Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
"trojan w irc", błąd przy uruchamianiu gry lineage • programosy.pl
Aktualizacje na programosy.pl: EverNoteQimageCypheros TS-DoctorGridinSoft Anti-MalwareLoaris Trojan RemoverMonkey′s AudioMozilla FirefoxAtlantis Word ProcessorMachinery HDR Effects  

  • Ogłoszenie:

"trojan w irc", błąd przy uruchamianiu gry lineage

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

"trojan w irc", błąd przy uruchamianiu gry lineage

Postprzez mastersebol 27 Cze 2008, 23:53

reklama
Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:51:25, on 2008-06-27
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\mIRC\mirc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.onet.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {aa58ed58-01dd-4d91-8333-cf10577473f7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TBPanel] C:\Program Files\VDOTool\TBPanel.exe /A
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [IPLA!] C:\Program Files\IPLA\IPLA.exe /autostart
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Firefox Preloader.lnk = C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe
O8 - Extra context menu item: &d&ownload &with bitcomet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &d&ownload all video with bitcomet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &d&ownload all with bitcomet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77bf5300-1474-4ec7-9980-d32b190e9b07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {a903e5ab-c67e-40fb-94f1-e1305982f6e0} (KooPlayer Control) - http://www.tvkoo.com/update/UKooPlayer.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: yaywvtSM - yaywvtSM.dll (file missing)
O23 - Service: cFosSpeed System Service (cfosspeeds) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MySql (mysql) - Unknown owner - c:\usr/MYSQL/bin/mysqld.exe
O23 - Service: NBService (nbservice) - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService (nmindexingservice) - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - http://managerzone.com/swf/outfit_viewer_mz.swf

--
End of file - 6510 bytes



Kod: Zaznacz wszystko
ComboFix 08-06-20.4 - sebo 2008-06-27 23:42:09.5 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.1557 [GMT 2:00]
Running from: C:\Documents and Settings\sebo\Pulpit\ComboFix.exe

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

(((((((((((((((((((((((((   Files Created from 2008-05-27 to 2008-06-27  )))))))))))))))))))))))))))))))
.

2008-06-27 19:37 . 2006-02-04 03:50   5,174   --a------   C:\WINDOWS\system32\nppt9x.vxd
2008-06-27 19:37 . 2006-02-04 03:50   4,682   --a------   C:\WINDOWS\system32\npptNT2.sys
2008-06-26 16:37 . 2008-06-26 16:37   <DIR>   d--------   C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2008-06-20 00:16 . 2008-06-20 00:16   13   --a------   C:\WINDOWS\system32\WinSys16.crc
2008-06-20 00:15 . 2008-06-20 00:15   <DIR>   d--------   C:\Program Files\CoffeeCup Software
2008-06-20 00:06 . 2008-06-20 00:13   <DIR>   d--------   C:\Program Files\Banner Maker Pro 5
2008-06-20 00:06 . 2008-06-20 00:06   53,248   --a------   C:\WINDOWS\SIUnInst.exe
2008-06-19 00:09 . 2008-06-19 00:09   <DIR>   d--------   C:\Documents and Settings\sebo\Dane aplikacji\Sports Interactive
2008-06-19 00:06 . 2008-06-19 00:07   <DIR>   d--h-----   C:\Program Files\Zero G Registry
2008-06-19 00:06 . 2008-06-19 00:06   <DIR>   d--h-----   C:\Documents and Settings\sebo\InstallAnywhere
2008-06-18 23:48 . 2008-06-22 01:03   <DIR>   d--------   C:\Program Files\IDoser v4
2008-06-08 18:33 . 2008-06-08 18:33   <DIR>   d--------   C:\Documents and Settings\sebo\Dane aplikacji\ipla
2008-06-08 18:33 . 2008-06-25 23:03   <DIR>   d--------   C:\Documents and Settings\All Users\Dane aplikacji\ipla
2008-06-08 18:29 . 2008-06-26 16:44   <DIR>   d--------   C:\Program Files\IPLA
2008-06-08 18:29 . 2003-08-29 00:55   423,424   --a------   C:\WINDOWS\system32\WMAVDS32.ax
2008-06-08 18:29 . 2001-03-26 03:41   245,760   --a------   C:\WINDOWS\system32\mp4sds32.ax
2008-06-04 18:15 . 2008-06-04 18:15   199   --a------   C:\WINDOWS\wcx_ftp.ini
2008-06-04 18:14 . 2008-06-04 18:14   <DIR>   d--------   C:\totalcmd
2008-06-04 18:14 . 2008-06-04 18:18   825   --a------   C:\WINDOWS\wincmd.ini
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\UC.PIF
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\RAR.PIF
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\PKZIP.PIF
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\PKUNZIP.PIF
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\NOCLOSE.PIF
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\LHA.PIF
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\ARJ.PIF
2008-06-04 18:06 . 2008-06-04 18:06   <DIR>   d--------   C:\Program Files\Teleport Pro
2008-06-04 16:21 . 2008-06-04 16:21   <DIR>   d--------   C:\Program Files\PowerISO
2008-06-04 15:01 . 2008-06-15 00:27   <DIR>   d--------   C:\Program Files\123 Flash Menu
2008-06-02 13:57 . 2008-06-02 13:57   <DIR>   d--------   C:\usr
2008-06-02 13:54 . 2008-06-27 19:12   <DIR>   d--------   C:\Program Files\cFosSpeed
2008-06-02 13:54 . 2008-02-12 15:16   717,016   -ra------   C:\WINDOWS\system32\drivers\cfosspeed.sys
2008-06-02 13:54 . 2008-02-12 15:16   285,912   --a------   C:\WINDOWS\system32\cfosspeed.dll
2008-05-27 22:29 . 2008-06-18 18:55   <DIR>   d--------   C:\Program Files\Pool Sharks

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-27 21:43   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\mIRC
2008-06-27 21:22   ---------   d-----w   C:\Program Files\mIRC
2008-06-27 17:31   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
2008-06-27 10:34   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\Skype
2008-06-26 10:33   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\skypePM
2008-06-19 21:44   219,648   ----a-w   C:\WINDOWS\system32\uxtheme.dll
2008-06-14 21:03   ---------   d-----w   C:\Program Files\MZ Manager 2
2008-06-12 16:43   ---------   d-----w   C:\Program Files\SopCast
2008-06-11 23:10   ---------   d-----w   C:\Program Files\BitComet
2008-06-09 16:20   ---------   d-----w   C:\Program Files\Opera
2008-06-08 16:40   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\Winamp
2008-06-04 14:19   ---------   d-----w   C:\Program Files\DAEMON Tools Lite
2008-05-25 22:09   ---------   d-----w   C:\Program Files\Softronics
2008-05-19 21:46   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\Hamachi
2008-05-18 12:19   25,280   ----a-w   C:\WINDOWS\system32\drivers\hamachi.sys
2008-05-18 12:19   ---------   d-----w   C:\Program Files\Hamachi
2008-05-11 11:19   ---------   d-----w   C:\Program Files\Lineage II
2008-05-10 23:17   ---------   d-----w   C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2008-05-10 09:07   ---------   d-----w   C:\Program Files\Peer2Mail
2008-05-08 22:50   107,888   ----a-w   C:\WINDOWS\system32\CmdLineExt.dll
2008-05-08 19:51   ---------   d-----w   C:\Program Files\THQ
2008-05-07 17:00   ---------   d-----w   C:\Program Files\Skype
2008-05-07 17:00   ---------   d-----w   C:\Program Files\Common Files\Skype
2008-05-07 17:00   ---------   d-----w   C:\Documents and Settings\All Users\Dane aplikacji\Skype
2008-05-07 12:06   ---------   d-----w   C:\Program Files\QuickTime Alternative
2008-05-07 12:04   ---------   d-----w   C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2008-05-06 16:44   ---------   d-----w   C:\Program Files\Common Files\Adobe
2008-05-05 15:31   ---------   d-----w   C:\Program Files\Gadu-Gadu
2008-05-04 09:30   ---------   d-----w   C:\Program Files\FirefoxPreloader
2008-05-03 12:05   ---------   d-----w   C:\Program Files\SystemRequirementsLab
2008-05-03 08:23   ---------   d-----w   C:\Program Files\WisePixel Multimedia
2008-04-29 19:06   ---------   d-----w   C:\Program Files\PPMate
2008-04-29 19:06   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\ppStream
2008-04-29 19:05   ---------   d-----w   C:\Program Files\Common Files\Synacast
2008-04-29 19:05   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\PPMate
2008-04-23 16:55   417,792   ----a-w   C:\Documents and Settings\sebo\GL4JavbJauGljJNI14.dll
2008-04-21 06:48   669,184   ----a-w   C:\WINDOWS\system32\pbsvc.exe
2008-04-21 06:48   66,872   ----a-w   C:\WINDOWS\system32\PnkBstrA.exe
2008-04-21 06:48   22,328   ----a-w   C:\Documents and Settings\sebo\Dane aplikacji\PnkBstrK.sys
2008-04-21 06:48   103,736   ----a-w   C:\WINDOWS\system32\PnkBstrB.exe
2008-04-19 14:24   15,600   ----a-w   C:\WINDOWS\gdrv.sys
2008-04-19 09:24   75,698   ----a-w   C:\WINDOWS\widuxngq.sys
2008-04-18 21:53   2,560   ----a-w   C:\WINDOWS\system32\bitcometres.dll
2008-04-18 17:12   315,392   ----a-w   C:\WINDOWS\HideWin.exe
2008-04-18 16:57   558,142   ----a-w   C:\WINDOWS\java\Packages\JXVZ7BB9.ZIP
2008-04-18 16:57   155,995   ----a-w   C:\WINDOWS\java\Packages\M2ORL7LZ.ZIP
2008-03-31 21:25   682,496   ----a-w   C:\WINDOWS\system32\divx.dll
2008-03-28 17:41   7,680   ----a-w   C:\WINDOWS\system32\ff_vfw.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 12:04 2127296]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-10 16:12 68856]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-30 17:17 22058792]
"IPLA!"="C:\Program Files\IPLA\IPLA.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cFosSpeed"="C:\Program Files\cFosSpeed\cFosSpeed.exe" [2008-02-12 15:16 863448]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-01-08 19:53 8523776]
"TBPanel"="C:\Program Files\VDOTool\TBPanel.exe" [2008-01-29 11:19 2157096]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2008-01-08 19:53 81920]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-03-15 01:50 233472]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:44 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Firefox Preloader.lnk - C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe [2008-05-04 11:30:09 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yaywvtSM]
yaywvtSM.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll

[HKLM\~\startupfolder\c:^documents and settings^all users^menu start^programy^autostart^adobe gamma loader.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\c:^documents and settings^sebo^menu start^programy^autostart^hamachi.lnk]
path=C:\Documents and Settings\sebo\Menu Start\Programy\Autostart\hamachi.lnk
backup=C:\WINDOWS\pss\hamachi.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adobe reader speed launcher]
--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
--a------ 2008-03-25 08:38 2196280 C:\Program Files\BitComet\BitComet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\clonecdelbycdfl]
--a------ 2002-11-02 08:33 45056 C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\clonecdtray]
--a------ 2002-12-02 16:17 73728 C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\comrade.exe]
--a------ 2007-06-29 15:03 36864 C:\Program Files\GameSpy\Comrade\Comrade.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 00:44 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\daemon tools lite]
--a------ 2008-02-14 01:09 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\groovemonitor]
--a------ 2006-10-27 00:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ipla!]
C:\Program Files\IPLA\IPLA.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kernelfaultcheck]
C:\WINDOWS\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nvcpldaemon]
--a------ 2008-01-08 19:53 8523776 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nvmediacenter]
--a------ 2008-01-08 19:53 81920 C:\WINDOWS\System32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2008-01-08 19:53 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pwrisovm.exe]
--a------ 2008-03-15 01:50 233472 C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\skype]
-ra------ 2008-04-30 17:17 22058792 C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sunjavaupdatesched]
--a------ 2008-02-22 04:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-05-10 16:12 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tbpanel]
--a------ 2008-01-29 11:19 2157096 C:\Program Files\VDOTool\TBPanel.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\PPMate\\ppmate.exe"=
"C:\\Program Files\\PPMate\\ppamnet.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Documents and Settings\\sebo\\Pulpit\\PES2008_Online_Evo_Launcher_by_EvoFans.net\\evolauncher\\Docs\\evofans.net2008 Online.exe"=
"C:\\Documents and Settings\\sebo\\Pulpit\\PES2008_Online_Evo_Launcher_by_EvoFans.net\\evolauncher\\Docs\\Lib\\server.exe"=
"D:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\usr\\SMTP Server\\localsrv.exe"=
"C:\\totalcmd\\TOTALCMD.EXE"=
"D:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"C:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\Polish\\setup.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"18578:TCP"= 18578:TCP:BitComet 18578 TCP
"18578:UDP"= 18578:UDP:BitComet 18578 UDP
"3478:UDP"= 3478:UDP:stun
"3479:UDP"= 3479:UDP:stun 2
"6112:UDP"= 6112:UDP:stun 3
"5730:UDP"= 5730:UDP:game
"5739:UDP"= 5739:UDP:game 1
"9001:TCP"= 9001:TCP:game 2
"11881:TCP"= 11881:TCP:game 3

R0 ElbyVCD;ElbyVCD;C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys [2002-11-28 12:43]
S3 dump_wmimmc;dump_wmimmc;C:\Program Files\Lineage II\system\GameGuard\dump_wmimmc.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7758c173-1a21-11dd-a79b-001a4df4c35c}]
\shell\autorun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\shell\open(&0)\command - Recycled\ctfmon.exe

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-27 23:43:41
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mysql]
"ImagePath"="c:\usr/MYSQL/bin/mysqld.exe"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\klogon.dll
.
Completion time: 2008-06-27 23:44:11
ComboFix-quarantined-files.txt  2008-06-27 21:44:07
ComboFix2.txt  2008-06-27 16:54:42
ComboFix3.txt  2008-05-01 20:36:45

Pre-Run: 9,543,462,912 bajtów wolnych
Post-Run: 9,540,587,520 bajtów wolnych

226




Kiedy podłączam się do quakenet w irc wyskakuje info, że komputer jest zainfekowany trojanem, nie mogę włączyć gry lineage2 wyskakuje błąd krytyczny "security module conflict plz disable and try again" i chwilke później kolejny "error in hooking lib"
Ostatnio edytowany przez mastersebol, 28 Cze 2008, 00:20, edytowano w sumie 1 raz
mastersebol
~user
 
Posty: 91
Dołączenie: 17 Paź 2006, 15:52


Góra

Postprzez Magik 28 Cze 2008, 00:03

Witam

http://forum.programosy.pl/przeczytaj-zanim-wstawisz-logi-na-forum-vt93842.html
:!: :!: :!: :!: :!:
badz jeszcze tak laskaw napsiac pare zdan dajacych obraz sytuacji, jakis opis problemu czy cos :arrow: chyba ze z nudow ot tak ten log wstawiles :!:

a gdzie log z combofix'a??

to mozesz dac na fix

Kod: Zaznacz wszystko
O2 - BHO: (no name) - {aa58ed58-01dd-4d91-8333-cf10577473f7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O20 - Winlogon Notify: yaywvtSM - yaywvtSM.dll (file missing)


Autor postu otrzymał pochwałę
Image Image
Awatar użytkownika
Magik
~user
 
Posty: 7956
Dołączenie: 08 Maj 2004, 09:17
Miejscowość: Głogów
Pochwały: 886

Góra

Postprzez mastersebol 28 Cze 2008, 00:21

zedytowane, sorki za kłopoty
mastersebol
~user
 
Posty: 91
Dołączenie: 17 Paź 2006, 15:52


Góra

Postprzez Magik 28 Cze 2008, 01:23

mastersebol napisał(a):zedytowane, sorki za kłopoty


spoko 8)

otworz notatnik i wklej

Kod: Zaznacz wszystko
FILE::
C:\WINDOWS\widuxngq.sys

REGISTRY::
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7758c173-1a21-11dd-a79b-001a4df4c35c}]
\shell\autorun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\shell\open(&0)\command - Recycled\ctfmon.exe


Plik :arrow: Zapisz jako :arrow: CFScript.txt i przenies go jak na rysunku :wink:

Image

zrob to:

Zastosuj SDFix . Po pobraniu uruchom go a rozpakuje się do C:\SDFix. Uruchom komputer w trybie awaryjnym (F8 przy stracie systemu). Będąc w awaryjnym uruchom plik RunThis.bat z folderu SDFixa. Zatwierdź czyszczenie przez Y. Poczekaj aż ukończy i komputer zresetuje

Potem wejdz do folderu C:\SDFix wrzuc zawartość pliku Report.txt

http://forum.programosy.pl/program-szukajacy-trojanow-i-malware-vt97108.html
Image Image
Awatar użytkownika
Magik
~user
 
Posty: 7956
Dołączenie: 08 Maj 2004, 09:17
Miejscowość: Głogów
Pochwały: 886

Góra

Postprzez Okocza 28 Cze 2008, 09:20

Kod: Zaznacz wszystko
FILE::
C:\WINDOWS\widuxngq.sys

REGISTRY::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7758c173-1a21-11dd-a79b-001a4df4c35c}]


zapisz tak i przeciągnij na ikonkę combofixa...

Autor postu otrzymał pochwałę
eMachines E730G - Core i5-430M, 2GiB RAM, ATI Mobility Radeon HD5470, WD 320GiB; Cort Z-44,DR 0.09-0.42, Peavey Backstage
Mac OS X 10.7.4 Lion // Windows 7 Professional x64 // NIE POMAGAM NA PW/GG/E-MAIL
Image
"Moje Ego i Anima spotykają się i wymieniają przepisami na ciasteczka" - Maynard James Keenan
Awatar użytkownika
Okocza
~user
 
Posty: 8001
Dołączenie: 19 Mar 2006, 11:53
Pochwały: 406

Góra

Postprzez mastersebol 28 Cze 2008, 10:24

Kod: Zaznacz wszystko
[b]SDFix: Version 1.198 [/b]
Run by sebo on 2008-06-28 at 10:17

Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:



                                 [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-28 10:21:53
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\cfg\19659239224e364682fa4baf72c53ea4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:b5,34,e2,81,35,1e,ac,e1,29,45,f5,14,1d,2a,55,39,97,3b,c1,14,d6,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\cfg\19659239224e364682fa4baf72c53ea4\00000001]
"a0"=hex:20,01,00,00,8b,18,52,c3,a0,61,26,c7,07,40,10,62,cd,c1,b6,68,9d,..
"khjeh"=hex:5b,39,1d,42,3c,d5,03,2a,75,e1,61,d0,02,5e,e7,4a,a4,b6,f9,14,aa,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\cfg\19659239224e364682fa4baf72c53ea4\00000001\0jf40]
"khjeh"=hex:8a,dc,8c,a0,7e,00,e7,24,70,f8,c0,6c,1b,e9,22,85,1e,bf,36,d3,93,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\cfg\19659239224e364682fa4baf72c53ea4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:b5,34,e2,81,35,1e,ac,e1,29,45,f5,14,1d,2a,55,39,97,3b,c1,14,d6,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\cfg\19659239224e364682fa4baf72c53ea4\00000001]
"a0"=hex:20,01,00,00,8b,18,52,c3,a0,61,26,c7,07,40,10,62,cd,c1,b6,68,9d,..
"khjeh"=hex:5b,39,1d,42,3c,d5,03,2a,75,e1,61,d0,02,5e,e7,4a,a4,b6,f9,14,aa,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\cfg\19659239224e364682fa4baf72c53ea4\00000001\0jf40]
"khjeh"=hex:8a,dc,8c,a0,7e,00,e7,24,70,f8,c0,6c,1b,e9,22,85,1e,bf,36,d3,93,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"="C:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"="C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe:*:Enabled:Crysis_32"
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"="C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\PPMate\\ppmate.exe"="C:\\Program Files\\PPMate\\ppmate.exe:*:Enabled:PPMate"
"C:\\Program Files\\PPMate\\ppamnet.exe"="C:\\Program Files\\PPMate\\ppamnet.exe:*:Enabled:PPMate"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Documents and Settings\\sebo\\Pulpit\\PES2008_Online_Evo_Launcher_by_EvoFans.net\\evolauncher\\Docs\\evofans.net2008 Online.exe"="C:\\Documents and Settings\\sebo\\Pulpit\\PES2008_Online_Evo_Launcher_by_EvoFans.net\\evolauncher\\Docs\\evofans.net2008 Online.exe:*:Enabled:evofans.net2008 Online"
"C:\\Documents and Settings\\sebo\\Pulpit\\PES2008_Online_Evo_Launcher_by_EvoFans.net\\evolauncher\\Docs\\Lib\\server.exe"="C:\\Documents and Settings\\sebo\\Pulpit\\PES2008_Online_Evo_Launcher_by_EvoFans.net\\evolauncher\\Docs\\Lib\\server.exe:*:Enabled:server"
"D:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"="D:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"C:\\Program Files\\Gadu-Gadu\\gg.exe"="C:\\Program Files\\Gadu-Gadu\\gg.exe:*:Enabled:Gadu-Gadu - program gˆ˘wny"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\\usr\\SMTP Server\\localsrv.exe"="C:\\usr\\SMTP Server\\localsrv.exe:*:Enabled:localsrv"
"C:\\totalcmd\\TOTALCMD.EXE"="C:\\totalcmd\\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"D:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"="D:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe:*:Enabled:Football Manager 2008"
"C:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\Polish\\setup.exe"="C:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\Polish\\setup.exe:*:Enabled:Kaspersky Anti-Virus 7.0 Setup"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Wed 11 Jun 2008         4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"

[b]Finished![/b]




Gra się włącza, irc się nie burzy dzięki wielkie za pomoc ;)

[ Dodano: Dzisiaj o 0:32 ]
ehh... znów mnie nie chce na quakenet wpuścić... znów widzi trojana:/

aktualne logi dss

Kod: Zaznacz wszystko
Deckard's System Scanner v20071014.68
Run by sebo on 2008-06-29 01:27:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as sebo.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:27:28, on 2008-06-29
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\cFosSpeed\spd.exe
c:\usr\MYSQL\bin\mysqld.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Gadu-Gadu\gg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\mIRC\mirc.exe
C:\Documents and Settings\sebo\Moje dokumenty\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\sebo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.onet.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [TBPanel] C:\Program Files\VDOTool\TBPanel.exe /A
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IPLA!] C:\Program Files\IPLA\IPLA.exe /autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Firefox Preloader.lnk = C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe
O8 - Extra context menu item: &d&ownload &with bitcomet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &d&ownload all video with bitcomet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &d&ownload all with bitcomet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77bf5300-1474-4ec7-9980-d32b190e9b07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {a903e5ab-c67e-40fb-94f1-e1305982f6e0} (KooPlayer Control) - http://www.tvkoo.com/update/UKooPlayer.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: cFosSpeed System Service (cfosspeeds) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MySql (mysql) - Unknown owner - c:\usr/MYSQL/bin/mysqld.exe
O23 - Service: NBService (nbservice) - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService (nmindexingservice) - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - http://managerzone.com/swf/outfit_viewer_mz.swf

--
End of file - 6725 bytes

-- Files created between 2008-05-29 and 2008-06-29 -----------------------------

2008-06-28 10:15:32         0 d-------- C:\WINDOWS\ERUNT
2008-06-28 10:03:11     68096 --a------ C:\WINDOWS\zip.exe
2008-06-28 10:03:11     49152 --a------ C:\WINDOWS\VFind.exe
2008-06-28 10:03:11    212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-06-28 10:03:11    136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-06-28 10:03:11    161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-06-28 10:03:11     98816 --a------ C:\WINDOWS\sed.exe
2008-06-28 10:03:11     80412 --a------ C:\WINDOWS\grep.exe
2008-06-28 10:03:11     89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-06-27 23:48:56         0 d-------- C:\Program Files\Trend Micro
2008-06-27 19:37:44      4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2008-06-20 00:15:58         0 d-------- C:\Program Files\CoffeeCup Software
2008-06-20 00:06:35         0 d-------- C:\Program Files\Banner Maker Pro 5
2008-06-19 00:06:57         0 d--h----- C:\Program Files\Zero G Registry
2008-06-18 23:48:15         0 d-------- C:\Program Files\IDoser v4
2008-06-08 18:29:44         0 d-------- C:\Program Files\IPLA
2008-06-04 18:14:19       545 --a------ C:\WINDOWS\UC.PIF
2008-06-04 18:14:19       545 --a------ C:\WINDOWS\RAR.PIF
2008-06-04 18:14:19       545 --a------ C:\WINDOWS\PKZIP.PIF
2008-06-04 18:14:19       545 --a------ C:\WINDOWS\PKUNZIP.PIF
2008-06-04 18:14:19       545 --a------ C:\WINDOWS\NOCLOSE.PIF
2008-06-04 18:14:19       545 --a------ C:\WINDOWS\LHA.PIF
2008-06-04 18:14:19       545 --a------ C:\WINDOWS\ARJ.PIF
2008-06-04 18:14:19         0 d-------- C:\totalcmd
2008-06-04 18:06:15         0 d-------- C:\Program Files\Teleport Pro
2008-06-04 16:21:55         0 d-------- C:\Program Files\PowerISO
2008-06-04 15:01:36         0 d-------- C:\Program Files\123 Flash Menu
2008-06-02 13:57:05         0 d-------- C:\usr
2008-06-02 13:54:10         0 d-------- C:\Program Files\cFosSpeed


-- Find3M Report ---------------------------------------------------------------

2008-06-29 01:27:26         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\mIRC
2008-06-29 01:26:29         0 d-------- C:\Program Files\mIRC
2008-06-29 01:23:49         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\Skype
2008-06-28 16:08:01         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\Adobe
2008-06-28 10:07:03         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\skypePM
2008-06-27 19:31:23         0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-19 23:44:58    219648 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; System operacyjny Microsoft® Windows®>
2008-06-19 23:07:45         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\Mozilla
2008-06-19 00:09:05         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\Sports Interactive <SPORTS~1>
2008-06-18 18:55:22         0 d-------- C:\Program Files\Pool Sharks
2008-06-14 23:03:15         0 d-------- C:\Program Files\MZ Manager 2
2008-06-12 18:43:33         0 d-------- C:\Program Files\SopCast
2008-06-12 01:10:03         0 d-------- C:\Program Files\BitComet
2008-06-09 18:20:52         0 d-------- C:\Program Files\Opera
2008-06-08 18:40:22         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\Winamp
2008-06-08 18:33:03         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\ipla
2008-06-04 18:27:31         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\Macromedia
2008-06-04 16:19:38         0 d-------- C:\Program Files\DAEMON Tools Lite
2008-05-27 22:28:55    461026 --a------ C:\WINDOWS\system32\perfh015.dat
2008-05-27 22:28:55     80444 --a------ C:\WINDOWS\system32\perfc015.dat
2008-05-26 00:09:30         0 d-------- C:\Program Files\Softronics
2008-05-23 23:57:03         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\Opera
2008-05-19 23:46:08         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\Hamachi
2008-05-18 14:19:21         0 d-------- C:\Program Files\Hamachi
2008-05-11 13:19:16         0 d-------- C:\Program Files\Lineage II
2008-05-10 11:07:10         0 d-------- C:\Program Files\Peer2Mail
2008-05-08 21:51:46         0 d-------- C:\Program Files\THQ
2008-05-07 19:02:22        56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-05-07 19:00:32         0 d-------- C:\Program Files\Skype
2008-05-07 19:00:30         0 d-------- C:\Program Files\Common Files
2008-05-07 19:00:30         0 d-------- C:\Program Files\Common Files\Skype
2008-05-07 14:06:14         0 d-------- C:\Program Files\QuickTime Alternative
2008-05-06 18:44:34         0 d-------- C:\Program Files\Common Files\Adobe
2008-05-05 17:31:01         0 d-------- C:\Program Files\Gadu-Gadu
2008-05-04 11:30:09         0 d-------- C:\Program Files\FirefoxPreloader
2008-05-03 14:05:03         0 d-------- C:\Program Files\SystemRequirementsLab
2008-05-03 10:23:38         0 d-------- C:\Program Files\WisePixel Multimedia
2008-04-29 21:06:28         0 d-------- C:\Program Files\PPMate
2008-04-29 21:06:25         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\ppStream
2008-04-29 21:05:38         0 d-------- C:\Documents and Settings\sebo\Dane aplikacji\PPMate
2008-04-29 21:05:35         0 d-------- C:\Program Files\Common Files\Synacast
2008-04-21 08:48:41    669184 --a------ C:\WINDOWS\system32\pbsvc.exe
2008-04-18 23:53:05      2560 --a------ C:\WINDOWS\system32\bitcometres.dll <Not Verified; BitComet; BitComet BCTP Helper>
2008-04-18 20:06:38         0 --a------ C:\WINDOWS\nsreg.dat
2008-04-18 19:47:54        62 --ahs---- C:\Documents and Settings\sebo\Dane aplikacji\desktop.ini
2008-04-18 19:23:58        50 --a------ C:\AUTOEXEC.BAT
2008-04-18 19:12:46    315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-04-18 18:57:11         0 -rahs---- C:\MSDOS.SYS
2008-04-18 18:57:11         0 -rahs---- C:\IO.SYS
2008-04-18 18:57:11         0 --a------ C:\CONFIG.SYS
2008-04-18 18:55:18     21856 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-03-31 23:25:46    682496 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cFosSpeed"="C:\Program Files\cFosSpeed\cFosSpeed.exe" [2008-02-12 15:16]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-01-08 19:53]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2008-01-08 19:53]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-03-15 01:50]
"TBPanel"="C:\Program Files\VDOTool\TBPanel.exe" [2008-01-29 11:19]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 12:04]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-30 17:17]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-10 16:12]
"IPLA!"="C:\Program Files\IPLA\IPLA.exe" []

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Firefox Preloader.lnk - C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe [2008-05-04 11:30:09]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu start^programy^autostart^adobe gamma loader.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^sebo^menu start^programy^autostart^hamachi.lnk]
path=C:\Documents and Settings\sebo\Menu Start\Programy\Autostart\hamachi.lnk
backup=C:\WINDOWS\pss\hamachi.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adobe reader speed launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
"C:\Program Files\BitComet\BitComet.exe" /tray

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\clonecdelbycdfl]
"C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\clonecdtray]
"C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\comrade.exe]
C:\Program Files\GameSpy\Comrade\Comrade.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\daemon tools lite]
"C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\groovemonitor]
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ipla!]
C:\Program Files\IPLA\IPLA.exe /autostart

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kernelfaultcheck]
%systemroot%\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nvcpldaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nvmediacenter]
RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pwrisovm.exe]
C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\skype]
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sunjavaupdatesched]
"C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tbpanel]
C:\Program Files\VDOTool\TBPanel.exe /A




-- End of Deckard's System Scanner: finished at 2008-06-29 01:27:45 ------------




I combofix

Kod: Zaznacz wszystko
ComboFix 08-06-20.4 - sebo 2008-06-29  1:29:08.8 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.1368 [GMT 2:00]
Running from: C:\Documents and Settings\sebo\Pulpit\ComboFix.exe

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

(((((((((((((((((((((((((   Files Created from 2008-05-28 to 2008-06-28  )))))))))))))))))))))))))))))))
.

2008-06-28 10:15 . 2008-06-28 10:15   <DIR>   d--------   C:\WINDOWS\ERUNT
2008-06-28 10:12 . 2008-06-28 10:23   <DIR>   d--------   C:\SDFix
2008-06-27 23:48 . 2008-06-27 23:48   <DIR>   d--------   C:\Program Files\Trend Micro
2008-06-27 23:47 . 2008-06-27 23:47   <DIR>   d--------   C:\Deckard
2008-06-27 19:37 . 2006-02-04 03:50   5,174   --a------   C:\WINDOWS\system32\nppt9x.vxd
2008-06-27 19:37 . 2006-02-04 03:50   4,682   --a------   C:\WINDOWS\system32\npptNT2.sys
2008-06-26 16:37 . 2008-06-26 16:37   <DIR>   d--------   C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2008-06-20 00:16 . 2008-06-20 00:16   13   --a------   C:\WINDOWS\system32\WinSys16.crc
2008-06-20 00:15 . 2008-06-20 00:15   <DIR>   d--------   C:\Program Files\CoffeeCup Software
2008-06-20 00:06 . 2008-06-20 00:13   <DIR>   d--------   C:\Program Files\Banner Maker Pro 5
2008-06-19 00:09 . 2008-06-19 00:09   <DIR>   d--------   C:\Documents and Settings\sebo\Dane aplikacji\Sports Interactive
2008-06-19 00:06 . 2008-06-19 00:07   <DIR>   d--h-----   C:\Program Files\Zero G Registry
2008-06-19 00:06 . 2008-06-19 00:06   <DIR>   d--h-----   C:\Documents and Settings\sebo\InstallAnywhere
2008-06-18 23:48 . 2008-06-22 01:03   <DIR>   d--------   C:\Program Files\IDoser v4
2008-06-08 18:33 . 2008-06-08 18:33   <DIR>   d--------   C:\Documents and Settings\sebo\Dane aplikacji\ipla
2008-06-08 18:33 . 2008-06-25 23:03   <DIR>   d--------   C:\Documents and Settings\All Users\Dane aplikacji\ipla
2008-06-08 18:29 . 2008-06-26 16:44   <DIR>   d--------   C:\Program Files\IPLA
2008-06-08 18:29 . 2003-08-29 00:55   423,424   --a------   C:\WINDOWS\system32\WMAVDS32.ax
2008-06-08 18:29 . 2001-03-26 03:41   245,760   --a------   C:\WINDOWS\system32\mp4sds32.ax
2008-06-04 18:15 . 2008-06-04 18:15   199   --a------   C:\WINDOWS\wcx_ftp.ini
2008-06-04 18:14 . 2008-06-04 18:14   <DIR>   d--------   C:\totalcmd
2008-06-04 18:14 . 2008-06-04 18:18   825   --a------   C:\WINDOWS\wincmd.ini
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\UC.PIF
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\RAR.PIF
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\PKZIP.PIF
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\PKUNZIP.PIF
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\NOCLOSE.PIF
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\LHA.PIF
2008-06-04 18:14 . 2007-09-14 07:02   545   --a------   C:\WINDOWS\ARJ.PIF
2008-06-04 18:06 . 2008-06-04 18:06   <DIR>   d--------   C:\Program Files\Teleport Pro
2008-06-04 16:21 . 2008-06-04 16:21   <DIR>   d--------   C:\Program Files\PowerISO
2008-06-04 15:01 . 2008-06-15 00:27   <DIR>   d--------   C:\Program Files\123 Flash Menu
2008-06-02 13:57 . 2008-06-02 13:57   <DIR>   d--------   C:\usr
2008-06-02 13:54 . 2008-06-29 01:30   <DIR>   d--------   C:\Program Files\cFosSpeed
2008-06-02 13:54 . 2008-02-12 15:16   717,016   -ra------   C:\WINDOWS\system32\drivers\cfosspeed.sys
2008-06-02 13:54 . 2008-02-12 15:16   285,912   --a------   C:\WINDOWS\system32\cfosspeed.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-28 23:27   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\mIRC
2008-06-28 23:26   ---------   d-----w   C:\Program Files\mIRC
2008-06-28 23:23   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\Skype
2008-06-28 22:03   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\skypePM
2008-06-27 17:31   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
2008-06-19 21:44   219,648   ----a-w   C:\WINDOWS\system32\uxtheme.dll
2008-06-18 16:55   ---------   d-----w   C:\Program Files\Pool Sharks
2008-06-14 21:03   ---------   d-----w   C:\Program Files\MZ Manager 2
2008-06-12 16:43   ---------   d-----w   C:\Program Files\SopCast
2008-06-11 23:10   ---------   d-----w   C:\Program Files\BitComet
2008-06-09 16:20   ---------   d-----w   C:\Program Files\Opera
2008-06-08 16:40   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\Winamp
2008-06-04 14:19   ---------   d-----w   C:\Program Files\DAEMON Tools Lite
2008-05-25 22:09   ---------   d-----w   C:\Program Files\Softronics
2008-05-19 21:46   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\Hamachi
2008-05-18 12:19   25,280   ----a-w   C:\WINDOWS\system32\drivers\hamachi.sys
2008-05-18 12:19   ---------   d-----w   C:\Program Files\Hamachi
2008-05-11 11:19   ---------   d-----w   C:\Program Files\Lineage II
2008-05-10 23:17   ---------   d-----w   C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2008-05-10 09:07   ---------   d-----w   C:\Program Files\Peer2Mail
2008-05-08 22:50   107,888   ----a-w   C:\WINDOWS\system32\CmdLineExt.dll
2008-05-08 19:51   ---------   d-----w   C:\Program Files\THQ
2008-05-07 17:00   ---------   d-----w   C:\Program Files\Skype
2008-05-07 17:00   ---------   d-----w   C:\Program Files\Common Files\Skype
2008-05-07 17:00   ---------   d-----w   C:\Documents and Settings\All Users\Dane aplikacji\Skype
2008-05-07 12:06   ---------   d-----w   C:\Program Files\QuickTime Alternative
2008-05-07 12:04   ---------   d-----w   C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2008-05-06 16:44   ---------   d-----w   C:\Program Files\Common Files\Adobe
2008-05-05 15:31   ---------   d-----w   C:\Program Files\Gadu-Gadu
2008-05-04 09:30   ---------   d-----w   C:\Program Files\FirefoxPreloader
2008-05-03 12:05   ---------   d-----w   C:\Program Files\SystemRequirementsLab
2008-05-03 08:23   ---------   d-----w   C:\Program Files\WisePixel Multimedia
2008-04-29 19:06   ---------   d-----w   C:\Program Files\PPMate
2008-04-29 19:06   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\ppStream
2008-04-29 19:05   ---------   d-----w   C:\Program Files\Common Files\Synacast
2008-04-29 19:05   ---------   d-----w   C:\Documents and Settings\sebo\Dane aplikacji\PPMate
2008-04-23 16:55   417,792   ----a-w   C:\Documents and Settings\sebo\GL4JavbJauGljJNI14.dll
2008-04-21 06:48   669,184   ----a-w   C:\WINDOWS\system32\pbsvc.exe
2008-04-21 06:48   66,872   ----a-w   C:\WINDOWS\system32\PnkBstrA.exe
2008-04-21 06:48   22,328   ----a-w   C:\Documents and Settings\sebo\Dane aplikacji\PnkBstrK.sys
2008-04-21 06:48   103,736   ----a-w   C:\WINDOWS\system32\PnkBstrB.exe
2008-04-19 14:24   15,600   ----a-w   C:\WINDOWS\gdrv.sys
2008-04-18 21:53   2,560   ----a-w   C:\WINDOWS\system32\bitcometres.dll
2008-04-18 17:12   315,392   ----a-w   C:\WINDOWS\HideWin.exe
2008-04-18 16:57   558,142   ----a-w   C:\WINDOWS\java\Packages\JXVZ7BB9.ZIP
2008-04-18 16:57   155,995   ----a-w   C:\WINDOWS\java\Packages\M2ORL7LZ.ZIP
2008-03-31 21:25   682,496   ----a-w   C:\WINDOWS\system32\divx.dll
2008-03-28 17:41   7,680   ----a-w   C:\WINDOWS\system32\ff_vfw.dll
.

(((((((((((((((((((((((((((((   snapshot_2008-06-27_18.54.24,76   )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-27 10:33:48   2,048   --s-a-w   C:\WINDOWS\bootstat.dat
+ 2008-06-28 08:20:50   2,048   --s-a-w   C:\WINDOWS\bootstat.dat
+ 2008-06-28 01:48:40   163,328   ----a-w   C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-06-28 08:15:40   3,936,256   ----a-w   C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-06-28 08:15:40   196,608   ----a-w   C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-06-28 01:48:40   163,328   ----a-w   C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-06-28 08:15:36   3,936,256   ----a-w   C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-06-28 08:15:36   196,608   ----a-w   C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
- 2008-05-11 18:54:57   281,336   ----a-w   C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-06-28 08:06:07   281,336   ----a-w   C:\WINDOWS\system32\FNTCACHE.DAT
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 12:04 2127296]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-30 17:17 22058792]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-10 16:12 68856]
"IPLA!"="C:\Program Files\IPLA\IPLA.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cFosSpeed"="C:\Program Files\cFosSpeed\cFosSpeed.exe" [2008-02-12 15:16 863448]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-01-08 19:53 8523776]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2008-01-08 19:53 81920]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-03-15 01:50 233472]
"TBPanel"="C:\Program Files\VDOTool\TBPanel.exe" [2008-01-29 11:19 2157096]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:44 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Firefox Preloader.lnk - C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe [2008-05-04 11:30:09 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll

[HKLM\~\startupfolder\c:^documents and settings^all users^menu start^programy^autostart^adobe gamma loader.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\c:^documents and settings^sebo^menu start^programy^autostart^hamachi.lnk]
path=C:\Documents and Settings\sebo\Menu Start\Programy\Autostart\hamachi.lnk
backup=C:\WINDOWS\pss\hamachi.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adobe reader speed launcher]
--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
--a------ 2008-03-25 08:38 2196280 C:\Program Files\BitComet\BitComet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\clonecdelbycdfl]
--a------ 2002-11-02 08:33 45056 C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\clonecdtray]
--a------ 2002-12-02 16:17 73728 C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\comrade.exe]
--a------ 2007-06-29 15:03 36864 C:\Program Files\GameSpy\Comrade\Comrade.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 00:44 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\daemon tools lite]
--a------ 2008-02-14 01:09 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\groovemonitor]
--a------ 2006-10-27 00:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ipla!]
C:\Program Files\IPLA\IPLA.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kernelfaultcheck]
C:\WINDOWS\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nvcpldaemon]
--a------ 2008-01-08 19:53 8523776 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nvmediacenter]
--a------ 2008-01-08 19:53 81920 C:\WINDOWS\System32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2008-01-08 19:53 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pwrisovm.exe]
--a------ 2008-03-15 01:50 233472 C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\skype]
-ra------ 2008-04-30 17:17 22058792 C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sunjavaupdatesched]
--a------ 2008-02-22 04:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-05-10 16:12 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tbpanel]
--a------ 2008-01-29 11:19 2157096 C:\Program Files\VDOTool\TBPanel.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\PPMate\\ppmate.exe"=
"C:\\Program Files\\PPMate\\ppamnet.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Documents and Settings\\sebo\\Pulpit\\PES2008_Online_Evo_Launcher_by_EvoFans.net\\evolauncher\\Docs\\evofans.net2008 Online.exe"=
"C:\\Documents and Settings\\sebo\\Pulpit\\PES2008_Online_Evo_Launcher_by_EvoFans.net\\evolauncher\\Docs\\Lib\\server.exe"=
"D:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\usr\\SMTP Server\\localsrv.exe"=
"C:\\totalcmd\\TOTALCMD.EXE"=
"D:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"C:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\Polish\\setup.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"18578:TCP"= 18578:TCP:BitComet 18578 TCP
"18578:UDP"= 18578:UDP:BitComet 18578 UDP
"3478:UDP"= 3478:UDP:stun
"3479:UDP"= 3479:UDP:stun 2
"6112:UDP"= 6112:UDP:stun 3
"5730:UDP"= 5730:UDP:game
"5739:UDP"= 5739:UDP:game 1
"9001:TCP"= 9001:TCP:game 2
"11881:TCP"= 11881:TCP:game 3

R0 ElbyVCD;ElbyVCD;C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys [2002-11-28 12:43]
S3 dump_wmimmc;dump_wmimmc;C:\Program Files\Lineage II\system\GameGuard\dump_wmimmc.sys []

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-29 01:30:44
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mysql]
"ImagePath"="c:\usr/MYSQL/bin/mysqld.exe"
.
Completion time: 2008-06-29  1:31:18
ComboFix-quarantined-files.txt  2008-06-28 23:31:03
ComboFix2.txt  2008-06-28 08:11:45
ComboFix3.txt  2008-06-28 08:08:26
ComboFix4.txt  2008-06-27 21:44:12
ComboFix5.txt  2008-06-27 16:54:42

Pre-Run: 9,361,592,320 bajtów wolnych
Post-Run: 9,354,457,088 bajtów wolnych

234


[ Dodano: Dzisiaj o 12:55 ]
Pomoże ktoś ?
mastersebol
~user
 
Posty: 91
Dołączenie: 17 Paź 2006, 15:52


Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 22 gości

Powered by phpBB © Group
Forum Programosy.pl