Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
Uryte foldery - nie da się odkryć. • programosy.pl
Aktualizacje na programosy.pl: DBeaverungoogled-chromiumZoteroEZ CD Audio ConverterAIDA64 Extreme EditionFarbar Recovery Scan ToolXRECODE III PortableXRECODE IIIParkdale  

  • Ogłoszenie:

Uryte foldery - nie da się odkryć.

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Zablokowany temat

Uryte foldery - nie da się odkryć.

Postprzez czesieK 03 Sty 2009, 02:13

reklama
W TYM temacie pisałem o problemie z folderami. Tamten temat chyba wymarł także proszę kogoś o sprawdzenie logów. Dodam, że szukałem już po googlach odpowiedzi i znalazłem podobny temat. Problem był ten sam co u mnie i prawdopodobnie ta sama przyczyna (zainfekowanie przez pendrive'a). Pomogło sprawdzenie logów.
Administratorów proszę o zablokowanie tamtego tematu (który notabene jest w złym dziale).

SDFix:
Kod: Zaznacz wszystko
[b]SDFix: Version 1.240 [/b]
Run by Administrator on 2009-01-01 at 23:35

Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

C:\autorun.inf - Deleted
C:\WINDOWS\expIorer.exe - Deleted





Removing Temp Files

[b]ADS Check [/b]:



                                 [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-01 23:39:29
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:53f2042c
"s2"=dword:08cc3cd7
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:e3,fb,a8,d6,a7,e8,76,1e,6c,6c,0f,85,a6,61,bf,0f,fb,40,08,71,c5,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,70,25,08,49,e0,ea,07,ed,60,bc,50,e6,e4,a7,ea,83,e6,..
"khjeh"=hex:c8,c1,10,23,b6,73,15,4f,d2,ec,a0,d3,fc,7c,98,e6,0b,66,cf,8c,88,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:9a,ba,6f,74,f7,a8,fd,c8,c2,56,a0,d6,17,48,2d,53,02,d7,b4,44,96,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:e3,fb,a8,d6,a7,e8,76,1e,6c,6c,0f,85,a6,61,bf,0f,fb,40,08,71,c5,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,70,25,08,49,e0,ea,07,ed,60,bc,50,e6,e4,a7,ea,83,e6,..
"khjeh"=hex:c8,c1,10,23,b6,73,15,4f,d2,ec,a0,d3,fc,7c,98,e6,0b,66,cf,8c,88,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:9a,ba,6f,74,f7,a8,fd,c8,c2,56,a0,d6,17,48,2d,53,02,d7,b4,44,96,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Mozilla Firefox"
"C:\\Program Files\\DC++\\DCPlusPlus.exe"="C:\\Program Files\\DC++\\DCPlusPlus.exe:*:Enabled:DC++"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\\Program Files\\Gadu-Gadu\\gg.exe"="C:\\Program Files\\Gadu-Gadu\\gg.exe:*:Enabled:Gadu-Gadu - program gˆ˘wny"
"C:\\Program Files\\RivChat2\\RivChat.exe"="C:\\Program Files\\RivChat2\\RivChat.exe:*:Enabled:RivChat"
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"="C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\\Instalki\\Internetowe\\utorrent.exe"="D:\\Instalki\\Internetowe\\utorrent.exe:*:Enabled:uTorrent"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent"
"C:\\WINDOWS\\system32\\lxdfcoms.exe"="C:\\WINDOWS\\system32\\lxdfcoms.exe:*:Enabled:Lexmark Communications System"
"C:\\Program Files\\Lexmark 6500 Series\\lxdfamon.exe"="C:\\Program Files\\Lexmark 6500 Series\\lxdfamon.exe:*:Enabled:Lexmark Device Monitor"
"C:\\Program Files\\Lexmark 6500 Series\\frun.exe"="C:\\Program Files\\Lexmark 6500 Series\\frun.exe:*:Enabled:Lexmark Productivity Studio"
"C:\\Program Files\\Abbyy FineReader 6.0 Sprint\\Scan\\ScanMan6.exe"="C:\\Program Files\\Abbyy FineReader 6.0 Sprint\\Scan\\ScanMan6.exe:*:Enabled:ABBYY FineReader"
"C:\\Program Files\\Lexmark 6500 Series\\LXDFFax.exe"="C:\\Program Files\\Lexmark 6500 Series\\LXDFFax.exe:*:Enabled:Fax software"
"C:\\Program Files\\Lexmark 6500 Series\\lxdfmon.exe"="C:\\Program Files\\Lexmark 6500 Series\\lxdfmon.exe:*:Enabled:Printer Device Monitor"
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdfpswx.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdfpswx.exe:*:Enabled:Printer Status Window Interface"
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdftime.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdftime.exe:*:Enabled:Lexmark Connect Time Executable"
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdfjswx.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdfjswx.exe:*:Enabled:Job Status Window Interface"
"C:\\Documents and Settings\\user\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"="C:\\Documents and Settings\\user\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe:*:Enabled:PowerSoccer"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Tue 23 Dec 2008        21,504 ...H. --- "C:\Documents and Settings\user\Ustawienia lokalne\Temp\AutoItDLL.dll"

[b]Finished![/b]



ComboFix:
Kod: Zaznacz wszystko
ComboFix 08-12-31.01 - user 2009-01-01 23:44:40.3 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.1023.565 [GMT 1:00]
Uruchomiony z: c:\documents and settings\user\Pulpit\ComboFix.exe
* Utworzono nowy punkt przywracania
.

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\Autorun.inf

.
(((((((((((((((((((((((((   Pliki utworzone od 2008-12-01 do 2009-01-01  )))))))))))))))))))))))))))))))
.

2009-01-01 23:34 . 2009-01-01 23:34   <DIR>   d--------   c:\windows\ERUNT
2009-01-01 23:33 . 2009-01-01 23:45   <DIR>   d--h-----   c:\documents and settings\Administrator\Ustawienia lokalne
2009-01-01 23:33 . 2008-11-23 16:05   <DIR>   d--------   c:\documents and settings\Administrator\Ulubione
2009-01-01 23:33 . 2008-11-23 15:10   <DIR>   d--h-----   c:\documents and settings\Administrator\Szablony
2009-01-01 23:33 . 2008-11-23 16:05   <DIR>   d--------   c:\documents and settings\Administrator\Pulpit
2009-01-01 23:33 . 2008-11-23 16:05   <DIR>   d--------   c:\documents and settings\Administrator\Moje dokumenty
2009-01-01 23:33 . 2008-11-23 16:05   <DIR>   dr-------   c:\documents and settings\Administrator\Menu Start
2009-01-01 23:33 . 2008-11-23 16:05   <DIR>   dr-h-----   c:\documents and settings\Administrator\Dane aplikacji
2009-01-01 23:33 . 2009-01-01 23:33   <DIR>   d--------   c:\documents and settings\Administrator
2009-01-01 23:31 . 2009-01-01 23:40   <DIR>   d--------   C:\SDFix
2009-01-01 15:12 . 2009-01-01 15:34   <DIR>   d--------   c:\program files\Winamp
2008-12-30 23:45 . 2008-12-30 23:45   <DIR>   d--------   C:\logs
2008-12-30 00:46 . 2008-12-30 00:47   <DIR>   d--------   C:\videooutput
2008-12-30 00:46 . 2008-12-30 00:46   <DIR>   d--------   c:\program files\Free FLV to AVI Converter
2008-12-30 00:46 . 2007-03-07 00:45   3,086,336   --a------   c:\windows\system32\NCMedia.dll
2008-12-30 00:46 . 2007-03-07 00:45   3,086,336   --a------   c:\windows\system32\flvvideo.dll
2008-12-30 00:46 . 2007-02-25 15:36   383,238   --a------   c:\windows\system32\libmp3lame-0.dll
2008-12-29 23:11 . 2008-12-29 18:50   84,992   ---------   c:\windows\system32\trz295.tmp
2008-12-29 23:11 . 2004-08-03 23:44   78,848   ---------   c:\windows\system32\trz296.tmp
2008-12-29 17:27 . 2008-12-30 23:45   <DIR>   d--------   c:\windows\system32\Adobe
2008-12-27 20:01 . 2007-05-16 16:45   3,497,832   --a------   c:\windows\system32\d3dx9_34.dll
2008-12-27 20:01 . 2007-03-12 16:42   3,495,784   --a------   c:\windows\system32\d3dx9_33.dll
2008-12-27 20:01 . 2007-05-16 16:45   1,124,720   --a------   c:\windows\system32\D3DCompiler_34.dll
2008-12-27 20:01 . 2007-03-12 16:42   1,123,696   --a------   c:\windows\system32\D3DCompiler_33.dll
2008-12-27 20:01 . 2007-05-16 16:45   443,752   --a------   c:\windows\system32\d3dx10_34.dll
2008-12-27 20:01 . 2007-03-15 16:57   443,752   --a------   c:\windows\system32\d3dx10_33.dll
2008-12-27 20:01 . 2007-05-31 19:30   266,088   --a------   c:\windows\system32\xactengine2_8.dll
2008-12-27 20:01 . 2007-04-04 18:55   261,480   --a------   c:\windows\system32\xactengine2_7.dll
2008-12-27 20:01 . 2007-01-24 15:27   255,848   --a------   c:\windows\system32\xactengine2_6.dll
2008-12-27 20:01 . 2007-05-31 19:29   18,280   --a------   c:\windows\system32\x3daudio1_2.dll
2008-12-27 19:59 . 2008-12-29 16:00   22,328   --a------   c:\windows\system32\drivers\PnkBstrK.sys
2008-12-27 19:59 . 2008-12-27 19:59   22,328   --a------   c:\documents and settings\user\Dane aplikacji\PnkBstrK.sys
2008-12-27 19:58 . 2008-12-27 19:58   <DIR>   d--------   c:\windows\system32\LogFiles
2008-12-27 19:58 . 2008-12-29 16:00   103,736   --a------   c:\windows\system32\PnkBstrB.exe
2008-12-27 19:58 . 2008-12-29 16:00   66,872   --a------   c:\windows\system32\PnkBstrA.exe
2008-12-27 19:58 . 2008-12-27 19:58   319   --a------   c:\windows\game.ini
2008-12-27 19:45 . 2008-12-27 19:45   <DIR>   d--------   c:\program files\Activision
2008-12-23 23:19 . 2008-12-23 23:19   <DIR>   d--------   c:\program files\You Ripper
2008-12-22 16:11 . 2008-12-22 16:11   <DIR>   d--------   c:\program files\MSXML 4.0
2008-12-19 15:51 . 2008-12-19 15:51   <DIR>   d--------   c:\windows\system32\Lang
2008-12-19 15:51 . 2008-12-19 15:51   940,794   --a------   c:\windows\system32\LoopyMusic.wav
2008-12-19 15:51 . 2008-12-19 15:51   146,650   --a------   c:\windows\system32\BuzzingBee.wav
2008-12-18 15:19 . 2008-12-18 15:19   <DIR>   d--------   c:\documents and settings\All Users\Dane aplikacji\Trymedia
2008-12-17 17:57 . 2008-12-17 18:08   <DIR>   d--------   c:\program files\RTL Biathlon 2009
2008-12-16 21:36 . 2008-12-16 21:45   <DIR>   d--------   c:\program files\EA GAMES
2008-12-16 21:36 . 2004-08-18 09:34   442,368   -ra------   c:\windows\system32\vp6vfw.dll
2008-12-16 19:50 . 2008-12-16 19:55   <DIR>   d--------   c:\documents and settings\user\Dane aplikacji\U3
2008-12-15 15:01 . 2008-12-15 15:01   <DIR>   d--------   c:\documents and settings\user\WINDOWS
2008-12-15 15:01 . 1998-01-23 14:15   304,640   --a------   c:\windows\IsUn0415.exe
2008-12-14 17:10 . 2008-12-28 20:48   54,156   --ah-----   c:\windows\QTFont.qfn
2008-12-14 17:10 . 2008-12-14 17:10   1,409   --a------   c:\windows\QTFont.for
2008-12-11 16:10 . 2008-12-11 16:11   <DIR>   d--------   c:\program files\SystemRequirementsLab
2008-12-11 16:10 . 2008-12-11 16:10   <DIR>   d--------   c:\documents and settings\user\SystemRequirementsLab
2008-12-11 13:54 . 2008-12-11 14:10   <DIR>   d--------   c:\documents and settings\user\Phone Browser
2008-12-11 13:54 . 2008-12-11 13:54   <DIR>   d--------   c:\documents and settings\user\Dane aplikacji\Datalayer
2008-12-11 13:51 . 2008-12-11 13:51   <DIR>   d--------   c:\program files\DIFX
2008-12-11 13:51 . 2008-12-11 13:51   <DIR>   d--------   c:\documents and settings\user\Dane aplikacji\Nokia
2008-12-11 13:50 . 2008-12-11 23:05   <DIR>   d----c---   c:\windows\system32\DRVSTORE
2008-12-11 13:50 . 2008-12-11 23:06   <DIR>   d--------   c:\program files\Nokia
2008-12-11 13:50 . 2008-12-11 23:06   <DIR>   d--------   c:\program files\Common Files\PCSuite
2008-12-11 13:50 . 2008-12-11 13:51   <DIR>   d--------   c:\documents and settings\user\Dane aplikacji\PC Suite
2008-12-11 13:50 . 2008-12-11 13:51   <DIR>   d--------   c:\documents and settings\All Users\Dane aplikacji\PC Suite
2008-12-11 13:50 . 2006-05-29 08:26   13,312   --a------   c:\windows\system32\drivers\nmwcdcj.sys
2008-12-11 13:49 . 2008-12-11 23:06   <DIR>   d--------   c:\documents and settings\All Users\Dane aplikacji\Downloaded Installations
2008-12-11 13:49 . 2004-08-03 23:08   25,600   --a------   c:\windows\system32\drivers\usbser.sys
2008-12-11 13:49 . 2004-08-03 23:08   25,600   --a--c---   c:\windows\system32\dllcache\usbser.sys
2008-12-11 13:48 . 2008-12-11 13:48   0   --ah-----   c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-12-11 13:48 . 2008-12-11 13:48   0   --ah-----   c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-12-02 21:46 . 2008-12-02 21:46   <DIR>   d--hs----   c:\windows\ftpcache
2008-12-02 21:06 . 2008-12-02 21:06   <DIR>   d--------   c:\program files\JFK Reloaded

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-01 15:02   ---------   d-----w   c:\program files\Mozilla Thunderbird
2009-01-01 00:55   ---------   d-----w   c:\documents and settings\user\Dane aplikacji\uTorrent
2008-12-30 11:57   ---------   d-----w   c:\program files\DC++
2008-12-30 11:08   ---------   d-----w   c:\program files\Trojan Remover
2008-12-29 23:58   ---------   d---a-w   c:\documents and settings\All Users\Dane aplikacji\TEMP
2008-12-28 22:46   ---------   d--h--w   c:\program files\InstallShield Installation Information
2008-12-14 14:44   ---------   d-----w   c:\program files\Call of Duty
2008-11-30 16:02   ---------   d-----w   c:\program files\Midas
2008-11-30 12:00   ---------   d-----w   c:\program files\USB Vibration
2008-11-29 16:13   ---------   d-----w   c:\program files\Real
2008-11-29 16:13   ---------   d-----w   c:\program files\Common Files\xing shared
2008-11-29 16:13   ---------   d-----w   c:\program files\Common Files\Real
2008-11-27 18:48   12,528   ----a-w   c:\windows\system32\drivers\secdrv.sys
2008-11-27 13:55   ---------   d-----w   c:\program files\DAEMON Tools Toolbar
2008-11-27 13:55   ---------   d-----w   c:\program files\DAEMON Tools Lite
2008-11-27 13:53   717,296   ----a-w   c:\windows\system32\drivers\sptd.sys
2008-11-27 13:53   ---------   d-----w   c:\documents and settings\user\Dane aplikacji\DAEMON Tools
2008-11-27 13:48   ---------   d-----w   c:\program files\DAEMON Tools
2008-11-26 18:43   ---------   d-----w   c:\program files\Common Files\Nero
2008-11-26 18:42   ---------   d-----w   c:\program files\Common Files\LightScribe
2008-11-26 18:41   ---------   d-----w   c:\program files\Ahead
2008-11-26 18:40   ---------   d-----w   c:\program files\Common Files\Ahead
2008-11-26 13:27   ---------   d-----w   c:\documents and settings\user\Dane aplikacji\Thunderbird
2008-11-26 12:47   ---------   d-----w   c:\documents and settings\user\Dane aplikacji\ATI
2008-11-26 12:47   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\ATI
2008-11-26 12:45   ---------   d-----w   c:\documents and settings\user\Dane aplikacji\6500 Series
2008-11-25 22:14   ---------   d-----w   c:\documents and settings\user\Dane aplikacji\Lexmark Productivity Studio
2008-11-25 22:10   ---------   d-----w   c:\program files\Lexmark 6500 Series
2008-11-25 22:10   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\6500 Series
2008-11-25 22:09   ---------   d-----w   c:\program files\Abbyy FineReader 6.0 Sprint
2008-11-25 21:33   ---------   d-----w   c:\program files\Gadu-Gadu
2008-11-25 19:41   ---------   d-----w   c:\program files\uTorrent
2008-11-25 17:07   410,976   ----a-w   c:\windows\system32\deploytk.dll
2008-11-25 17:07   ---------   d-----w   c:\program files\Java
2008-11-25 16:21   ---------   d-----w   c:\program files\Common Files\Adobe
2008-11-24 16:43   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2008-11-24 16:42   ---------   d-----w   c:\program files\MSBuild
2008-11-24 16:42   ---------   d-----w   c:\program files\Microsoft Works
2008-11-23 21:45   ---------   d-----w   c:\program files\ATI Technologies
2008-11-23 20:43   ---------   d-----w   c:\program files\Google
2008-11-23 19:37   ---------   d-----w   c:\documents and settings\user\Dane aplikacji\Skype
2008-11-23 19:30   ---------   d-----w   c:\documents and settings\user\Dane aplikacji\Apple Computer
2008-11-23 16:42   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\KONAMI
2008-11-23 16:36   ---------   d-----w   c:\program files\KONAMI
2008-11-23 15:29   ---------   d-----w   c:\program files\RivChat2
2008-11-23 15:19   ---------   d-----w   c:\documents and settings\user\Dane aplikacji\Gadu-Gadu
2008-11-23 15:13   223,128   ----a-w   c:\windows\system32\drivers\dtscsi.sys.vir
2008-11-23 15:08   ---------   d-----w   c:\program files\SopCast
2008-11-23 15:08   ---------   d-----w   c:\program files\Skype
2008-11-23 15:08   ---------   d-----w   c:\program files\Common Files\Skype
2008-11-23 15:08   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\Skype
2008-11-23 15:07   155,995   ----a-w   c:\windows\java\Packages\4ONLVPNF.ZIP
2008-11-23 15:05   ---------   d-----w   c:\program files\QuickTime
2008-11-23 15:04   ---------   d-----w   c:\program files\iTunes
2008-11-23 15:04   ---------   d-----w   c:\program files\iPod
2008-11-23 15:04   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\Apple Computer
2008-11-23 15:03   ---------   d-----w   c:\program files\Common Files\InstallShield
2008-11-23 15:02   ---------   d-----w   c:\program files\Lavalys
2008-11-23 15:01   ---------   d-----w   c:\program files\DivX
2008-11-23 15:00   ---------   d-----w   c:\program files\Common Files\AVSMedia
2008-11-23 15:00   ---------   d-----w   c:\program files\AVSMedia
2008-11-23 14:58   ---------   d-----w   c:\program files\MarBit
2008-11-23 14:22   ---------   d-----w   c:\program files\Alwil Software
2008-11-23 14:14   ---------   d-----w   c:\program files\microsoft frontpage
2008-11-23 14:12   ---------   d-----w   c:\program files\Usługi online
2008-10-29 02:23   425,984   ----a-w   c:\windows\system32\ATIDEMGX.dll
2008-10-29 02:22   314,880   ----a-w   c:\windows\system32\ati2dvag.dll
2008-10-29 02:11   43,520   ----a-w   c:\windows\system32\ati2edxx.dll
2008-10-29 02:11   26,112   ----a-w   c:\windows\system32\Ati2mdxx.exe
2008-10-29 02:11   188,416   ----a-w   c:\windows\system32\atipdlxx.dll
2008-10-29 02:11   147,456   ----a-w   c:\windows\system32\Oemdspif.dll
2008-10-29 02:10   143,360   ----a-w   c:\windows\system32\ati2evxx.dll
2008-10-29 02:10   10,973,184   ----a-w   c:\windows\system32\atioglxx.dll
2008-10-29 02:09   585,728   ----a-w   c:\windows\system32\ati2evxx.exe
2008-10-29 02:07   53,248   ----a-w   c:\windows\system32\ATIDDC.DLL
2008-10-29 01:57   4,041,472   ----a-w   c:\windows\system32\ati3duag.dll
2008-10-29 01:49   307,200   ----a-w   c:\windows\system32\atiiiexx.dll
2008-10-29 01:41   2,472,832   ----a-w   c:\windows\system32\ativvaxx.dll
2008-10-29 01:25   48,640   ----a-w   c:\windows\system32\amdpcom32.dll
2008-10-29 01:21   389,120   ----a-w   c:\windows\system32\atikvmag.dll
2008-10-29 01:19   44,032   ----a-w   c:\windows\system32\atiadlxx.dll
2008-10-29 01:19   17,408   ----a-w   c:\windows\system32\atitvo32.dll
2008-10-29 01:18   253,952   ----a-w   c:\windows\system32\atiok3x2.dll
2008-10-29 01:12   577,536   ----a-w   c:\windows\system32\ati2cqag.dll
2008-10-28 20:05   593,920   ------w   c:\windows\system32\ati2sgag.exe
2008-10-23 13:01   283,648   ----a-w   c:\windows\system32\gdi32.dll
2008-10-21 17:51   118,784   ----a-w   c:\windows\system32\atibrtmon.exe
2008-10-16 13:13   202,776   ----a-w   c:\windows\system32\wuweb.dll
2008-10-16 13:13   1,809,944   ----a-w   c:\windows\system32\wuaueng.dll
2008-10-16 13:12   561,688   ----a-w   c:\windows\system32\wuapi.dll
2008-10-16 13:12   323,608   ----a-w   c:\windows\system32\wucltui.dll
2008-10-16 13:09   92,696   ----a-w   c:\windows\system32\cdm.dll
2008-10-16 13:09   51,224   ----a-w   c:\windows\system32\wuauclt.exe
2008-10-16 13:09   43,544   ----a-w   c:\windows\system32\wups2.dll
2008-10-16 13:08   34,328   ----a-w   c:\windows\system32\wups.dll
2008-10-16 10:39   662,016   ----a-w   c:\windows\system32\wininet.dll
2008-10-03 10:17   247,326   ----a-w   c:\windows\system32\strmdll.dll
2008-11-23 14:28   60,526   ----a-w   c:\program files\mozilla firefox\components\jar50.dll
2008-11-23 14:28   49,256   ----a-w   c:\program files\mozilla firefox\components\jsd3250.dll
2008-11-23 14:28   166,000   ----a-w   c:\program files\mozilla firefox\components\xpinstal.dll
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2007-04-25 2101248]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-18 81000]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2006-06-14 278528]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-23 282624]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-25 136600]
"lxdfmon.exe"="c:\program files\Lexmark 6500 Series\lxdfmon.exe" [2007-06-12 455600]
"lxdfamon"="c:\program files\Lexmark 6500 Series\lxdfamon.exe" [2007-06-01 20480]
"Lexmark 6500 Series Fax Server"="c:\program files\Lexmark 6500 Series\fm3032.exe" [2007-06-12 308144]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2006-06-09 35328]
"SoundMan"="SOUNDMAN.EXE" [2005-01-10 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-11-25 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\RivChat2\\RivChat.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Instalki\\Internetowe\\utorrent.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\lxdfcoms.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\lxdfamon.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\frun.exe"=
"c:\\Program Files\\Abbyy FineReader 6.0 Sprint\\Scan\\ScanMan6.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\LXDFFax.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\lxdfmon.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdfpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdftime.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdfjswx.exe"=
"c:\\Documents and Settings\\user\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-23 111184]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-23 20560]
R2 lxdf_device;lxdf_device;c:\windows\system32\lxdfcoms.exe -service []
S2 lxdfCATSCustConnectService;lxdfCATSCustConnectService;c:\windows\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe [2008-11-25 99248]
S3 hid7906;hid7906;c:\windows\system32\drivers\hid7906.sys [2008-11-30 53921]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1cab96bc-d5b9-11dd-8c0a-00304f245418}]
\Shell\AutoRun\command - G:\e8kj.exe
\Shell\explore\Command - G:\e8kj.exe
\Shell\open\Command - G:\e8kj.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c255be22-cb9c-11dd-8bf8-00304f245418}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8622ab9-cd0e-11dd-8bfa-00304f245418}]
\Shell\AutoRun\command - G:\2w.cmd
\Shell\explore\Command - G:\2w.cmd
\Shell\open\Command - G:\2w.cmd
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKCU-Run-vamsoft - c:\windows\system32\vamsoft.exe


.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.onet.pl/
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FF - ProfilePath - c:\documents and settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\cb55a8gw.default\
FF - prefs.js: browser.startup.homepage - www.onet.pl
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll

[color=red]ATTENTION: FIREFOX POLICES IS IN FORCE [/color]
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("general.useragent.contentlocale", "chrome://navigator-region/locale/region.properties");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("accessibility.typeaheadfind.soundURL", "default");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("browser.tabs.warnOnCloseOther", true);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("browser.tabs.loadGroup", 1);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("browser.tabs.loadOnNewTab", 0);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("browser.windows.loadOnNewWindow", 1);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.HTMLDocument.close.get", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.HTMLDocument.open.get", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Location.reload.get", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.Components", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.document.get", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.XULControllers.commandDispatcher", "noAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.XULControllers.getControllerForCommand", "noAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.XULControllers.insertControllerAt", "noAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.XULControllers.removeControllerAt", "noAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.XULControllers.getControllerAt", "noAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.XULControllers.appendController", "noAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.XULControllers.removeController", "noAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.XULControllers.getControllerId", "noAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.XULControllers.getControllerById", "noAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.XULControllers.getControllerCount", "noAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("dom.disable_window_open_feature.resizable",   false);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.http.max-connections", 24);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.http.max-connections-per-server", 8);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.http.max-persistent-connections-per-server", 2);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.http.max-persistent-connections-per-proxy", 4);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.http.accept.default", "text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.dns.ipv4OnlyDomains", ".doubleclick.net");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.standard-url.encode-utf8", false);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.image.warnAboutImages",       false);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.proxy.autoconfig_url",        "");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.cookie.p3p",                  "ffffaaaa");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.cookie.p3plevel",             1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.enablePad",                   false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("ime.password.onFocus.dontCare",       false);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("ime.password.onBlur.dontCare",        false);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("ui.key.generalAccessKey", 18);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("dom.max_script_run_time", 5);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.enable_ssl2",             true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl2.rc4_128", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl2.rc2_128", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl2.des_ede3_192", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl2.des_64", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl2.rc4_40", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl2.rc2_40", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.rsa_fips_des_sha", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.rsa_des_sha", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.rsa_1024_rc4_56_sha", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.rsa_1024_des_cbc_sha", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.rsa_rc4_40_md5", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.rsa_rc2_40_md5", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.dhe_rsa_des_sha", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.dhe_dss_des_sha", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.default_personal_cert",   "Select Automatically");
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.warn_entering_secure",    true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.warn_leaving_secure",     true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.warn_submit_insecure",    true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.OCSP.enabled",      0);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ui.enable",    true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("startup.homepage_override_url","chrome://browser-region/locale/region.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("xpinstall.dialog.progress.skin", "chrome://mozapps/content/extensions/extensions.xul?type=themes");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("xpinstall.dialog.progress.chrome", "chrome://mozapps/content/extensions/extensions.xul?type=extensions");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("xpinstall.dialog.progress.type.skin", "Extension:Manager-themes");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("xpinstall.dialog.progress.type.chrome", "Extension:Manager-extensions");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("extensions.getMoreExtensionsURL", "chrome://mozapps/locale/extensions/extensions.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("extensions.getMoreThemesURL", "chrome://mozapps/locale/extensions/extensions.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("app.update.url.manual", "http://www.mozilla.org/products/firefox/");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("app.update.url.details", "chrome://browser-region/locale/region.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("app.update.nagTimer.download", 86400);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("app.update.nagTimer.restart", 1800);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("extensions.update.url", "chrome://mozapps/locale/extensions/extensions.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("extensions.getMoreExtensionsURL", "chrome://mozapps/locale/extensions/extensions.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("extensions.getMoreThemesURL", "chrome://mozapps/locale/extensions/extensions.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("keyword.URL", "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.startup.homepage",             "resource:/browserconfig.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.defaulturl",             "chrome://browser-region/locale/region.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom",  "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.order.Yahoo.1",          "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.order.Yahoo.2",          "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.order.Yahoo",            "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.basic.min_ver", "0.0");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.link.open_newwindow", 2);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.tabs.opentabfor.urlbar", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.related.enabled", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.related.autoload", 1);  // 0 = Always, 1 = After first use, 2 = Never
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.related.provider", "http://www-rl.netscape.com/wtgn?");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.related.disabledForDomains", "");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.goBrowsing.enabled", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("dom.disable_window_open_feature.location",  false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("dom.disable_window_flip",                   false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.trim_user_and_password",            true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.history",    true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.formdata",   true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.passwords",  false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.downloads",  true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.cookies",    false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.cache",      true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.siteprefs",  false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.sessions",   true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("network.cookie.enableForCurrentSessionOnly", false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("network.cookie.denyRemovedCookies", false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.throbber.url","chrome://browser-region/locale/region.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("alerts.height", 50);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("signon.SignonFileName", "signons.txt");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("security.warn_entering_secure.show_once", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("security.warn_leaving_secure.show_once", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("security.warn_submit_insecure.show_once", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.display.screen_resolution", 96);
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-01 23:45:38
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(572)
c:\windows\system32\Ati2evxx.dll
.
Czas ukończenia: 2009-01-01 23:46:24
ComboFix-quarantined-files.txt  2009-01-01 22:46:02

Przed: 34 078 638 080 bajtów wolnych
Po: 34,178,838,528 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

405   --- E O F ---   2008-12-22 15:12:08


HiJack This:
Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:47:49, on 2009-01-01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxdfcoms.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lexmark 6500 Series\lxdfmon.exe
C:\Program Files\Lexmark 6500 Series\lxdfamon.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdfmon.exe] "C:\Program Files\Lexmark 6500 Series\lxdfmon.exe"
O4 - HKLM\..\Run: [lxdfamon] "C:\Program Files\Lexmark 6500 Series\lxdfamon.exe"
O4 - HKLM\..\Run: [Lexmark 6500 Series Fax Server] "C:\Program Files\Lexmark 6500 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdfCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe
O23 - Service: lxdf_device -   - C:\WINDOWS\system32\lxdfcoms.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

--
End of file - 7334 bytes
AMD Athlon 64 3000+ s.939, Radeon x800Pro
1GB DDR PCI400, Abit AV8- 3rd Eye
Seagate 160GB sATA II
Awatar użytkownika
czesieK
~user
 
Posty: 188
Dołączenie: 29 Maj 2006, 18:20
Pochwały: 2

Góra

Uryte foldery - nie da się odkryć.

Postprzez wojtas 03 Sty 2009, 18:49

pisz tam
Image
Awatar użytkownika
wojtas
*mod
 
Posty: 18165
Dołączenie: 13 Sty 2006, 16:00
Miejscowość: Krzeszyce
Pochwały: 1656


Góra
Zablokowany temat

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 5 gości

Powered by phpBB © Group
Forum Programosy.pl