2008-07-22 21:16 . 2008-07-22 21:16 <DIR> d-------- C:\Documents and Settings\krzysiek.PRIVATE-28C405B\Dane aplikacji\HP
2008-07-22 20:36 . 2008-07-22 20:36 <DIR> d--hs---- C:\Documents and Settings\NetworkService.ZARZ¤DZANIE NT
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Ustawienia lokalne
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Ustawienia lokalne
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Ulubione
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Ulubione
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Szablony
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Szablony
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\SendTo
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\SendTo
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Recent
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Recent
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Pulpit
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Pulpit
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\PrintHood
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\PrintHood
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\NetHood
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\NetHood
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Moje dokumenty
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Moje dokumenty
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Menu Start
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Menu Start
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Dane aplikacji
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Dane aplikacji
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Cookies
2008-07-22 20:36 . <DIR> C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\Cookies
2008-07-22 20:36 . 2008-07-22 20:36 <DIR> d--hs---- C:\Documents and Settings\LocalService.ZARZ¤DZANIE NT
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Ustawienia lokalne
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Ustawienia lokalne
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Ulubione
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Ulubione
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Szablony
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Szablony
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\SendTo
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\SendTo
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Recent
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Recent
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Pulpit
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Pulpit
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\PrintHood
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\PrintHood
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\NetHood
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\NetHood
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Moje dokumenty
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Moje dokumenty
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Menu Start
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Menu Start
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Dane aplikacji\Microsoft
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Dane aplikacji
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Dane aplikacji
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Cookies
2008-07-22 20:36 . <DIR> C:\Documents and Settings\LocalService.ZARZąDZANIE NT\Cookies
2008-07-22 20:36 . 2002-01-02 03:34 <DIR> d--h----- C:\Documents and Settings\krzysiek.PRIVATE-28C405B\Ustawienia lokalne
2008-07-22 20:36 . 2008-07-22 20:37 <DIR> dr------- C:\Documents and Settings\krzysiek.PRIVATE-28C405B\Ulubione
2008-07-22 20:36 . 2008-07-22 20:36 <DIR> d--h----- C:\Documents and Settings\krzysiek.PRIVATE-28C405B\Szablony
2008-07-22 20:36 . 2008-07-24 12:48 <DIR> d-------- C:\Documents and Settings\krzysiek.PRIVATE-28C405B\Pulpit
2008-07-22 20:36 . 2008-07-23 22:42 <DIR> dr------- C:\Documents and Settings\krzysiek.PRIVATE-28C405B\Moje dokumenty
2008-07-22 20:36 . 2002-01-02 03:34 <DIR> d-------- C:\Documents and Settings\krzysiek.PRIVATE-28C405B\Menu Start
2008-07-22 20:36 . 2008-07-23 18:31 <DIR> d--h----- C:\Documents and Settings\krzysiek.PRIVATE-28C405B\Dane aplikacji
2008-07-22 20:36 . 2008-07-24 01:17 <DIR> d-------- C:\Documents and Settings\krzysiek.PRIVATE-28C405B
2008-07-22 20:36 . 262,144 C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\ntuser.dat
2008-07-22 20:36 . 262,144 C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\ntuser.dat
2008-07-22 20:36 . 262,144 C:\Documents and Settings\LocalService.ZARZąDZANIE NT\ntuser.dat
2008-07-22 20:36 . 262,144 C:\Documents and Settings\LocalService.ZARZąDZANIE NT\ntuser.dat
2008-07-22 18:13 . 2008-07-22 18:13 <DIR> d-------- C:\Program Files\Foteria
2008-07-22 16:34 . 2008-07-22 16:34 <DIR> d-------- C:\Program Files\Lavasoft
2008-07-22 16:33 . 2008-07-22 16:33 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-22 16:31 . 2008-07-22 16:33 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2008-07-22 00:10 . 2008-07-22 12:54 43,701 ---hs---- C:\WINDOWS\system32\yqxnwpli.ini
2008-07-22 00:08 . 2008-07-24 12:41 110,428 --a------ C:\WINDOWS\BM6b6f3bed.xml
2008-07-21 23:27 . 2008-07-23 19:28 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-07-21 23:27 . 2008-07-21 23:29 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-07-21 23:27 . 2008-07-23 19:28 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-07-21 23:22 . 2008-07-21 23:22 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-07-21 23:06 . 2008-07-22 06:06 <DIR> d-------- C:\[PC] The Witcher [ENG-OnLY] [dopeman]
2008-07-21 16:34 . 2008-07-21 23:00 <DIR> d-------- C:\Need.For.Speed.Pro.Street-RELOADED
2008-07-20 19:59 . 2008-07-20 19:59 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\PlayFirst
2008-07-20 19:55 . 2008-07-20 19:55 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-07-19 23:59 . 2008-07-19 23:59 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-07-19 15:40 . 2008-07-19 15:40 <DIR> d--h----- C:\WINDOWS\PIF
2008-07-18 00:02 . 2008-07-02 18:52 107,370 --------- C:\WINDOWS\hpqins13.dat.temp
2008-07-13 22:16 . 2008-07-13 22:16 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-07-13 22:03 . 2008-07-13 22:03 <DIR> d-------- C:\Program Files\Skype
2008-07-13 22:03 . 2008-07-13 22:14 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-07-11 17:31 . 2008-07-11 17:31 <DIR> d-------- C:\Program Files\IrfanView
2008-07-09 08:29 . 2007-10-09 01:57 100,352 --------- C:\WINDOWS\system32\dllcache\6to4svc.dll
2008-07-04 08:15 . 2008-07-04 08:15 221 --a------ C:\WINDOWS\NCLogConfig.ini
2008-07-02 18:50 . 2008-07-18 00:02 107,013 --a------ C:\WINDOWS\hpqins13.dat
2008-06-30 12:23 . 2006-10-04 16:06 1,197,294 --------- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-06-30 12:23 . 2006-10-04 16:06 764,868 --------- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-06-30 12:23 . 2004-08-04 04:44 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-30 12:23 . 2006-10-04 16:06 217,118 --------- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-06-30 12:22 . 2006-09-25 17:58 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-27 01:19 . 2008-06-27 01:19 <DIR> d-------- C:\Program Files\MarBit

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-24 09:24 --------- d-----w C:\Program Files\Gadu-Gadu
2008-07-24 08:33 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-07-24 08:29 --------- d-----w C:\Program Files\Symantec
2008-07-24 08:29 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Symantec
2008-07-23 16:21 --------- d-----w C:\Program Files\NAPI-PROJEKT
2008-07-20 21:35 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-13 20:03 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Skype
2008-06-20 19:08 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-06-20 17:37 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:37 246,784 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:37 147,968 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 16:57 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2008-06-20 16:34 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-06-20 16:32 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-06-20 10:44 360,960 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 360,960 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44 138,368 ------w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:32 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:32 225,920 ------w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-17 19:21 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Go Go Gourmet
2008-06-17 01:00 --------- d-----w C:\Program Files\MSXML 4.0
2008-06-16 13:28 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\HP
2008-06-16 13:26 --------- d-----w C:\Program Files\Common Files\Sonic Shared
2008-06-16 13:26 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Sonic
2008-06-16 13:25 --------- d-----w C:\Program Files\Common Files\HP
2008-06-16 13:21 --------- d-----w C:\Program Files\HP
2008-06-16 13:21 --------- d-----w C:\Program Files\Hewlett-Packard
2008-06-16 13:21 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2008-06-15 19:33 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
2008-06-14 18:01 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 18:01 273,024 ------w C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-11 20:52 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-11 18:00 --------- d-----w C:\Program Files\DivX
2008-06-04 21:47 --------- d-----w C:\Program Files\Ahead
2008-06-04 21:46 --------- d-----w C:\Program Files\Common Files\Ahead
2008-06-03 08:47 --------- d-----w C:\Program Files\Common Files\G DATA
2008-06-03 08:45 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\G DATA
2008-06-01 08:14 --------- d-----w C:\Program Files\BitComet
2008-05-31 19:55 2,560 ----a-w C:\WINDOWS\system32\bitcometres.dll
2008-05-31 18:29 --------- d-----w C:\Program Files\FLV Player
2008-05-31 00:43 --------- d-----w C:\Program Files\Java
2008-05-31 00:41 --------- d-----w C:\Program Files\Common Files\Java
2008-05-31 00:02 46,536 ----a-w C:\WINDOWS\system32\drivers\MiniIcpt.sys
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-05-30 21:37 --------- d-----w C:\Program Files\MSXML 6.0
2008-05-22 22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-08 12:14 203,008 ------w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:03 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:03 1,291,776 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2002-01-02 00:47 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2002-01-02 00:48 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat
2002-01-02 00:48 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012002010220020103\index.dat
2002-01-02 00:47 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat
.

------- Sigcheck -------

2007-07-10 15:06 642560 ce594e18fe0d0af804f1f3694921ce62 C:\WINDOWS\system32\user32.dll

2007-10-19 00:19 2145280 6c264e21d3bd7082b43fc016d760c1d1 C:\WINDOWS\system32\ntoskrnl.exe
.
((((((((((((((((((((((((((((( snapshot_2008-07-24_10.19.58.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-19 14:43:08 1,163,960 ----a-w C:\WINDOWS\system32\aswBoot.exe
+ 2008-07-19 14:30:53 94,392 ----a-w C:\WINDOWS\system32\AvastSS.scr
+ 2008-07-24 10:49:28 262,144 ---ha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat
+ 2007-10-08 23:34:59 2,450,944 ----a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
+ 2008-07-19 14:32:15 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
+ 2008-07-19 14:37:42 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys
+ 2008-01-17 16:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
+ 2008-07-19 14:37:21 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
+ 2008-07-19 14:33:42 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
+ 2008-07-19 14:35:18 78,416 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys
+ 2008-07-19 14:32:36 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
- 2007-11-30 12:40:46 19,320 ------w C:\WINDOWS\system32\spmsg.dll
+ 2006-09-25 15:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2008-07-24 10:56:55 16,384 ----atw C:\WINDOWS\temp\Perflib_Perfdata_6f0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:44 15360]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 12:04 2127296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch Ai Booster"="C:\Program Files\ASUS\Ai Booster\OverClk.exe" [2006-06-23 18:26 3706368]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 11:22 7618560]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]
"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 09:34 81920]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 16:38 78008]
"BM6b6f3bed"="C:\WINDOWS\system32\ysmwxgjs.dll" [BU]
"685c0871"="C:\WINDOWS\system32\pysfwlqh.dll" [BU]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-17 20:20 16844800 C:\WINDOWS\RTHDCPL.EXE]
"nwiz"="nwiz.exe" [2006-06-01 11:22 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 11:22 86016 C:\WINDOWS\system32\nvmctray.dll]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 04:44 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472]
HP Photosmart Premier - Szybkie uruchomienie.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 07:56:20 73728]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"D:\\gry\\settlers\\base\\bin\\Settlers6.exe"=
"D:\\gry\\settlers\\extra1\\bin\\Settlers6.exe"=
"D:\\Sof\\sof3.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23042:TCP"= 23042:TCP:BitComet 23042 TCP
"23042:UDP"= 23042:UDP:BitComet 23042 UDP

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R2 Harmonogram automatycznej usługi LiveUpdate;Harmonogram automatycznej usługi LiveUpdate;C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-09-13 14:54]
S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
.
- - - - ORPHANS REMOVED - - - -

BHO-{B865F8F5-8E63-4A56-B5A2-141156A7667C} - C:\WINDOWS\system32\ljJDUonn.dll


.
------- Supplementary Scan -------
.
O8 -: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 -: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 -: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 -: E&ksport do programu Microsoft Excel - C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 -: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-24 12:57:05
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Completion time: 2008-07-24 12:59:07 - machine was rebooted [krzysiek]
ComboFix-quarantined-files.txt 2008-07-24 10:59:04

Pre-Run: 16,404,836,352 bajtów wolnych
Post-Run: 16,397,422,592 bajt˘w wolnych

347 --- E O F --- 2008-07-10 07:06:41



SDfix:



SDFix: Version 1.207
Run by krzysiek on 2008-07-24 at 13:06

Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found






Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-24 13:24:34
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:03,7f,f4,9c,17,bf,39,c1,54,be,ae,d7,0b,30,fd,68,a7,3f,13,71,35,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,35,42,74,90,03,68,7a,aa,b5,da,e1,86,13,4f,b6,fc,cb,..
"khjeh"=hex:e7,0f,7a,d4,0b,fc,c3,75,84,3c,cf,69,67,52,da,08,5a,0a,58,a3,4e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:1f,57,d1,3d,c6,30,cd,6f,8a,d1,87,8d,c5,a6,db,d9,04,e0,ad,3f,13,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:03,7f,f4,9c,17,bf,39,c1,54,be,ae,d7,0b,30,fd,68,a7,3f,13,71,35,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,35,42,74,90,03,68,7a,aa,b5,da,e1,86,13,4f,b6,fc,cb,..
"khjeh"=hex:e7,0f,7a,d4,0b,fc,c3,75,84,3c,cf,69,67,52,da,08,5a,0a,58,a3,4e,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:88,a9,6d,ed,b9,e3,11,4e,fe,35,9a,4e,29,70,42,9e,ea,ef,bf,da,22,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:03,7f,f4,9c,17,bf,39,c1,54,be,ae,d7,0b,30,fd,68,a7,3f,13,71,35,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,35,42,74,90,03,68,7a,aa,b5,da,e1,86,13,4f,b6,fc,cb,..
"khjeh"=hex:e7,0f,7a,d4,0b,fc,c3,75,84,3c,cf,69,67,52,da,08,5a,0a,58,a3,4e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:88,a9,6d,ed,b9,e3,11,4e,fe,35,9a,4e,29,70,42,9e,ea,ef,bf,da,22,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000000
"TracesSuccessful"=dword:00000000
"LastTraceFailure"=dword:00000000

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Mozilla Firefox"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"D:\\gry\\settlers\\base\\bin\\Settlers6.exe"="D:\\gry\\settlers\\base\\bin\\Settlers6.exe:*:Enabled:THE SETTLERS - Rise of an Empire"
"D:\\gry\\settlers\\extra1\\bin\\Settlers6.exe"="D:\\gry\\settlers\\extra1\\bin\\Settlers6.exe:*:Enabled:THE SETTLERS - Rise of an Empire - The Eastern Realm"
"D:\\Sof\\sof3.exe"="D:\\Sof\\sof3.exe:*:Enabled:sof3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

Remaining Files :



Files with Hidden Attributes :

Tue 22 Apr 2008 625,664 A.SH. --- "C:\Program Files\Internet Explorer\iexplore.exe"
Wed 17 Oct 2007 224,256 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"
Wed 4 Aug 2004 4,639 A.SH. --- "C:\Program Files\Windows Media Player\mplayer2.exe"
Fri 1 Dec 2006 64,000 A.SH. --- "C:\Program Files\Windows Media Player\wmplayer.exe"
Mon 30 Jun 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Wed 16 Jul 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8a7603e7cf792509c9ebbd8c74c82553\BIT42.tmp"

Finished!

gus
~user
 
Posty: 36
Dołączenie: 23 Lip 2008, 08:53


Góra
Zablokowany temat

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 16 gości

Powered by phpBB © Group
Forum Programosy.pl