Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
Wirusy win32:virut-mo,win32:virut-ms, win32:vitro i inne • programosy.pl
Aktualizacje na programosy.pl: YT DownloaderCent BrowserR-Drive ImageChromiumKaspersky Rescue DiskVimSmartFTPSIW (System Info)DBeaver  

  • Ogłoszenie:

Wirusy win32:virut-mo,win32:virut-ms, win32:vitro i inne

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Wirusy win32:virut-mo,win32:virut-ms, win32:vitro i inne

Postprzez dam_bar 18 Mar 2009, 15:12

reklama
podczas uruchamiania instalki programu (np, nero, alcohola itp.) tworzy sie masa wirusow Win32.

log z combofix
Kod: Zaznacz wszystko
ComboFix 09-03-15.01 - Damian 2009-03-18 13:44:47.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.3070.2534 [GMT 1:00]
Uruchomiony z: c:\\documents and settings\\Damian\\Pulpit\\ComboFix.exe
* Utworzono nowy punkt przywracania
.
 
(((((((((((((((((((((((((  Pliki utworzone od 2009-02-18 do 2009-03-18  )))))))))))))))))))))))))))))))
.
 
2009-03-18 13:48 . 2009-03-18 13:48      <DIR>      d--------      c:\\windows\\system32\\xircom
2009-03-18 13:48 . 2009-03-18 13:48      <DIR>      d--------      c:\\windows\\srchasst
2009-03-18 13:48 . 2009-03-18 13:48      <DIR>      d--------      c:\\windows\\msagent
2009-03-18 13:48 . 2009-03-18 13:48      <DIR>      d--------      c:\\program files\\microsoft frontpage
2009-03-18 13:43 . 2009-03-18 13:43      <DIR>      d--------      c:\\documents and settings\\Damian\\Dane aplikacji\\Gadu-Gadu
2009-03-18 13:32 . 2009-03-18 13:32      <DIR>      d--------      c:\\program files\\EventGhost
2009-03-18 13:32 . 2009-03-18 13:32      <DIR>      d--------      c:\\documents and settings\\Damian\\Dane aplikacji\\X10 Commander
2009-03-18 13:32 . 2009-03-18 13:32      <DIR>      d--------      c:\\documents and settings\\Damian\\Dane aplikacji\\EventGhost
2009-03-18 13:31 . 2009-03-18 13:32      <DIR>      d--------      c:\\program files\\X10 Hardware
2009-03-18 13:31 . 2009-03-18 13:31      <DIR>      d--------      c:\\program files\\Common Files\\X10
2009-03-18 13:31 . 2002-01-05 03:37      344,064      ---------      c:\\windows\\system32\\msvcr70.dll
2009-03-18 13:31 . 1999-06-25 09:56      127,184      --a------      c:\\windows\\Unwise.exe
2009-03-18 13:12 . 2009-03-18 13:12      <DIR>      d--------      c:\\program files\\Alcohol Soft
2009-03-18 13:12 . 2004-04-30 09:37      160,640      --a------      c:\\windows\\system32\\drivers\\a347bus.sys
2009-03-18 13:12 . 2004-04-30 09:33      5,248      --a------      c:\\windows\\system32\\drivers\\a347scsi.sys
2009-03-18 01:11 . 2009-03-18 01:11      <DIR>      d--------      c:\\program files\\Common Files\\Ahead
2009-03-18 01:11 . 2009-03-18 01:11      <DIR>      d--------      c:\\program files\\Ahead
2009-03-18 01:11 . 2004-07-26 16:16      1,568,768      ---------      c:\\windows\\system32\\ImagX7.dll
2009-03-18 01:11 . 2004-07-26 16:16      476,320      ---------      c:\\windows\\system32\\ImagXpr7.dll
2009-03-18 01:11 . 2004-07-26 16:16      471,040      ---------      c:\\windows\\system32\\ImagXRA7.dll
2009-03-18 01:11 . 2004-07-09 08:43      364,544      ---------      c:\\windows\\system32\\TwnLib4.dll
2009-03-18 01:11 . 2004-07-26 16:16      262,144      ---------      c:\\windows\\system32\\ImagXR7.dll
2009-03-18 01:11 . 2006-01-12 15:40      176,128      --a------      c:\\windows\\system32\\NeroCheck.exe
2009-03-18 01:11 . 2005-09-01 11:03      127,488      ---------      c:\\windows\\system32\\drivers\\imagesrv.sys
2009-03-18 01:11 . 2000-06-26 10:45      106,496      --a------      c:\\windows\\system32\\TwnLib20.dll
2009-03-18 01:11 . 2005-09-01 11:03      5,888      ---------      c:\\windows\\system32\\drivers\\imagedrv.sys
2009-03-18 01:03 . 2009-03-18 01:03      <DIR>      d--------      c:\\program files\\7-Zip
 
.
((((((((((((((((((((((((((((((((((((((((  Sekcja Find3M  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-18 12:43      ---------      d-----w      c:\\documents and settings\\Damian\\Dane aplikacji\\uTorrent
2009-03-18 12:23      ---------      d-----w      c:\\program files\\Winamp
2009-03-18 12:21      ---------      d-----w      c:\\program files\\Protector Suite QL
2009-03-17 23:51      ---------      d-----w      c:\\program files\\uTorrent
2009-03-17 23:47      ---------      d-----w      c:\\program files\\Sun
2009-03-17 23:47      ---------      d-----w      c:\\program files\\Java
2009-03-17 23:39      ---------      d-----w      c:\\program files\\Gadu-Gadu
2009-03-17 23:24      ---------      d-----w      c:\\program files\\SubEdit-Player
2009-03-17 23:23      ---------      d-----w      c:\\program files\\XP Codec Pack
2009-03-17 23:04      ---------      d-----w      c:\\program files\\Alwil Software
2009-03-17 23:00      0      ---ha-w      c:\\windows\\system32\\drivers\\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-03-17 23:00      ---------      d-----w      c:\\program files\\Compal
2009-03-17 23:00      ---------      d-----w      c:\\documents and settings\\All Users\\Dane aplikacji\\XP32
2009-03-17 23:00      ---------      d-----w      c:\\documents and settings\\All Users\\Dane aplikacji\\Vista64
2009-03-17 23:00      ---------      d-----w      c:\\documents and settings\\All Users\\Dane aplikacji\\Vista32
2009-03-17 22:59      ---------      d-----w      c:\\program files\\Common Files\\InstallShield
2009-03-17 22:58      ---------      d-----w      c:\\program files\\Broadcom
2009-03-17 22:58      ---------      d-----w      c:\\documents and settings\\All Users\\Dane aplikacji\\UIB
2009-03-17 22:56      ---------      d--h--w      c:\\program files\\InstallShield Installation Information
2009-03-17 22:56      ---------      d-----w      c:\\program files\\Common Files\\snp2uvc
2009-03-17 22:56      ---------      d-----w      c:\\documents and settings\\Damian\\Dane aplikacji\\InstallShield
2009-03-17 22:52      ---------      d-----w      c:\\program files\\WIDCOMM
2009-03-17 22:51      ---------      d-----w      c:\\program files\\Realtek
2009-03-17 22:51      ---------      d-----w      c:\\program files\\Motorola
2009-03-17 22:49      335,872      ----a-w      c:\\windows\\HideWin.exe
2009-03-17 22:46      ---------      d-----w      c:\\program files\\Intel
2009-03-17 22:36      ---------      d-----w      c:\\program files\\Usługi online
2009-03-17 22:34      ---------      d-----w      c:\\program files\\Windows Media Connect 2
.
 
------- Sigcheck -------
 
2007-07-10 14:06  642560  ce594e18fe0d0af804f1f3694921ce62      c:\\windows\\system32\\user32.dll
 
2007-07-13 23:56  814592  ce7193c5f7c01b19768e066087c1c919      c:\\windows\\system32\\wininet.dll
 
2007-10-16 00:19  360576  0fb6743e937c7bb248b2530a5a77abc6      c:\\windows\\system32\\drivers\\tcpip.sys
 
2007-10-18 23:19  2145280  6c264e21d3bd7082b43fc016d760c1d1      c:\\windows\\system32\\ntoskrnl.exe
 
2007-10-17 20:30  992768  50d6dc1466e5846e72ff87ae8cf65afa      c:\\windows\\explorer.exe
 
2004-08-04 03:44  32768  a0ea1b37026a8ff8372f568035e8a966      c:\\windows\\system32\\ctfmon.exe
 
2007-10-09 00:55  75264  e87dbffeb63f4376a09273ed3f5297d6      c:\\windows\\system32\\spoolsv.exe
 
2007-10-17 20:32  121856  b6b575eb8b45a179749d5d0e3585bc6b      c:\\windows\\system32\\wuauclt.exe
 
2004-08-04 03:44  42496  2ef106492d35573ee20e3dec81c13dea      c:\\windows\\system32\\userinit.exe
.
(((((((((((((((((((((((((((((((((((((  Wpisy startowe rejestru  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
REGEDIT4
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\UEAFOverlay]
@=\"{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}\"
[HKEY_CLASSES_ROOT\\CLSID\\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-03-28 19:59      2953216      --a------      c:\\program files\\Protector Suite QL\\farchns.dll
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\UEAFOverlayOpen]
@=\"{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}\"
[HKEY_CLASSES_ROOT\\CLSID\\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-03-28 19:59      2953216      --a------      c:\\program files\\Protector Suite QL\\farchns.dll
 
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"c:\\windows\\system32\\ctfmon.exe\" [2004-08-04 32768]
 
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"NvCplDaemon\"=\"c:\\windows\\system32\\NvCpl.dll\" [2007-06-26 8462336]
\"NvMediaCenter\"=\"c:\\windows\\system32\\NVMCTRAY.DLL\" [2007-06-26 81920]
\"SMSERIAL\"=\"c:\\program files\\Motorola\\SMSERIAL\\sm56hlpr.exe\" [2007-01-17 655360]
\"snp2uvc\"=\"c:\\windows\\vsnp2uvc.exe\" [2006-12-29 589824]
\"PSQLLauncher\"=\"c:\\program files\\Protector Suite QL\\launcher.exe\" [2007-03-28 49168]
\"Wow Video&Audio\"=\"c:\\program files\\Compal\\Wow Video&Audio\\WVAMain.exe\" [2007-05-03 951856]
\"SMBTray\"=\"c:\\program files\\Compal\\Smart Battery\\SMBTray.exe\" [2007-06-04 521776]
\"avast!\"=\"c:\\progra~1\\ALWILS~1\\Avast4\\ashDisp.exe\" [2009-02-05 81000]
\"SunJavaUpdateSched\"=\"c:\\program files\\Java\\jre6\\bin\\jusched.exe\" [2009-03-18 148888]
\"NeroFilterCheck\"=\"c:\\windows\\system32\\NeroCheck.exe\" [2006-01-12 176128]
\"nwiz\"=\"nwiz.exe\" [2007-06-26 c:\\windows\\system32\\nwiz.exe]
\"RTHDCPL\"=\"RTHDCPL.EXE\" [2007-10-17 c:\\windows\\RTHDCPL.EXE]
 
[HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"c:\\windows\\system32\\CTFMON.EXE\" [2004-08-04 32768]
 
[HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce]
\"nltide_2\"=\"shell32\" [X]
\"nltide_3\"=\"advpack.dll\" [2007-10-09 c:\\windows\\system32\\advpack.dll]
 
c:\\documents and settings\\All Users\\Menu Start\\Programy\\Autostart\\
BTTray.lnk - c:\\program files\\WIDCOMM\\Bluetooth Software\\BTTray.exe [2006-12-11 561213]
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\policies\\system]
\"DisableStatusMessages\"= 1 (0x1)
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\policies\\explorer]
\"NoSMMyPictures\"= 1 (0x1)
\"NoSMConfigurePrograms\"= 1 (0x1)
\"NoSMHelp\"= 1 (0x1)
 
[HKEY_USERS\\.default\\software\\microsoft\\windows\\currentversion\\policies\\explorer]
\"NoSMMyPictures\"= 1 (0x1)
\"NoSMConfigurePrograms\"= 1 (0x1)
\"NoSMHelp\"= 1 (0x1)
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\winlogon\\notify\\psfus]
2007-03-28 19:46 90112 c:\\windows\\system32\\psqlpwd.dll
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\drivers32]
\"vidc.ffds\"= ffdshow.ax
\"msacm.ac3filter\"= ac3filter.acm
 
[HKEY_LOCAL_MACHINE\\system\\currentcontrolset\\control\\lsa]
Notification Packages      REG_MULTI_SZ        scecli psqlpwd
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center]
\"AntiVirusDisableNotify\"=dword:00000001
\"AntiVirusOverride\"=dword:00000001
\"FirewallOverride\"=dword:00000001
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile]
\"EnableFirewall\"= 0 (0x0)
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List]
\"%windir%\\\\Network Diagnostic\\\\xpnetdiag.exe\"=
\"%windir%\\\\system32\\\\sessmgr.exe\"=
\"c:\\\\Program Files\\\\uTorrent\\\\uTorrent.exe\"=
 
R0 EMSC;COMPAL Embedded System Control;c:\\windows\\system32\\drivers\\EMSC.sys [2009-03-18 9856]
R1 aswSP;avast! Self Protection;c:\\windows\\system32\\drivers\\aswSP.sys [2009-03-18 114768]
R2 aswFsBlk;aswFsBlk;c:\\windows\\system32\\drivers\\aswFsBlk.sys [2009-03-18 20560]
R3 IFXTPM;IFXTPM;c:\\windows\\system32\\drivers\\ifxtpm.sys [2007-10-17 36608]
 
--- Inne Usługi/Sterowniki w Pamięci ---
 
*NewlyCreated* - A347SCSI
.
.
------- Skan uzupełniający -------
.
uStart Page = about:blank
IE: Wyślij do urządzenia &Bluetooth... - c:\\program files\\WIDCOMM\\Bluetooth Software\\btsendto_ie_ctx.htm
FF - ProfilePath - c:\\documents and settings\\Damian\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\qctsqs91.default\\
.
 
**************************************************************************
 
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-18 13:48:43
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
 
detected NTDLL code modification:
ZwOpenFile
 
skanowanie ukrytych procesów ... 
 
skanowanie ukrytych wpisów autostartu ...
 
skanowanie ukrytych plików ... 
 
skanowanie pomyślnie ukończone
ukryte pliki: 0
 
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
 
- - - - - - - > \'winlogon.exe\'(940)
c:\\windows\\system32\\psqlpwd.dll
c:\\program files\\Protector Suite QL\\homefus2.dll
c:\\program files\\Protector Suite QL\\infra.dll
c:\\program files\\Protector Suite QL\\homepass.dll
c:\\program files\\Protector Suite QL\\bio.dll
c:\\program files\\Protector Suite QL\\remote.dll
c:\\windows\\system32\\cscui.dll
c:\\program files\\Protector Suite QL\\crypto.dll
 
- - - - - - - > \'lsass.exe\'(996)
c:\\windows\\system32\\psqlpwd.dll
c:\\program files\\Protector Suite QL\\homefus2.dll
c:\\program files\\Protector Suite QL\\infra.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\\program files\\WIDCOMM\\Bluetooth Software\\bin\\btwdins.exe
c:\\program files\\Alwil Software\\Avast4\\aswUpdSv.exe
c:\\program files\\Alwil Software\\Avast4\\ashServ.exe
c:\\program files\\Java\\jre6\\bin\\jqs.exe
c:\\windows\\system32\\nvsvc32.exe
c:\\program files\\Alwil Software\\Avast4\\ashMaiSv.exe
c:\\program files\\Alwil Software\\Avast4\\ashWebSv.exe
c:\\windows\\system32\\wscntfy.exe
c:\\windows\\system32\\wbem\\wmiapsrv.exe
c:\\windows\\system32\\rundll32.exe
c:\\program files\\Protector Suite QL\\psqltray.exe
.
**************************************************************************
.
Czas ukończenia: 2009-03-18 13:50:01 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2009-03-18 12:49:58
 
Przed: 20 456 624 128 bajtów wolnych
Po: 20,425,125,888 bajtów wolnych
 
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\\WINDOWS
[operating systems]
c:\\cmdcons\\BOOTSECT.DAT=\"Microsoft Windows Recovery Console\" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\\WINDOWS=\"Microsoft Windows XP Professional\" /noexecute=optin /fastdetect /numproc=2
 
208
 



a tu log z hijackthis:

Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:45:21, on 2009-03-18
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20627)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\vsnp2uvc.exe
C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe
C:\Program Files\Compal\Smart Battery\SMBTray.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Damian\Ustawienia lokalne\Temporary Internet Files\Content.IE5\X2STJ4OO\launch[1].exe
C:\DOCUME~1\Damian\USTAWI~1\Temp\RarSFX0\_start.exe
C:\DOCUME~1\Damian\USTAWI~1\Temp\RarSFX0\setup.exe
C:\Documents and Settings\Damian\Pulpit\Nowy folder\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [Wow Video&Audio] C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe
O4 - HKLM\..\Run: [SMBTray] C:\Program Files\Compal\Smart Battery\SMBTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CiSvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (file missing)

--
End of file - 5645 bytes



z gory dzieki

Dodano Dzisiaj, 16:09:
temat mozna zamknac bo wirus Virtu da sie jedunie usunac formatem calego dysku. instalacja nowego systemu pod żadnym pozorem nie korzystać z instalek i sterowników będących wcześniej na zainfekowanym systemie

inne stawianie systemu to tylko strata czasu i nerwów
dam_bar
~user
 
Posty: 1
Dołączenie: 18 Mar 2009, 14:39


Góra

Wirusy win32:virut-mo,win32:virut-ms, win32:vitro i inne

Postprzez wojtas 18 Mar 2009, 19:35

Viruta leczy Dr. Web CureIt
Image
Awatar użytkownika
wojtas
*mod
 
Posty: 18165
Dołączenie: 13 Sty 2006, 16:00
Miejscowość: Krzeszyce
Pochwały: 1656


Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 8 gości

Powered by phpBB © Group
Forum Programosy.pl