Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[log] trojan-gamethief.win32.tibia!ik • programosy.pl
Aktualizacje na programosy.pl: PythonExtreme Picture FinderReSharperMonkey′s AudioFarbar Recovery Scan ToolDAEMON Tools LiteESET Internet SecurityESET NOD32VirtualBox  

  • Ogłoszenie:

[log] trojan-gamethief.win32.tibia!ik

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

[log] trojan-gamethief.win32.tibia!ik

Postprzez s3bx 05 Paź 2010, 02:45

reklama
Jak w opisie, syf odpalony niestety.

Hijack:
Kod: Zaznacz wszystko
o HijackThis v2.0.4
Scan saved at 02:28:53, on 2010-10-05
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\kX Audio Driver\3550\kxmixer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\UltraMon\UltraMonTaskbar.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Nowe Gadu-Gadu\gg.exe
C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
C:\Program Files\Ad Muncher\AdMunch.exe
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\Program Files\Emsisoft Anti-Malware\a2start.exe
C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Net\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [kX Mixer] C:\Program Files\kX Audio Driver\3550\kxmixer.exe --startup
O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: UltraMon.lnk = ?
O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=W01EP452&id=menu_ie_frame
O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=W01EP452&id=menu_ie_image
O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=W01EP452&id=menu_ie_link
O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=W01EP452&id=menu_ie_exclude
O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=W01EP452&id=menu_ie_report
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: f:\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: f:\vmware\vmware workstation\vsocklib.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6D21E9D-55F8-473D-8417-0EBD3025A63B}: NameServer = 217.30.129.149,217.30.137.200
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - F:\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - F:\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

--
End of file - 7476 bytes


Combofix:

Kod: Zaznacz wszystko
ComboFix 10-10-04.01 - s3bx 2010-10-05   2:43.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.2047.1612 [GMT 2:00]
Uruchomiony z: c:\net\ComboFix.exe
AV: Emsisoft Anti-Malware *On-access scanning disabled* (Updated) {0F8591BB-342B-4493-91C3-4E948ED21255}
AV: ESET NOD32 Antivirus 4.2 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\s3bx\Dane aplikacji\EurekaLog
c:\documents and settings\s3bx\Dane aplikacji\wrar393.exe
c:\windows\system32\drivers\foebata.sys

.
(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_WINRING0_1_0_1
-------\Service_WinRing0_1_0_1
-------\Service_sicpy


(((((((((((((((((((((((((   Pliki utworzone od 2010-09-05 do 2010-10-05  )))))))))))))))))))))))))))))))
.

2010-10-05 00:12 . 2010-10-05 00:17   --------   d-----w-   c:\program files\Emsisoft Anti-Malware
2010-10-05 00:05 . 2010-10-05 00:05   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\Malwarebytes
2010-10-05 00:05 . 2010-04-29 13:39   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-05 00:05 . 2010-10-05 00:05   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2010-10-05 00:05 . 2010-10-05 00:05   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\Malwarebytes
2010-10-05 00:05 . 2010-04-29 13:39   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-10-04 23:59 . 2010-10-04 23:59   --------   d-----w-   c:\windows\system32\oodag
2010-10-04 23:54 . 2010-10-04 23:54   --------   d-----w-   c:\program files\Temp
2010-10-04 23:41 . 2010-10-04 23:41   --------   d-----w-   c:\windows\XSxS
2010-10-04 23:41 . 2010-10-04 23:41   --------   d-----w-   c:\program files\Xenocode
2010-10-04 23:32 . 2010-10-04 23:32   --------   d-----w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\O&O
2010-10-04 23:32 . 2010-10-04 23:32   --------   d-----w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
2010-10-04 20:14 . 2010-10-04 20:14   --------   d-----w-   c:\program files\uTorrent
2010-10-04 20:14 . 2010-10-04 20:50   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\uTorrent
2010-10-04 18:29 . 2010-10-04 18:29   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\Nero
2010-10-04 18:08 . 2006-03-17 13:49   368640   ----a-w-   c:\windows\system32\TwnLib4.dll
2010-10-04 18:08 . 2006-03-17 10:45   802816   ----a-w-   c:\windows\system32\imagXRA7.dll
2010-10-04 18:08 . 2006-03-17 10:45   497296   ----a-w-   c:\windows\system32\imagXpr7.dll
2010-10-04 18:08 . 2006-03-17 10:45   258048   ----a-w-   c:\windows\system32\imagXR7.dll
2010-10-04 18:08 . 2006-03-17 10:45   1757184   ----a-w-   c:\windows\system32\imagX7.dll
2010-10-04 18:08 . 2010-10-04 18:08   --------   d-----w-   c:\program files\Nero
2010-10-04 18:08 . 2010-10-04 18:08   --------   d-----w-   c:\program files\Common Files\Nero
2010-10-04 18:08 . 2010-10-04 18:08   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\Nero
2010-10-03 20:31 . 2010-10-03 20:31   --------   d-----w-   c:\program files\PowerISO
2010-10-03 13:50 . 2010-10-03 13:50   --------   d-----w-   c:\program files\AP Tuner
2010-09-28 18:19 . 2010-09-28 18:46   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\Skype
2010-09-27 22:34 . 2010-09-27 22:34   --------   d-----w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\DOSBox
2010-09-27 22:34 . 2010-09-27 22:41   --------   d-----w-   c:\program files\DOSBox-0.74
2010-09-27 22:31 . 2010-09-27 22:31   --------   d-----w-   c:\windows\Sun
2010-09-27 17:46 . 2010-09-27 17:46   --------   d-----w-   C:\DriveKey
2010-09-26 22:50 . 2010-09-26 22:50   --------   d-----w-   C:\NC
2010-09-26 22:33 . 2010-09-26 22:33   --------   d--h--w-   c:\windows\PIF
2010-09-26 20:44 . 2010-09-26 20:45   --------   d-----w-   c:\program files\mp3DirectCut
2010-09-26 15:40 . 2010-09-26 15:54   --------   d-----w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\SISContents
2010-09-26 15:33 . 2010-09-26 15:33   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\InstallShield
2010-09-24 22:02 . 2008-04-13 22:15   26112   -c--a-w-   c:\windows\system32\dllcache\usbser.sys
2010-09-24 22:02 . 2008-04-13 22:15   26112   ----a-w-   c:\windows\system32\drivers\usbser.sys
2010-09-24 22:02 . 2008-11-07 16:55   16928   ------w-   c:\windows\system32\spmsgXP_2k3.dll
2010-09-24 22:00 . 2010-09-24 22:00   36747456   ----a-w-   c:\documents and settings\All Users\Dane aplikacji\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_pol_web.exe
2010-09-24 22:00 . 2010-09-24 22:00   95232   ----a-w-   c:\documents and settings\All Users\Dane aplikacji\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\pcswpcsi.exe
2010-09-24 22:00 . 2010-09-24 22:00   8192   ----a-w-   c:\documents and settings\All Users\Dane aplikacji\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstCCD.exe
2010-09-24 22:00 . 2010-09-24 22:00   61440   ----a-w-   c:\documents and settings\All Users\Dane aplikacji\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-09-24 22:00 . 2010-09-24 22:00   10240   ----a-w-   c:\documents and settings\All Users\Dane aplikacji\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCS.exe
2010-09-24 22:00 . 2010-09-24 22:00   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\Installations
2010-09-24 20:37 . 2010-09-24 20:37   --------   d-----w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\ESET
2010-09-24 20:34 . 2010-09-24 20:34   --------   d-----w-   c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
2010-09-24 13:13 . 2010-09-24 13:13   --------   d-----w-   c:\program files\Common Files\Java
2010-09-24 11:05 . 2010-09-24 11:05   96912   ----a-w-   c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2010-09-24 11:05 . 2010-09-24 11:05   --------   d-----w-   c:\program files\MSBuild
2010-09-24 11:05 . 2010-09-24 11:06   --------   d-----w-   c:\windows\system32\XPSViewer
2010-09-24 11:05 . 2010-09-24 11:05   --------   d-----w-   c:\program files\Reference Assemblies
2010-09-24 11:05 . 2007-03-22 18:24   28160   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-09-24 11:04 . 2006-06-29 11:07   14048   ------w-   c:\windows\system32\spmsg2.dll
2010-09-23 22:53 . 2010-09-23 22:53   --------   d-----w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\Realtime Soft
2010-09-23 21:53 . 2010-09-23 21:53   503808   ----a-w-   c:\documents and settings\s3bx\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4d68225c-n\msvcp71.dll
2010-09-23 21:53 . 2010-09-23 21:53   499712   ----a-w-   c:\documents and settings\s3bx\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4d68225c-n\jmc.dll
2010-09-23 21:53 . 2010-09-23 21:53   348160   ----a-w-   c:\documents and settings\s3bx\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4d68225c-n\msvcr71.dll
2010-09-23 21:53 . 2010-09-23 21:53   61440   ----a-w-   c:\documents and settings\s3bx\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5737cca8-n\decora-sse.dll
2010-09-23 21:53 . 2010-09-23 21:53   12800   ----a-w-   c:\documents and settings\s3bx\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5737cca8-n\decora-d3d.dll
2010-09-23 21:53 . 2010-07-17 03:00   423656   ----a-w-   c:\windows\system32\deployJava1.dll
2010-09-23 21:53 . 2010-09-24 12:39   --------   d-----w-   c:\program files\Java
2010-09-23 21:52 . 2010-10-04 20:19   --------   d-----w-   c:\program files\JDownloader
2010-09-22 22:16 . 2010-09-22 22:16   --------   d-----w-   C:\!KillBox
2010-09-22 22:11 . 2010-09-22 22:12   1090   ----a-w-   c:\windows\system32\ppa_service.dat
2010-09-22 22:11 . 2010-09-22 22:11   43008   ----a-w-   c:\windows\system32\ppa_service.dll
2010-09-22 22:11 . 2010-09-22 22:11   128000   ----a-w-   c:\windows\system32\ppa_service.exe
2010-09-22 22:07 . 2010-09-22 22:11   --------   d-----w-   c:\program files\ElcomSoft
2010-09-22 21:39 . 2010-09-28 21:00   --------   d-----w-   C:\tmp
2010-09-22 19:13 . 2010-09-22 19:13   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\OpenFM
2010-09-22 19:13 . 2010-09-22 19:13   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\OpenFM
2010-09-20 19:09 . 2010-10-04 21:42   --------   d-----w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\Adobe
2010-09-20 17:55 . 2010-09-20 17:55   --------   d-----w-   c:\program files\Bonjour
2010-09-20 17:51 . 2010-09-20 17:51   --------   d-----w-   c:\program files\Common Files\Macrovision Shared
2010-09-20 17:49 . 2010-10-04 21:42   --------   d-----w-   c:\program files\Common Files\Adobe
2010-09-18 21:48 . 2010-10-03 01:18   --------   d---a-w-   c:\documents and settings\All Users\Dane aplikacji\TEMP
2010-09-18 21:47 . 2010-09-18 21:47   --------   d-----w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\GHISLER
2010-09-18 20:34 . 2010-09-18 20:34   --------   d-----w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\Identities
2010-09-17 20:42 . 2010-09-26 16:45   8512   ---ha-w-   c:\windows\system32\mlfcache.dat
2010-09-17 20:42 . 2010-09-17 20:42   --------   d-----w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\Apple Computer
2010-09-17 20:42 . 2010-09-17 20:42   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\Apple Computer
2010-09-17 20:42 . 2010-09-17 20:42   --------   d-----w-   c:\program files\Safari
2010-09-17 20:42 . 2010-09-17 20:42   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\Apple Computer
2010-09-17 20:41 . 2010-09-17 20:41   --------   d-----w-   c:\program files\Common Files\Apple
2010-09-17 20:41 . 2010-09-17 20:41   --------   d-----w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\Apple
2010-09-17 20:41 . 2010-09-17 20:41   --------   d-----w-   c:\program files\Apple Software Update
2010-09-17 20:41 . 2010-09-17 20:41   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\Apple
2010-09-17 18:43 . 2008-04-13 22:15   10624   -c--a-w-   c:\windows\system32\dllcache\gameenum.sys
2010-09-17 18:43 . 2008-04-13 22:15   10624   ----a-w-   c:\windows\system32\drivers\gameenum.sys
2010-09-17 18:17 . 2004-08-14 00:56   5810   ----a-w-   c:\windows\system32\drivers\ASACPI.sys
2010-09-17 17:45 . 2010-09-17 17:45   --------   d--h--w-   c:\windows\system32\GroupPolicy
2010-09-17 17:37 . 2010-09-17 17:37   --------   d-----w-   c:\program files\Microsoft.NET
2010-09-17 07:39 . 2010-09-17 07:39   --------   d-----w-   c:\program files\PDFtoBMP
2010-09-15 21:07 . 2010-09-15 21:07   --------   d-----w-   c:\program files\7-Zip
2010-09-15 20:56 . 2010-09-15 20:56   90   ----a-w-   c:\documents and settings\All Users\Dane aplikacji\Last.fm\Client\uninst2.bat
2010-09-15 20:56 . 2010-09-15 20:56   683801   ----a-w-   c:\documents and settings\All Users\Dane aplikacji\Last.fm\Client\UninstWMP\unins000.exe
2010-09-15 20:56 . 2010-09-15 20:56   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\Last.fm
2010-09-15 20:56 . 2010-09-19 12:14   --------   d-----w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\Last.fm
2010-09-15 20:56 . 2010-09-15 20:56   --------   d-----w-   c:\program files\Last.fm
2010-09-15 20:19 . 2010-09-24 21:18   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\VMware
2010-09-15 20:18 . 2010-10-03 20:36   --------   d-----w-   c:\documents and settings\LocalService\Dane aplikacji\VMware
2010-09-15 20:18 . 2008-09-18 14:49   55856   ----a-r-   c:\windows\system32\vnetinst.dll
2010-09-15 20:18 . 2008-09-18 14:49   16560   ----a-r-   c:\windows\system32\drivers\vmnetadapter.sys
2010-09-15 20:18 . 2008-09-18 21:11   326192   ----a-w-   c:\windows\system32\vmnetdhcp.exe
2010-09-15 20:17 . 2008-09-18 21:11   399920   ----a-w-   c:\windows\system32\vmnat.exe
2010-09-15 20:17 . 2008-09-18 21:12   26288   ----a-w-   c:\windows\system32\drivers\vmnetuserif.sys
2010-09-15 20:17 . 2008-09-18 14:49   50736   ----a-r-   c:\windows\system32\vmnetbridge.dll
2010-09-15 20:17 . 2008-09-18 14:49   31280   ----a-r-   c:\windows\system32\drivers\vmnetbridge.sys
2010-09-15 20:17 . 2008-09-18 14:49   18736   ----a-r-   c:\windows\system32\drivers\vmnet.sys
2010-09-15 20:17 . 2008-09-18 21:11   723504   ----a-w-   c:\windows\system32\vnetlib.dll
2010-09-15 20:17 . 2008-09-18 21:12   23216   ----a-w-   c:\windows\system32\drivers\VMkbd.sys
2010-09-15 20:16 . 2010-10-05 00:48   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\VMware
2010-09-15 20:16 . 2010-09-15 20:16   --------   d-----w-   c:\program files\VMware
2010-09-15 19:58 . 2008-04-14 19:50   26624   ----a-w-   c:\documents and settings\LocalService\Dane aplikacji\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-09-15 19:56 . 2010-09-15 19:56   --------   d-----w-   c:\program files\Windows Media Connect 2
2010-09-15 19:54 . 2010-03-15 09:31   165376   ----a-w-   c:\windows\system32\unrar.dll
2010-09-15 19:54 . 2004-01-25 16:18   217088   ----a-w-   c:\windows\system32\yv12vfw.dll
2010-09-15 19:54 . 2010-06-08 16:10   790528   ----a-w-   c:\windows\system32\xvidcore.dll
2010-09-15 19:54 . 2010-06-08 16:10   134144   ----a-w-   c:\windows\system32\xvidvfw.dll
2010-09-15 19:54 . 2010-07-14 08:00   108032   ----a-w-   c:\windows\system32\ff_vfw.dll
2010-09-15 19:54 . 2010-09-15 19:54   --------   d-----w-   c:\program files\K-Lite Codec Pack
2010-09-15 19:51 . 2010-09-15 19:56   --------   d-----w-   c:\program files\RocketDock
2010-09-15 19:45 . 2010-09-15 19:45   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\Realtime Soft
2010-09-15 19:45 . 2010-09-15 19:45   --------   d-----w-   c:\program files\Common Files\Realtime Soft
2010-09-15 19:45 . 2010-09-15 19:45   --------   d-----w-   c:\program files\UltraMon
2010-09-15 19:45 . 2010-09-15 19:45   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\Realtime Soft

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-05 00:50 . 2010-10-05 00:50   63262   ----a-w-   c:\windows\pchealth\helpctr\Config\Cache\Professional_32_1045.dat
2010-09-28 20:24 . 2010-09-28 20:24   388   ----a-w-   c:\program files\Skrót do Program Files.lnk
2010-09-27 17:46 . 2010-09-15 17:52   --------   d--h--w-   c:\program files\InstallShield Installation Information
2010-09-27 17:46 . 2010-09-15 17:52   --------   d-----w-   c:\program files\Common Files\InstallShield
2010-09-26 18:18 . 2010-09-15 17:19   --------   d-----w-   c:\program files\Nowe Gadu-Gadu
2010-09-24 22:34 . 2010-09-24 22:34   0   ---ha-w-   c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-09-24 22:28 . 2010-09-24 22:28   0   ---ha-w-   c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-09-24 22:28 . 2010-09-24 22:28   0   ---ha-w-   c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-09-24 22:28 . 2010-09-24 22:01   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\PC Suite
2010-09-24 22:04 . 2001-10-26 17:15   557070   ----a-w-   c:\windows\system32\perfh015.dat
2010-09-24 22:04 . 2001-10-26 17:15   105310   ----a-w-   c:\windows\system32\perfc015.dat
2010-09-24 22:03 . 2010-09-24 22:01   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\Nokia
2010-09-24 22:03 . 2010-09-24 22:01   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\PC Suite
2010-09-24 22:02 . 2010-09-24 22:02   0   ---ha-w-   c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-09-24 22:02 . 2010-09-24 22:02   0   ---ha-w-   c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-09-24 22:01 . 2010-09-24 22:01   --------   d-----w-   c:\program files\DIFX
2010-09-24 22:01 . 2010-09-24 22:01   --------   d-----w-   c:\program files\Common Files\PCSuite
2010-09-24 22:01 . 2010-09-24 22:01   --------   d-----w-   c:\program files\Common Files\Nokia
2010-09-24 22:01 . 2010-09-24 22:00   --------   d-----w-   c:\program files\Nokia
2010-09-24 22:01 . 2010-09-24 22:01   --------   d-----w-   c:\program files\PC Connectivity Solution
2010-09-24 11:08 . 2010-09-15 16:58   12328   ----a-w-   c:\documents and settings\s3bx\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2010-09-22 22:08 . 2010-09-22 22:08   --------   d-----w-   c:\documents and settings\dla\Dane aplikacji\Realtime Soft
2010-09-19 12:23 . 2010-09-15 18:27   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\foobar2000
2010-09-18 20:09 . 2008-04-14 19:50   6656   ----a-w-   c:\windows\system32\lpcio.dll
2010-09-17 21:29 . 2010-09-15 18:54   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\Ad Muncher
2010-09-15 18:54 . 2010-09-15 18:54   --------   d-----w-   c:\program files\Ad Muncher
2010-09-15 18:49 . 2010-09-15 18:49   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\Tibia
2010-09-15 18:38 . 2010-09-15 17:14   232968   ----a-w-   c:\windows\system32\nvdrsdb0.bin
2010-09-15 18:38 . 2010-09-15 17:14   1   ----a-w-   c:\windows\system32\nvdrssel.bin
2010-09-15 18:36 . 2010-09-15 17:14   232968   ----a-w-   c:\windows\system32\nvdrsdb1.bin
2010-09-15 18:36 . 2010-09-15 18:35   13   ----a-w-   c:\windows\system32\nvModes.dat
2010-09-15 17:52 . 2010-09-15 17:52   --------   d-----w-   c:\program files\Realtek
2010-09-15 17:52 . 2010-09-15 17:52   315392   ----a-w-   c:\windows\HideWin.exe
2010-09-15 17:45 . 2010-09-15 17:45   --------   d-----w-   c:\program files\Intel
2010-09-15 17:33 . 2010-09-15 17:33   --------   d-----w-   c:\program files\kX Audio Driver
2010-09-15 17:15 . 2010-09-15 17:15   --------   d-----w-   c:\documents and settings\s3bx\Dane aplikacji\Nowe Gadu-Gadu
2010-09-15 17:14 . 2010-09-15 17:14   --------   d-----w-   c:\program files\NVIDIA Corporation
2010-07-09 14:24 . 2010-07-09 14:24   81920   ----a-w-   c:\windows\system32\nvwddi.dll
.

------- Sigcheck -------

[-] 2008-11-29 . 030DC4D48CC2B894FEE2F390D8E66AD5 . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys

[-] 2009-03-19 . 50B53AEFA41EC54F9F082EF2199BF86D . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"kX Mixer"="c:\program files\kX Audio Driver\3550\kxmixer.exe" [2009-09-17 546312]
"Ad Muncher"="c:\program files\Ad Muncher\AdMunch.exe" [2010-09-15 867328]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2008-04-14 100864]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
UltraMon.lnk - c:\windows\Installer\{B49673F8-7AB6-4A14-8213-C8A7BE370010}\IcoUltraMon.ico [2010-9-15 29310]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06   976832   ----a-w-   c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04   35760   ----a-w-   c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 16:43   69632   ----a-w-   c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-07-09 14:24   13923432   ----a-w-   c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-07-09 14:24   110696   ----a-w-   c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-07-07 21:52   1753192   ----a-w-   c:\program files\NVIDIA Corporation\nView\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 08:32   1479680   ----a-w-   c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2007-08-07 00:05   200704   ----a-w-   c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-08-10 13:21   16384000   ----a-w-   c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
2010-08-09 10:03   389352   ----a-w-   c:\program files\Sandboxie\SbieCtrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44   248552   ----a-w-   c:\program files\Common Files\Java\Java Update\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"f:\\VMware\\VMware Workstation\\vmware-authd.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\Gry\\Steam\\steamapps\\s3bx\\counter-strike\\hl.exe"=
"d:\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R1 a2injectiondriver;a2injectiondriver;c:\program files\Emsisoft Anti-Malware\a2dix86.sys [2010-10-05 41928]
R1 a2util;a-squared Malware-IDS utility driver;c:\program files\Emsisoft Anti-Malware\a2util32.sys [2010-10-05 11776]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2010-08-03 95896]
R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2010-10-05 2909536]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
R2 UltraMonUtility;UltraMon Utility Driver;c:\program files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [2008-11-14 17184]
R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2008-09-18 54960]
R3 a2acc;a2acc;c:\program files\Emsisoft Anti-Malware\a2accx86.sys [2010-10-05 72808]
R3 kxwdmdrv;kX WDM Driver Service;c:\windows\system32\drivers\kx.sys [2009-09-18 607496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 cpuz134;cpuz134;\??\c:\docume~1\s3bx\USTAWI~1\Temp\cpuz134_x32.sys --> c:\docume~1\s3bx\USTAWI~1\Temp\cpuz134_x32.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-09-25 137344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://google.pl/
uInternet Settings,ProxyOverride = *.local
IE: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=W01EP452&id=menu_ie_frame
IE: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=W01EP452&id=menu_ie_image
IE: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=W01EP452&id=menu_ie_link
IE: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=W01EP452&id=menu_ie_exclude
IE: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=W01EP452&id=menu_ie_report
LSP: f:\vmware\VMware Workstation\vsocklib.dll
TCP: {B6D21E9D-55F8-473D-8417-0EBD3025A63B} = 217.30.129.149,217.30.137.200
FF - ProfilePath - c:\documents and settings\s3bx\Dane aplikacji\Mozilla\Firefox\Profiles\tzptkibg.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - http://www.google.pl
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=IMB&o=15785&locale=en_US&q=
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\s3bx\Dane aplikacji\Mozilla\Firefox\Profiles\tzptkibg.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll

---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - USUNIĘTO PUSTE WPISY - - - -

SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-OODefragTray - c:\program files\OO Software\Defrag\oodtray.exe


.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="0BB094B6C266889BD20B798EF6B6806A745BC47A6CD98FCCA5B512F998083EA8AEC656E08E76A18F6BCADAC2A2644874A0A0997EE42F77FB14E35FC7E8F5B64D8420BBD2DED62B0AE58C4E7FFB2F47BB74DA529F327244E6129589C7BA97EFA17B0FEEB2E907CA3F44E2B832DEA36E0BA87CAF3575E653932F3E535812FD5681182A4D05BA0895069F243629F95823550BBE2BF7224F772C8C18B0BBFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A2D97226D213B555FEBC9E127BECC74CBA7FD869164D67945BEF4C92FA7404E98C2EDC3C2D02D5CC8B335EDAFC516018E580C32513FD16B13BB5B67D2B39306F726817F7742B9D65C605C1F7C0DE2DC89A4EB45B88421A6628D7F3B2B8B3DB9CEEA84B0C549FCB78875AD7CF61319ACE335167A6311294F64A83207A68B2B504704F04FB652F0CA0206037BC6EBAF1EC84299E5CB01F0B6E9A674DC3134B211A343A406CD8EFBFDD36486ABD8AB030C9B87813733F6139BFEA38FE9D275536B84F4EF0A8EDBAFA1040C7F0F56E8E07F0CCE470872A158B3E5B2D2FBD25EC419CA975FB1EFDAD86800D183EACE290DC52131A5759503727A2E301CAFC21734068FD9C3BDD70285ED7BC77B8CBC8BA4AC032C6DCCC270C60084FF33358C50B67A0DD32FD9E45D034A343273CE293D19D75231C0669359A43EF3CC9BCF0D01C1EAD2B2D85398D906B586A6D17A44A615709B3D1515B992E0D3E9DCAB18A9254805F9E05882DF0939C4BCE130C688837ADFB05A2ADF18255B03C39C14C8E6F23DEE544B6309CA8CC14B661E652297C640BB28D4D00A135645515AAFEC08BE33DB9567B439A4B836FD3B9E63A9584EA3F0BF297149E0289F155DA61D433AF79984B2A772ED9A463F58FD5F66274BEA9E2806A40BD574F6AD83E7F1F9CBAD1D3F3FD3FC08074B53F9CAF7200B881BEA42D71A5F9946AE9DAB754DDFAB1E669A74E71D633C863312065D0D8C11B450FDA40159A0A688A54EC728C305FF2B895BDEBF9957E94956DA694C23851EBB85D60025B1F890BDF38CA3191998C44A21474D41E07267A6D6282340B23968F4CFEDB9D646EE653075FAE5D431C930D10CCBB549A1603134030FA91E110D070E169887F0729649B10BB6A273321DB39DDC7997DDC15BEFAD717E9BCB3580EFC5237B55ACBD297C27EDEE00227F41F39DAB0A7A08A3A5A52737EBE8B21BB3425E7274725EF51E82B4A838CA39AC76E00CED992597A9D2A3DC3EEFA17FEDA7C60DF9DB499E57198BBDF0477873C2EAA8471B71B8137BD55E5EE96B5BC55BE7326EFA087B5D161B65F9F5FC2ED6EA08CC3706219B902FAD77890C7189CE0CEF8763DDBE03C0FB52904DDBB23D948FA9C3DEA1872E6CD9B80A4B4F8E01D92DBC3D0639C"
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Sandboxie\SbieSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\vmnat.exe
c:\windows\system32\vmnetdhcp.exe
c:\windows\system32\wscntfy.exe
c:\program files\UltraMon\UltraMon.exe
c:\program files\UltraMon\UltraMonTaskbar.exe
.
**************************************************************************
.
Czas ukończenia: 2010-10-05  02:51:52 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2010-10-05 00:51

Przed: 138 643 877 888 bajtów wolnych
Po: 138 712 010 752 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 4936A28E336ED73DE8B25F6789599887


Bardzo prosze o pomoc.

Z powazaniem
s3bx
s3bx
~user
 
Posty: 1
Dołączenie: 05 Paź 2010, 02:34


Góra

[log] trojan-gamethief.win32.tibia!ik

Postprzez Mikou@j 05 Paź 2010, 08:15

obowiazkowe-zasady-wstawiania-logow-wazne-vt117887.html
Jak w opisie, wstaw odpowiednie logi.
ASUS TUF Gaming FX505DT R5-3550H/16GB || XBOX ONE + LG 43UJ6307 || Nintendo Switch ||
Image
"Nothing is true, everything is permitted"
NIE POMAGAM NA PW :!:
Awatar użytkownika
Mikou@j
»ekspert
»ekspert
 
Posty: 12734
Dołączenie: 03 Sty 2006, 21:48
Miejscowość: Katowice
Pochwały: 1007

Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 26 gości

Powered by phpBB © Group
Forum Programosy.pl