Strona 1 z 3 123 OstatniOstatni
Pokaż wyniki od 1 do 15 z 41
  1. #1
    Użytkownik
    Dołączył
    15-05-2007
    Skąd
    Elbląg
    Posty
    3

    Domyślnie Logi: HijackThis, SilentRunners, ComboFix, Gmer

    Do sprawdzenia zawsze wklejamy na początek dwa logi tj. HijackThis i Silent Runners. Resztę logów generujemy na prośbę osoby sprawdzającej logi.

    Opisy programów i sposoby generowania logów:

    HijackThis - http://pliki.pl/programy/windows/bez...are/hijackthis
    ComboFix - http://pliki.pl/programy/windows/bez...usowe/combofix
    SilentRunners - http://www.silentrunners.org/
    DSS - http://www.geekstogo.com/forum/index.php?a...amp;showfile=19
    Gmer - http://pliki.pl/programy/windows/bez...tyspyware/gmer

    Temat zamieszczony za zgodą Kornik52.

  2. #2
    Dawni Moderatorzy
    Dołączył
    19-12-2006
    Posty
    997

    Domyślnie

    to moze tamten z hijackthisem wywalic? Bo po co maja byc dwa, nieprawdaz?

  3. #3
    Użytkownik
    Dołączył
    09-09-2008
    Posty
    3

    Domyślnie

    linki nieaktywne, proponuję z edytować i naprawić linki.

  4. #4
    Użytkownik
    Dołączył
    06-12-2008
    Posty
    3

    Domyślnie

    Prosze o sprawdzenie loga



    "Silent Runners.vbs", revision 58, http://www.silentrunners.org/
    Operating System: Windows XP SP2
    Output limited to non-default values, except where indicated by "{++}"


    Startup items buried in registry:
    ---------------------------------

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run \ {++}
    "CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
    "TOSCDSPD" = "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" ["TOSHIBA"]
    "Skype" = ""C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized" ["Skype Technologies S.A."]
    "Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["Gadu-Gadu S.A."]
    "Orb" = ""C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background" ["Orb Networks"]
    "ares" = ""C:\Program Files\Ares\Ares.exe" -h" ["Ares Development Group"]
    "PC Suite Tray" = ""C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray" ["Nokia"]
    "Nokia.PCSync" = ""C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog" ["Time Information Services Ltd."]
    "Google Update" = ""C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c" ["Google Inc."]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run \ {++}
    "IgfxTray" = "C:\WINDOWS\system32\igfxtray.exe" ["Intel Corporation"]
    "HotKeysCmds" = "C:\WINDOWS\system32\hkcmd.exe" ["Intel Corporation"]
    "SynTPLpr" = "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" ["Synaptics, Inc."]
    "SynTPEnh" = "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" ["Synaptics, Inc."]
    "Toshiba Hotkey Utility" = ""C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang PL" ["TOSHIBA Inc."]
    "PadTouch" = "C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" ["TOSHIBA"]
    "NDSTray.exe" = "NDSTray.exe" ["TOSHIBA CORPORATION"]
    "SmoothView" = "C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe" ["TOSHIBA Corporation"]
    "WinampAgent" = ""C:\Program Files\Winamp\winampa.exe"" [null data]
    "CFSServ.exe" = "CFSServ.exe -NoClient" ["TOSHIBA CORPORATION"]
    "HPDJ Taskbar Utility" = "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb 07.exe" ["HP"]
    "ISTray" = ""C:\Program Files\Spyware Doctor\pctsTray.exe"" ["PC Tools"]
    "AVP" = ""C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"" ["Kaspersky Lab"]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\
    {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
    -> {HKLM...CLSID} = "Google Toolbar Helper"
    \InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided)
    -> {HKLM...CLSID} = "Google Toolbar Notifier BHO"
    \InProcServer32\(Default) = "C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\sw g.dll" ["Google Inc."]
    {FA205D44-FB29-4901-B3F7-2F6A723EC09C}\(Default) = (no title provided)
    -> {HKLM...CLSID} = (no title provided)
    \InProcServer32\(Default) = "C:\WINDOWS\system32\xxyaawxw.dll" [file not found]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved\
    "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
    -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
    \InProcServer32\(Default) = "deskpan.dll" [file not found]
    "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
    -> {HKLM...CLSID} = "HyperTerminal Icon Ext"
    \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]

  5. #5
    Użytkownik
    Dołączył
    21-02-2008
    Posty
    9

    Domyślnie

    Prosze o sprawdzenie loga...
    .

    ((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Poprzednie uruchomienie -------
    .
    c:\program files\Internet Explorer\setupapi.dll
    c:\windows\system32\AutoRun.inf
    c:\windows\system32\hpowiax3.dll

    .
    ((((((((((((((((((((((((( Pliki utworzone od 2009-01-01 do 2009-02-01 )))))))))))))))))))))))))))))))
    .

    2009-01-31 15:07 . 2009-01-31 15:07 <DIR> d-------- c:\windows\San Andreas Mod Installer
    2009-01-30 23:11 . 2009-01-31 21:01 155 --a------ c:\windows\NeroDigital.ini
    2009-01-30 13:13 . 2005-09-01 11:03 127,488 --------- c:\windows\system32\drivers\imagesrv.sys
    2009-01-30 13:13 . 2005-09-01 11:03 5,888 --------- c:\windows\system32\drivers\imagedrv.sys
    2009-01-30 13:12 . 2009-01-30 13:12 <DIR> d-------- c:\program files\Ahead
    2009-01-30 13:12 . 2004-07-26 16:16 1,568,768 --------- c:\windows\system32\ImagX7.dll
    2009-01-30 13:12 . 2004-07-26 16:16 476,320 --------- c:\windows\system32\ImagXpr7.dll
    2009-01-30 13:12 . 2004-07-26 16:16 471,040 --------- c:\windows\system32\ImagXRA7.dll
    2009-01-30 13:12 . 2004-07-09 08:43 364,544 --------- c:\windows\system32\TwnLib4.dll
    2009-01-30 13:12 . 2004-07-26 16:16 262,144 --------- c:\windows\system32\ImagXR7.dll
    2009-01-30 13:12 . 2006-01-12 15:40 155,648 --a------ c:\windows\system32\NeroCheck.exe
    2009-01-30 13:12 . 2000-06-26 10:45 106,496 --a------ c:\windows\system32\TwnLib20.dll
    2009-01-30 12:38 . 2009-01-30 12:38 <DIR> d-------- c:\program files\Common Files\Nero
    2009-01-30 12:38 . 2001-03-08 18:30 24,064 --------- c:\windows\system32\msxml3a.dll
    2009-01-30 12:37 . 2009-01-30 13:12 <DIR> d-------- c:\program files\Common Files\Ahead
    2009-01-30 12:37 . 2009-01-30 12:37 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Ahead
    2009-01-30 11:14 . 2009-01-30 11:14 <DIR> d-------- c:\windows\system32\LogFiles
    2009-01-30 11:13 . 2008-04-14 00:15 26,112 --a------ c:\windows\system32\drivers\usbser.sys
    2009-01-30 11:13 . 2008-04-14 00:15 26,112 --a------ c:\windows\system32\dllcache\usbser.sys
    2009-01-30 11:13 . 2008-03-21 13:57 23,856 --a------ c:\windows\system32\spupdsvc.exe
    2009-01-30 11:13 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
    2009-01-30 11:13 . 2009-01-30 11:13 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_C oinstaller_Critical.Wdf
    2009-01-30 11:13 . 2009-01-30 11:13 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_010 07.Wdf
    2009-01-29 21:52 . 2009-01-29 21:52 <DIR> d-------- c:\program files\Common Files\Adobe AIR
    2009-01-29 21:52 . 2009-01-29 21:52 <DIR> d-------- c:\program files\Adobe Media Player
    2009-01-29 21:48 . 2009-01-29 21:48 <DIR> d-------- c:\program files\Google
    2009-01-29 21:43 . 2009-01-29 21:43 <DIR> d-------- c:\program files\Common Files\Adobe
    2009-01-29 18:04 . 2009-02-01 00:30 154 --a------ c:\windows\wcx_ftp.ini
    2009-01-29 14:59 . 2009-01-29 14:59 <DIR> d-------- c:\program files\Winamp Toolbar
    2009-01-29 14:59 . 2009-01-29 14:59 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar
    2009-01-29 14:58 . 2009-01-29 14:58 <DIR> d-------- c:\program files\Winamp Remote
    2009-01-29 14:58 . 2009-01-29 14:58 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\OrbNetworks
    2009-01-29 14:57 . 2009-01-29 14:57 <DIR> d-------- c:\program files\Microsoft Silverlight
    2009-01-29 14:53 . 2009-01-29 15:00 <DIR> d-------- c:\program files\Winamp
    2009-01-29 14:53 . 2009-01-29 15:33 <DIR> d-------- c:\documents and settings\Damian\Dane aplikacji\Winamp
    2009-01-29 14:43 . 2009-01-31 21:24 <DIR> d-------- c:\documents and settings\Damian\Dane aplikacji\PC Suite
    2009-01-29 14:43 . 2009-01-30 11:13 <DIR> d-------- c:\documents and settings\Damian\Dane aplikacji\Nokia
    2009-01-29 14:43 . 2009-01-30 11:13 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\PC Suite
    2009-01-29 14:41 . 2009-01-29 14:41 <DIR> d-------- c:\program files\DIFX
    2009-01-29 14:41 . 2009-01-29 14:41 <DIR> d-------- c:\program files\Common Files\PCSuite
    2009-01-29 14:41 . 2009-01-29 14:41 <DIR> d-------- c:\program files\Common Files\Nokia
    2009-01-29 14:41 . 2008-08-26 09:26 18,816 --a------ c:\windows\system32\drivers\pccsmcfd.sys
    2009-01-29 14:40 . 2009-01-29 14:40 <DIR> d-------- c:\program files\PC Connectivity Solution
    2009-01-29 14:40 . 2009-01-29 14:41 <DIR> d-------- c:\program files\Nokia
    2009-01-29 14:40 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll
    2009-01-29 14:40 . 2009-01-29 14:40 892,928 --a------ c:\windows\system32\iconv.dll
    2009-01-29 14:40 . 2009-01-29 14:40 675,840 --a------ c:\windows\system32\ac3filter.ax
    2009-01-29 14:40 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
    2009-01-29 14:40 . 2008-09-15 07:56 91,136 --a------ c:\windows\system32\nmwcdcls.dll
    2009-01-29 14:40 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys
    2009-01-29 14:40 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys
    2009-01-29 14:40 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys
    2009-01-29 14:40 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys
    2009-01-29 14:39 . 2009-01-29 14:39 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Installations
    2009-01-29 14:39 . 2009-01-29 14:39 1,415,680 --a------ c:\windows\system32\WMV9VCM.dll
    2009-01-29 14:39 . 2009-01-29 14:39 921,600 --a------ c:\windows\system32\vorbisenc.dll
    2009-01-29 14:39 . 2009-01-29 14:39 245,760 --a------ c:\windows\system32\mplvpx.dll
    2009-01-29 14:39 . 2009-01-29 14:39 237,568 --a------ c:\windows\system32\OggDS.dll
    2009-01-29 14:39 . 2009-01-29 14:39 188,416 --a------ c:\windows\system32\vorbis.dll
    2009-01-29 14:39 . 2009-01-29 14:39 106,496 --a------ c:\windows\system32\lmpgspl.ax
    2009-01-29 14:39 . 2009-01-29 14:39 94,208 --a------ c:\windows\system32\lmpgvd.ax
    2009-01-29 14:39 . 2009-01-29 14:39 86,528 --a------ c:\windows\system32\DVDVideo.ax
    2009-01-29 14:39 . 2009-01-29 14:39 45,056 --a------ c:\windows\system32\ogg.dll
    2009-01-29 14:39 . 2009-01-29 14:39 9,216 --a------ c:\windows\system32\cpuinf32.dll
    2009-01-29 14:38 . 2009-01-29 14:38 <DIR> d-------- c:\program files\NAPI-PROJEKT
    2009-01-29 14:38 . 2009-01-29 14:38 77,824 --a------ c:\windows\system32\xvid.ax
    2009-01-29 14:37 . 2009-01-30 23:11 <DIR> d-------- c:\program files\ALLPlayer
    2009-01-29 14:35 . 2007-09-04 17:56 164,352 --a------ c:\windows\system32\unrar.dll
    2009-01-29 14:35 . 2008-10-03 13:30 414 --a------ c:\windows\system32\lame_acm.xml
    2009-01-29 14:35 . 2008-07-30 20:09 38 --a------ c:\windows\avisplitter.ini
    2009-01-29 14:34 . 2009-01-29 14:34 <DIR> d-------- c:\program files\K-Lite Codec Pack
    2009-01-29 14:34 . 2008-09-16 01:14 3,596,288 --a------ c:\windows\system32\qt-dx331.dll
    2009-01-29 14:34 . 2008-09-24 19:41 839,680 --a------ c:\windows\system32\lameACM.acm
    2009-01-29 14:34 . 2009-01-29 14:38 795,648 --a------ c:\windows\system32\xvidcore.dll
    2009-01-29 14:34 . 2008-09-16 01:11 683,520 --a------ c:\windows\system32\divx.dll
    2009-01-29 14:34 . 2004-01-11 23:00 348,160 --a------ c:\windows\system32\msvcr71.dll
    2009-01-29 14:34 . 2004-01-25 17:18 217,088 --a------ c:\windows\system32\yv12vfw.dll
    2009-01-29 14:34 . 2009-01-29 14:38 130,048 --a------ c:\windows\system32\xvidvfw.dll
    2009-01-29 14:34 . 2009-01-29 14:40 118,784 --a------ c:\windows\system32\ac3acm.acm
    2009-01-29 14:34 . 2008-09-16 01:12 81,920 --a------ c:\windows\system32\dpl100.dll
    2009-01-29 14:34 . 2008-06-12 19:36 7,680 --a------ c:\windows\system32\ff_vfw.dll
    2009-01-29 14:34 . 2007-07-10 17:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
    2009-01-29 14:30 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll
    2009-01-29 14:29 . 2009-01-30 12:33 <DIR> d-------- c:\program files\uTorrent
    2009-01-29 14:28 . 2009-01-29 14:28 <DIR> d-------- c:\program files\MSBuild
    2009-01-29 14:28 . 2009-01-29 14:28 <DIR> d-------- c:\program files\Microsoft Works
    2009-01-29 14:28 . 2009-01-30 12:42 <DIR> d-------- c:\documents and settings\Damian\Dane aplikacji\uTorrent
    2009-01-29 14:25 . 2009-01-29 14:28 <DIR> d-------- c:\windows\SHELLNEW
    2009-01-29 14:25 . 2009-01-29 14:30 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
    2009-01-29 14:24 . 2009-01-29 14:24 <DIR> dr-h----- C:\MSOCache
    2009-01-29 14:19 . 2009-01-29 14:19 <DIR> d-------- c:\program files\Kaspersky Lab
    2009-01-29 14:19 . 2009-02-01 11:37 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab
    2009-01-29 14:19 . 2009-02-01 00:58 1,089,568 --ahs---- c:\windows\system32\drivers\fidbox.dat
    2009-01-29 14:19 . 2009-02-01 11:40 245,792 --ahs---- c:\windows\system32\drivers\fidbox2.dat
    2009-01-29 14:19 . 2009-01-29 14:34 96,976 --a------ c:\windows\system32\drivers\klin.dat
    2009-01-29 14:19 . 2009-01-29 14:34 87,855 --a------ c:\windows\system32\drivers\klick.dat
    2009-01-29 14:19 . 2009-02-01 00:58 11,688 --ahs---- c:\windows\system32\drivers\fidbox.idx
    2009-01-29 14:19 . 2009-02-01 11:40 4,016 --ahs---- c:\windows\system32\drivers\fidbox2.idx
    2009-01-29 14:18 . 2009-01-29 14:18 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
    2009-01-29 14:14 . 2009-01-29 14:14 <DIR> d-------- c:\documents and settings\Damian\Dane aplikacji\DAEMON Tools Pro
    2009-01-29 14:14 . 2009-01-29 14:14 <DIR> d-------- c:\documents and settings\Damian\Dane aplikacji\DAEMON Tools
    2009-01-29 14:13 . 2009-01-29 14:13 <DIR> d-------- c:\program files\DAEMON Tools Toolbar
    2009-01-29 14:13 . 2009-01-29 14:21 <DIR> d-------- c:\program files\DAEMON Tools Lite
    2009-01-29 14:13 . 2009-01-29 14:13 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite
    2009-01-29 14:12 . 2009-01-29 14:12 <DIR> d-------- c:\documents and settings\Damian\Dane aplikacji\DAEMON Tools Lite
    2009-01-29 14:12 . 2009-01-29 14:12 717,296 --a------ c:\windows\system32\drivers\sptd.sys
    2009-01-28 20:30 . 2009-01-28 20:30 <DIR> d-------- c:\documents and settings\Damian\Dane aplikacji\HP
    2009-01-28 20:30 . 2009-01-28 20:30 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\WEBREG
    2009-01-28 20:29 . 2009-01-28 20:29 <DIR> d-------- c:\documents and settings\Damian\Dane aplikacji\HPAppData
    2009-01-28 20:29 . 2009-01-28 20:29 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\HPSSUPPLY
    2009-01-28 20:28 . 2009-01-28 20:28 <DIR> d-------- c:\program files\Common Files\HP
    2009-01-28 20:28 . 2009-01-28 20:28 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\HP Product Assistant
    2009-01-28 20:28 . 2009-01-28 20:28 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\HP
    2009-01-28 20:27 . 2009-01-28 20:27 <DIR> d-------- c:\program files\Hewlett-Packard
    2009-01-28 20:27 . 2009-01-28 20:27 <DIR> d-------- c:\program files\Common Files\Hewlett-Packard
    2009-01-28 20:27 . 2007-03-08 05:20 49,920 -ra------ c:\windows\system32\drivers\HPZid412.sys
    2009-01-28 20:27 . 2007-03-08 05:20 21,568 -ra------ c:\windows\system32\drivers\HPZius12.sys
    2009-01-28 20:27 . 2007-03-08 05:20 16,496 -ra------ c:\windows\system32\drivers\HPZipr12.sys
    2009-01-28 20:26 . 2009-01-29 14:41 <DIR> d----c--- c:\windows\system32\DRVSTORE
    2009-01-28 20:26 . 2009-01-28 20:29 <DIR> d-------- c:\program files\HP
    2009-01-28 20:26 . 2009-01-28 20:26 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Hewlett-Packard
    2009-01-28 20:26 . 2007-03-17 17:11 569,344 -ra------ c:\windows\system32\hpotscl3.dll
    2009-01-28 20:26 . 2007-03-08 05:20 364,544 -ra------ c:\windows\system32\hppldcoi.dll
    2009-01-28 20:26 . 2007-03-08 05:20 309,760 -ra------ c:\windows\system32\difxapi.dll
    2009-01-28 20:26 . 2007-03-17 17:11 303,104 -ra------ c:\windows\system32\hpovst10.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) ))
    .
    2009-01-28 11:06 --------- d--h--w c:\program files\InstallShield Installation Information
    2009-01-27 22:33 --------- d-----w c:\program files\Realtek
    2009-01-27 22:31 --------- d-----w c:\program files\Intel
    2009-01-27 22:31 --------- d-----w c:\program files\Analog Devices
    2009-01-27 22:29 --------- d-----w c:\program files\My Company Name
    2009-01-27 22:27 --------- d-----w c:\program files\Common Files\InstallShield
    2009-01-27 21:48 --------- d-----w c:\program files\Usługi online
    2009-01-27 21:46 --------- d-----w c:\program files\Windows Media Connect 2
    .

    ------- Sigcheck -------

    2008-05-02 07:48 361344 8e036eec565910417ea020ce0962aa24 c:\windows\system32\drivers\tcpip.sys
    .
    ((((((((((((((((((((((((((((( snapshot_2009-01-29_17.05.21.92 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2007-12-12 14:06:42 295,606 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1045-7B44-A90000000001}\SC_Reader.exe
    + 2009-01-31 14:07:06 451,072 ----a-w c:\windows\San Andreas Mod Installer\uninstall.exe
    - 2000-08-31 07:00:00 161,792 ----a-w c:\windows\SWREG.exe
    + 2000-08-31 07:00:00 286,720 ----a-w c:\windows\SWREG.exe
    + 2008-10-29 10:29:54 531,968 ----a-w c:\windows\system32\drivers\UMDF\PCCSWpdDriver.dll
    + 2008-03-27 15:27:46 503,008 ------w c:\windows\system32\drivers\wdf01000.sys
    + 2008-03-27 15:27:48 35,040 ------w c:\windows\system32\drivers\wdfldr.sys
    - 2008-05-02 06:46:41 77,568 ----a-w c:\windows\system32\drivers\wudfpf.sys
    + 2006-09-15 21:29:52 76,544 ----a-w c:\windows\system32\drivers\WudfPf.sys
    - 2008-05-02 06:46:42 82,944 ----a-w c:\windows\system32\drivers\wudfrd.sys
    + 2006-09-15 21:30:10 82,688 ----a-w c:\windows\system32\drivers\WudfRd.sys
    + 2008-10-05 03:16:26 235,936 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10a.ex e
    + 2009-01-29 20:48:43 88,590 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activ eX.exe
    - 2009-01-27 21:53:21 39,992 ----a-w c:\windows\system32\perfc009.dat
    + 2009-01-31 23:22:59 40,836 ----a-w c:\windows\system32\perfc009.dat
    - 2009-01-27 21:53:21 49,492 ----a-w c:\windows\system32\perfc015.dat
    + 2009-01-31 23:22:59 50,748 ----a-w c:\windows\system32\perfc015.dat
    - 2009-01-27 21:53:21 311,604 ----a-w c:\windows\system32\perfh009.dat
    + 2009-01-31 23:22:59 314,508 ----a-w c:\windows\system32\perfh009.dat
    - 2009-01-27 21:53:21 355,486 ----a-w c:\windows\system32\perfh015.dat
    + 2009-01-31 23:22:59 358,834 ----a-w c:\windows\system32\perfh015.dat
    - 2007-03-06 03:28:33 16,096 ------w c:\windows\system32\spmsg.dll
    + 2006-09-16 02:02:34 14,640 ------w c:\windows\system32\spmsg.dll
    - 2008-05-02 06:46:41 95,344 ----a-w c:\windows\system32\wudfcoinstaller.dll
    + 2006-09-15 22:30:16 87,040 ----a-w c:\windows\system32\WUDFCoinstaller.dll
    - 2008-05-02 06:46:41 146,432 ----a-w c:\windows\system32\wudfhost.exe
    + 2006-09-15 22:30:06 142,848 ----a-w c:\windows\system32\WudfHost.exe
    - 2008-05-02 06:46:41 165,376 ----a-w c:\windows\system32\wudfplatform.dll
    + 2006-09-15 21:29:54 163,840 ----a-w c:\windows\system32\WudfPlatform.dll
    - 2008-05-02 06:46:42 55,808 ----a-w c:\windows\system32\wudfsvc.dll
    + 2006-09-15 22:30:16 55,296 ----a-w c:\windows\system32\WudfSvc.dll
    + 2008-10-29 10:24:36 831,048 ----a-w c:\windows\system32\WudfUpdate_01005.dll
    - 2008-05-02 06:46:42 316,416 ----a-w c:\windows\system32\wudfx.dll
    + 2006-09-15 22:30:16 308,224 ----a-w c:\windows\system32\WUDFx.dll
    .
    -- Migawka wyzerowana --
    .
    ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
    "Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
    "ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2008-11-24 869888]
    "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
    "Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 507904]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe" [2009-01-29 171448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
    "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
    "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-04-25 201992]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
    "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.e xe" [2006-01-12 155648]
    "nwiz"="nwiz.exe" [2006-06-01 c:\windows\system32\nwiz.exe]
    "NvMediaCenter"="NvMCTray.dll" [2006-06-01 c:\windows\system32\nvmctray.dll]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
    "nltide_2"="shell32" [X]
    "nltide_3"="advpack.dll" [2008-03-01 c:\windows\system32\advpack.dll]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Gadu-Gadu\\gg.exe"=
    "c:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 2009\\Polish\\setup.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
    "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
    "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
    "c:\\totalcmd\\TOTALCMD.EXE"=

    R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-03-25 24592]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{9c3d7df1-ed32-11dd-a413-0018f365470b}]
    \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\ntldr.com g:
    \Shell\Open\command - resycled\ntldr.com g:
    .
    .
    ------- Skan uzupełniający -------
    .
    uStart Page = hxxp://www.onet.pl/
    IE: &Winamp Search - c:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    .

    ************************************************** ************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-01 11:44:02
    Windows 5.1.2600 Dodatek Service Pack 3 NTFS

    skanowanie ukrytych procesów ...

    skanowanie ukrytych wpisów autostartu ...

    skanowanie ukrytych plików ...

    skanowanie pomyślnie ukończone
    ukryte pliki: 0

    ************************************************** ************************
    .
    --------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

    - - - - - - - > &#39;winlogon.exe&#39;(1000)
    c:\windows\system32\klogon.dll[/b]

  6. #6
    Użytkownik
    Dołączył
    01-02-2009
    Skąd
    Siemiatycze
    Posty
    7

    Domyślnie

    Proszę o sprawdzenie
    Kod:
    ComboFix 09-02-02.04 - SGJ 2009-02-04 16:24:05.1 - NTFSx86
    Microsoft Windows XP Professional**5.1.2600.2.1250.1.1045.18.767.485 [GMT 1:00]
    Uruchomiony z: c:\documents and settings\SGJ\Pulpit\ComboFix.exe
    Użyto następujących komend :: c:\documents and settings\SGJ\Pulpit\WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
    AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
    FW: Kaspersky Internet Security *disabled*
     * Utworzono nowy punkt przywracania
    
    UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
    .
    
    (((((((((((((((((((((((((((((((((((((((** Usunięto** )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    
    c:\windows\system32\AutoRun.inf
    
    .
    (((((((((((((((((((((((((** Pliki utworzone od 2009-01-04 do 2009-02-04**)))))))))))))))))))))))))))))))
    .
    
    2009-02-04 11:38 . 2009-02-04 11:38****<DIR>****d--------****c:\program files\MSXML 4.0
    2009-02-04 11:21 . 2008-06-14 19:01****273,024****---------****c:\windows\system32\drivers\bthport.sys
    2009-02-04 11:21 . 2008-06-14 19:01****273,024****-----c---****c:\windows\system32\dllcache\bthport.sys
    2009-02-04 11:19 . 2008-08-14 14:46****2,181,632****-----c---****c:\windows\system32\dllcache\ntoskrnl.exe
    2009-02-04 11:19 . 2008-08-14 14:46****2,137,600****-----c---****c:\windows\system32\dllcache\ntkrnlmp.exe
    2009-02-04 11:19 . 2008-08-14 14:46****2,059,008****-----c---****c:\windows\system32\dllcache\ntkrnlpa.exe
    2009-02-04 11:19 . 2008-08-14 14:46****2,017,280****-----c---****c:\windows\system32\dllcache\ntkrpamp.exe
    2009-02-04 11:09 . 2009-02-04 11:50****<DIR>****d--h-----****c:\windows\$hf_mig$
    2009-02-04 11:09 . 2005-02-25 04:36****22,752****--a------****c:\windows\system32\spupdsvc.exe
    2009-02-03 19:04 . 2009-02-04 10:30****<DIR>****d--------****c:\program files\Odkurzacz
    2009-02-03 17:00 . 2009-02-03 17:00****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\Kaspersky_Key_Finder_(KKF
    2009-02-03 16:31 . 2009-02-03 19:39****101,287****--a------****c:\windows\system32\drivers\klin.dat
    2009-02-03 16:31 . 2009-02-03 19:39****89,601****--a------****c:\windows\system32\drivers\klick.dat
    2009-02-03 16:30 . 2009-02-03 16:30****<DIR>****d--------****c:\program files\Kaspersky Lab
    2009-02-03 16:30 . 2009-02-04 16:28****<DIR>****d--------****c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab
    2009-02-03 16:30 . 2009-02-04 16:26****3,813,408****--ahs----****c:\windows\system32\drivers\fidbox.dat
    2009-02-03 16:30 . 2009-02-04 16:26****327,712****--ahs----****c:\windows\system32\drivers\fidbox2.dat
    2009-02-03 16:30 . 2009-02-04 16:26****32,968****--ahs----****c:\windows\system32\drivers\fidbox.idx
    2009-02-03 16:30 . 2009-02-04 16:26****3,248****--ahs----****c:\windows\system32\drivers\fidbox2.idx
    2009-02-03 16:27 . 2009-02-03 16:27****<DIR>****d--------****c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
    2009-02-03 13:42 . 2009-02-03 13:42****<DIR>****d--------****c:\program files\Trend Micro
    2009-02-01 10:46 . 2009-02-01 10:46****<DIR>****d--------****c:\documents and settings\SGJ\.borland
    2009-02-01 10:41 . 2001-11-29 00:50****430,080****--a------****c:\windows\system32\ibmgr.cpl
    2009-02-01 10:41 . 2001-11-29 00:50****376,832****--a------****c:\windows\system32\gds32.dll
    2009-02-01 10:41 . 2001-11-29 00:50****177,152****--a------****c:\windows\system32\ibinstall.dll
    2009-02-01 10:41 . 2001-11-29 00:50****28,672****--a------****c:\windows\system32\ibxml.dll
    2009-01-31 23:40 . 2009-01-31 23:40****<DIR>****d--------****c:\program files\SpyNet
    2009-01-31 23:40 . 2009-01-31 23:40****<DIR>****d--------****c:\documents and settings\SGJ\WINDOWS
    2009-01-31 23:40 . 1998-10-02 19:00****327,168****--a------****c:\windows\IsUninst.exe
    2009-01-31 23:40 . 1999-06-10 00:17****65,024****--a------****c:\windows\system32\W32N50.dll
    2009-01-31 23:40 . 1999-10-30 10:16****33,792****--a------****c:\windows\system32\Flatbtn.ocx
    2009-01-31 23:40 . 1999-06-10 00:17****23,040****--a------****c:\windows\system32\Pcandis5.sys
    2009-01-31 23:40 . 1999-06-10 00:17****15,408****--a------****c:\windows\system32\Pcandis4.sys
    2009-01-31 23:40 . 1999-06-10 00:17****13,561****--a------****c:\windows\system32\Pcandis3.vxd
    2009-01-31 23:37 . 2009-01-31 23:37****<DIR>****d--------****c:\program files\WinPcap
    2009-01-31 23:36 . 2009-01-31 23:36****<DIR>****d--------****c:\program files\netcut
    2009-01-31 17:49 . 2009-02-03 19:13****<DIR>****d--------****c:\program files\NAPI-PROJEKT
    2009-01-31 16:27 . 2009-01-31 16:29****<DIR>****d--------****c:\program files\sXe Injected
    2009-01-29 22:07 . 2009-01-29 22:07****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\Gadu-Gadu
    2009-01-29 22:06 . 2009-02-03 19:13****<DIR>****d--------****c:\program files\GG Skin Manager
    2009-01-29 21:53 . 2009-01-29 21:53****<DIR>****d--------****c:\program files\Gadu-Gadu
    2009-01-29 21:53 . 2009-02-03 16:24****<DIR>****d--------****c:\documents and settings\SGJ\Gadu-Gadu
    2009-01-29 18:17 . 2009-01-29 18:17****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\SolidWorksNewsReader
    2009-01-29 18:16 . 2009-02-03 19:13****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\SolidWorks
    2009-01-29 18:15 . 2009-01-29 18:15****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\DWGeditor
    2009-01-29 18:14 . 2009-01-29 18:14****<DIR>****d--------****c:\program files\SolidWorks Installation Manager
    2009-01-29 18:14 . 2009-01-29 18:14****0****--a------****c:\windows\eDrawingOfficeAutomator.INI
    2009-01-29 18:13 . 2004-11-05 11:08****670,208****--a------****c:\windows\system32\drivers\hardlock.sys
    2009-01-29 18:12 . 2009-01-29 18:14****<DIR>****d--------****c:\program files\Common Files\eDrawings2007
    2009-01-29 18:12 . 2009-01-29 18:12****23****--ah-----****c:\windows\yacht.xws
    2009-01-29 18:07 . 2009-01-29 18:15****<DIR>****d--------****c:\program files\Common Files\SolidWorks Shared
    2009-01-29 18:06 . 2009-01-29 18:06****42****--a------****c:\windows\trailer.xws
    2009-01-29 14:59 . 2009-01-29 14:59****<DIR>****d--------****c:\program files\PowerISO
    2009-01-28 09:58 . 1998-10-07 12:54****327,168****--a------****c:\windows\IsUn0415.exe
    2009-01-27 15:03 . 2009-01-27 15:03****<DIR>****d--------****c:\program files\Asprate
    2009-01-26 13:09 . 2009-01-26 13:12****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\Tibia
    2009-01-26 01:35 . 2009-01-26 01:35****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\Thinstall
    2009-01-24 20:34 . 2009-01-24 20:34****<DIR>****d--------****c:\program files\Counter-Strike 1.6 V35
    2009-01-24 15:37 . 2009-02-03 10:14****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\Hamachi
    2009-01-24 15:36 . 2009-01-24 15:37****<DIR>****d--------****c:\program files\Hamachi
    2009-01-24 15:36 . 2009-01-24 15:36****25,280****--a------****c:\windows\system32\drivers\hamachi.sys
    2009-01-24 13:19 . 2009-01-24 13:19****<DIR>****d--------****c:\documents and settings\All Users\Dane aplikacji\FLEXnet
    2009-01-24 13:08 . 2009-01-24 13:08****<DIR>****d--h-----****c:\windows\system32\GroupPolicy
    2009-01-24 08:52 . 2009-01-24 08:52****<DIR>****d--------****c:\program files\Logitech
    2009-01-24 08:52 . 2008-12-17 06:55****195,096****--a------****c:\windows\system32\lvci11901262.dll
    2009-01-23 19:44 . 2004-08-03 23:10****19,328****--a------****c:\windows\system32\drivers\WSTCODEC.SYS
    2009-01-23 19:44 . 2004-08-03 23:10****19,328****--a--c---****c:\windows\system32\dllcache\wstcodec.sys
    2009-01-23 19:44 . 2004-08-04 00:44****16,384****--a------****c:\windows\system32\ipsink.ax
    2009-01-23 19:44 . 2004-08-04 00:44****16,384****--a--c---****c:\windows\system32\dllcache\ipsink.ax
    2009-01-23 19:44 . 2004-08-03 23:10****15,360****--a------****c:\windows\system32\drivers\StreamIP.sys
    2009-01-23 19:44 . 2004-08-03 23:10****15,360****--a--c---****c:\windows\system32\dllcache\streamip.sys
    2009-01-23 19:44 . 2004-08-03 23:10****11,136****--a------****c:\windows\system32\drivers\SLIP.sys
    2009-01-23 19:44 . 2004-08-03 23:10****11,136****--a--c---****c:\windows\system32\dllcache\slip.sys
    2009-01-23 19:44 . 2004-08-03 23:10****10,880****--a------****c:\windows\system32\drivers\NdisIP.sys
    2009-01-23 19:44 . 2004-08-03 23:10****10,880****--a--c---****c:\windows\system32\dllcache\ndisip.sys
    2009-01-23 19:42 . 2009-01-24 08:53****<DIR>****d--------****c:\program files\Common Files\LogiShrd
    2009-01-23 19:42 . 2009-01-23 19:42****<DIR>****d--------****c:\documents and settings\All Users\Dane aplikacji\Logitech
    2009-01-23 19:42 . 2009-01-24 08:52****<DIR>****d--------****c:\documents and settings\All Users\Dane aplikacji\Logishrd
    2009-01-23 18:59 . 2009-01-23 18:59****<DIR>****d--------****c:\program files\Restorator 2007
    2009-01-23 18:59 . 2007-07-29 15:53****117,248****--a------****c:\windows\system32\RestoratorContextMenu.dll
    2009-01-23 18:40 . 2009-01-23 19:30****<DIR>****d--------****c:\program files\HideAnyWindow
    2009-01-23 18:31 . 2009-01-23 18:31****<DIR>****d--------****c:\program files\Microsoft Silverlight
    2009-01-20 07:50 . 2009-01-20 07:50****<DIR>****d--------****c:\program files\XBox 360 Controller for Windows Software
    2009-01-17 17:41 . 2009-01-17 17:41****<DIR>****d--------****c:\program files\Common Files\Macrovision Shared
    2009-01-16 20:15 . 2009-01-16 20:15****<DIR>****d---s----****c:\documents and settings\SGJ\UserData
    2009-01-16 20:14 . 2009-01-16 20:14****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\HP
    2009-01-16 14:41 . 2004-08-04 00:44****159,232****--a------****c:\windows\system32\ptpusd.dll
    2009-01-16 14:41 . 2001-10-26 17:29****5,632****--a------****c:\windows\system32\ptpusb.dll
    2009-01-15 20:17 . 2009-01-15 20:17****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\fretsonfire
    2009-01-15 19:32 . 2009-01-29 11:47****<DIR>****d--------****C:\Fraps
    2009-01-15 19:32 . 2009-01-31 22:02****<DIR>****d-a------****c:\documents and settings\All Users\Dane aplikacji\TEMP
    2009-01-15 09:37 . 2009-01-15 09:37****42,320****--a------****c:\windows\system32\xfcodec.dll
    2009-01-13 15:15 . 2009-01-13 15:15****4,096****--a------****c:\windows\d3dx.dat
    2009-01-13 07:51 . 2009-01-13 07:51****<DIR>****d--------****c:\program files\Microsoft Works
    2009-01-13 07:48 . 2009-01-13 07:48****<DIR>****d--------****c:\windows\SHELLNEW
    2009-01-13 07:47 . 2009-01-13 07:47****<DIR>****dr-h-----****C:\MSOCache
    2009-01-13 07:47 . 2009-02-03 17:48****<DIR>****d--------****c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
    2009-01-12 18:51 . 2009-01-12 18:51****<DIR>****d--------****c:\program files\FDRLab
    2009-01-11 17:24 . 2009-01-17 17:49****<DIR>****d--------****c:\program files\Common Files\Adobe
    2009-01-10 13:15 . 2009-01-10 13:15****<DIR>****d--------****c:\program files\7-Zip
    2009-01-10 11:25 . 2009-01-26 17:32****<DIR>****d--------****c:\program files\Oront Burning Kit 2
    2009-01-10 11:25 . 2009-01-10 11:25****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\Obsidium
    2009-01-10 11:25 . 2009-01-10 11:25****<DIR>****d--h-----****c:\documents and settings\All Users\Dane aplikacji\{0D1CA9D8-C5EE-4BD3-9609-546CE906187E}
    2009-01-09 16:23 . 2009-01-09 16:36****733****--a------****c:\windows\CoD.INI
    2009-01-09 15:47 . 2009-01-09 15:47****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\DivX
    2009-01-09 15:39 . 2009-01-09 15:39****<DIR>****d--------****c:\program files\DivX
    2009-01-09 15:33 . 2009-01-09 15:33****<DIR>****d--------****c:\program files\Headshot Player
    2009-01-08 22:59 . 2009-01-08 22:59****<DIR>****d--------****c:\documents and settings\All Users\Dane aplikacji\WEBREG
    2009-01-08 22:58 . 2009-01-08 22:58****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\HPAppData
    2009-01-08 22:58 . 2009-01-08 22:58****<DIR>****d--------****c:\documents and settings\All Users\Dane aplikacji\HPSSUPPLY
    2009-01-08 22:57 . 2009-01-08 22:57****<DIR>****d--------****c:\program files\Hewlett-Packard
    2009-01-08 22:57 . 2009-01-08 22:57****<DIR>****d--------****c:\program files\Common Files\HP
    2009-01-08 22:57 . 2009-01-08 22:57****<DIR>****d--------****c:\documents and settings\All Users\Dane aplikacji\HP Product Assistant
    2009-01-08 22:57 . 2009-01-08 22:57****<DIR>****d--------****c:\documents and settings\All Users\Dane aplikacji\HP
    2009-01-08 22:56 . 2009-01-08 22:56****<DIR>****d--------****c:\program files\Common Files\Hewlett-Packard
    2009-01-08 22:56 . 2009-01-08 22:56****<DIR>****d--------****c:\documents and settings\All Users\Dane aplikacji\Hewlett-Packard
    2009-01-08 22:56 . 2007-03-28 14:01****118,272****--a------****c:\windows\system32\hpz3l5ha.dll
    2009-01-08 22:56 . 2004-08-03 22:58****15,104****--a------****c:\windows\system32\drivers\usbscan.sys
    2009-01-08 22:56 . 2004-08-03 22:58****15,104****--a--c---****c:\windows\system32\dllcache\usbscan.sys
    2009-01-08 22:55 . 2009-01-08 22:58****<DIR>****d--------****c:\program files\HP
    2009-01-08 22:31 . 2004-08-03 23:01****25,856****--a------****c:\windows\system32\drivers\usbprint.sys
    2009-01-08 22:31 . 2004-08-03 23:01****25,856****--a--c---****c:\windows\system32\dllcache\usbprint.sys
    2009-01-08 22:30 . 2009-01-08 22:31****<DIR>****d--------****c:\program files\Real Alternative
    2009-01-08 22:30 . 2009-01-08 22:30****<DIR>****d--------****c:\documents and settings\SGJ\Dane aplikacji\Media Player Classic
    2009-01-08 22:30 . 2003-03-19 04:14****499,712****--a------****c:\windows\system32\msvcp71.dll
    
    .
    ((((((((((((((((((((((((((((((((((((((((** Sekcja Find3M** ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-02-04 10:09****---------****d-----w****c:\program files\FlashGet
    2009-02-03 18:13****---------****d-----w****c:\program files\Xfire
    2009-02-03 15:20****---------****d-----w****c:\documents and settings\SGJ\Dane aplikacji\Tlen.pl
    2009-01-31 17:09****---------****d--h--w****c:\program files\InstallShield Installation Information
    2009-01-31 14:31****---------****d-----w****c:\documents and settings\SGJ\Dane aplikacji\Xfire
    2009-01-07 13:16****444,952****----a-w****c:\windows\system32\wrap_oal.dll
    2009-01-07 13:16****109,080****----a-w****c:\windows\system32\OpenAL32.dll
    2009-01-06 19:58****---------****d-----w****c:\program files\Common Files\INCA Shared
    2009-01-06 19:36****---------****d-----w****c:\program files\Common Files\InstallShield
    2009-01-06 19:35****---------****d-----w****c:\documents and settings\NetworkService\Dane aplikacji\Xfire
    2009-01-06 18:57****---------****d-----w****c:\program files\Tlen.pl
    2009-01-06 18:57****---------****d-----w****c:\documents and settings\All Users\Dane aplikacji\Tlen.pl
    2009-01-06 18:49****---------****d-----w****c:\program files\WLAN
    2009-01-06 18:47****---------****d-----w****c:\program files\Realtek Sound Manager
    2009-01-06 18:47****---------****d-----w****c:\program files\AvRack
    2009-01-06 18:46****---------****d-----w****c:\program files\Intel
    2009-01-06 18:40****---------****d-----w****c:\program files\microsoft frontpage
    2009-01-06 18:38****---------****d-----w****c:\program files\Usługi online
    2008-12-19 15:39****81,920****----a-w****c:\windows\system32\frapsvid.dll
    2008-12-17 06:01****432,664****----a-w****c:\windows\system32\LVUI2RC.dll
    2008-12-17 06:01****41,752****----a-w****c:\windows\system32\drivers\LVUSBSta.sys
    2008-12-17 06:00****494,104****----a-w****c:\windows\system32\LVUI2.dll
    2008-12-17 05:55****416,280****----a-w****c:\windows\system32\lvcodec2.dll
    2008-12-17 05:54****495,640****----a-w****c:\windows\system32\drivers\LV561AV.SYS
    2008-12-16 20:58****25,624****----a-w****c:\windows\system32\drivers\LVPr2Mon.sys
    2008-12-16 20:50****13,584****----a-w****c:\windows\system32\drivers\iKeyLgFT.dll
    2008-12-16 20:38****85,302****----a-w****c:\windows\system32\drivers\LVFeL002.cfg
    2008-12-16 20:38****69,592****----a-w****c:\windows\system32\drivers\LVFaL000.cfg
    2008-12-16 20:38****227,172****----a-w****c:\windows\system32\drivers\LVFeL000.cfg
    2008-12-16 20:38****146,680****----a-w****c:\windows\system32\drivers\LVFeL001.cfg
    2008-12-11 11:57****333,184****----a-w****c:\windows\system32\drivers\srv.sys
    2008-12-11 00:33****86,016****----a-w****c:\windows\system32\dpl100.dll
    2008-12-11 00:33****200,704****----a-w****c:\windows\system32\dtu100.dll
    2008-12-09 02:28****593,920****----a-w****c:\windows\system32\dpuGUI11.dll
    2008-12-09 02:28****57,344****----a-w****c:\windows\system32\dpv11.dll
    2008-12-09 02:28****344,064****----a-w****c:\windows\system32\dpus11.dll
    2008-12-09 02:28****294,912****----a-w****c:\windows\system32\dpu11.dll
    2008-12-01 20:52****425,984****----a-w****c:\windows\system32\ATIDEMGX.dll
    2008-12-01 20:51****318,464****----a-w****c:\windows\system32\ati2dvag.dll
    2008-12-01 20:46****11,304,960****----a-w****c:\windows\system32\atioglxx.dll
    2008-12-01 20:41****188,416****----a-w****c:\windows\system32\atipdlxx.dll
    2008-12-01 20:40****43,520****----a-w****c:\windows\system32\ati2edxx.dll
    2008-12-01 20:40****26,112****----a-w****c:\windows\system32\Ati2mdxx.exe
    2008-12-01 20:40****147,456****----a-w****c:\windows\system32\Oemdspif.dll
    2008-12-01 20:40****143,360****----a-w****c:\windows\system32\ati2evxx.dll
    2008-12-01 20:38****598,016****----a-w****c:\windows\system32\ati2evxx.exe
    2008-12-01 20:37****53,248****----a-w****c:\windows\system32\ATIDDC.DLL
    2008-12-01 20:27****4,120,384****----a-w****c:\windows\system32\ati3duag.dll
    2008-12-01 20:19****307,200****----a-w****c:\windows\system32\atiiiexx.dll
    2008-12-01 20:11****2,495,360****----a-w****c:\windows\system32\ativvaxx.dll
    2008-12-01 19:57****48,640****----a-w****c:\windows\system32\amdpcom32.dll
    2008-12-01 19:53****45,056****----a-w****c:\windows\system32\amdcalrt.dll
    2008-12-01 19:53****45,056****----a-w****c:\windows\system32\amdcalcl.dll
    2008-12-01 19:53****401,408****----a-w****c:\windows\system32\atikvmag.dll
    2008-12-01 19:52****86,016****----a-w****c:\windows\system32\atiadlxx.dll
    2008-12-01 19:52****17,408****----a-w****c:\windows\system32\atitvo32.dll
    2008-12-01 19:50****3,252,224****----a-w****c:\windows\system32\Amdcaldd.dll
    2008-12-01 19:50****286,720****----a-w****c:\windows\system32\atiok3x2.dll
    2008-12-01 19:45****577,536****----a-w****c:\windows\system32\ati2cqag.dll
    2008-12-01 13:35****593,920****------w****c:\windows\system32\ati2sgag.exe
    2008-11-06 16:37****524,288****----a-w****c:\windows\system32\DivXsm.exe
    2008-11-06 16:37****3,596,288****----a-w****c:\windows\system32\qt-dx331.dll
    2008-11-06 16:37****129,784****------w****c:\windows\system32\pxafs.dll
    2008-11-06 16:37****120,056****------w****c:\windows\system32\pxcpyi64.exe
    2008-11-06 16:37****118,520****------w****c:\windows\system32\pxinsi64.exe
    2008-11-06 16:35****200,704****----a-w****c:\windows\system32\ssldivx.dll
    2008-11-06 16:35****1,044,480****----a-w****c:\windows\system32\libdivx.dll
    2008-11-06 16:33****823,296****----a-w****c:\windows\system32\divx_xx0c.dll
    2008-11-06 16:33****823,296****----a-w****c:\windows\system32\divx_xx07.dll
    2008-11-06 16:33****815,104****----a-w****c:\windows\system32\divx_xx0a.dll
    2008-11-06 16:33****802,816****----a-w****c:\windows\system32\divx_xx11.dll
    2008-11-06 16:33****684,032****----a-w****c:\windows\system32\DivX.dll
    2008-11-06 16:33****12,288****----a-w****c:\windows\system32\DivXWMPExtType.dll
    .
    
    (((((((((((((((((((((((((((((((((((((** Wpisy startowe rejestru** ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane**
    REGEDIT4
    
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
    "Komunikator"="c:\program files\Tlen.pl\tlen.exe" [2008-11-28 5837800]
    "Odkurzacz-MCD"="c:\program files\Odkurzacz\odk_mcd.exe" [2008-08-16 264704]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 201992]
    "SoundMan"="SOUNDMAN.EXE" [2003-08-15 c:\windows\SOUNDMAN.EXE]
    
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
    
    c:\documents and settings\All Users\Menu Start\Programy\Autostart\
    WConfig.lnk - c:\program files\WLAN\WConfig\WConfig.exe [2009-01-06 385024]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.XFR1"= xfcodec.dll
    
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
    backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
    
    [HKLM\~\startupfolder\C:^Documents and Settings^SGJ^Menu Start^Programy^Autostart^hamachi.lnk]
    path=c:\documents and settings\SGJ\Menu Start\Programy\Autostart\hamachi.lnk
    backup=c:\windows\pss\hamachi.lnkStartup
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    --a------ 2008-06-12 02:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
    --a------ 2007-09-25 09:10 2007088 c:\program files\FlashGet\flashget.exe
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    --a------ 2007-03-11 21:34 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Komunikator]
    --a------ 2008-11-28 11:48 5837800 c:\program files\Tlen.pl\tlen.exe
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
    --a------ 2008-12-20 07:50 2656528 c:\program files\Logitech\QuickCam\Quickcam.exe
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
    --a------ 2008-11-02 09:38 167936 c:\program files\PowerISO\PWRISOVM.EXE
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    -ra------ 2008-11-07 14:31 21633320 c:\program files\Skype\Phone\Skype.exe
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2009-01-07 17:57 136600 c:\program files\Java\jre6\bin\jusched.exe
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sXe Injected]
    --a------ 2008-12-19 23:31 1372160 c:\program files\sXe Injected\sXe Injected.exe
    
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001
    
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001
    
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\FlashGet\\flashget.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    
    R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
    R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-03-13 26640]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-03-25 24592]
    R3 RT2400PCI;802.11b WLAN PCI;c:\windows\system32\drivers\rt2400.sys [2009-01-06 61056]
    S3 ddsxeiservice;ddsxeiservice2;c:\program files\sXe Injected\ddsxei.sys [2008-12-19 49408]
    S3 InterServer;InterBase InterClient Server;e:\program files\Borland\InterBase\InterClient\bin\interserver.exe [2009-02-01 114176]
    S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12****REG_MULTI_SZ** ****Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt****REG_MULTI_SZ** ****hpqcxs08 hpqddsvc
    .
    - - - - USUNIĘTO PUSTE WPISY - - - -
    
    MSConfigStartUp-ares - c:\program files\Ares\Ares.exe
    MSConfigStartUp-HideAnyWindow - c:\documents and settings\SGJ\Pulpit\Hide.Any.Window.v2.7.Crack.ReadNFO-tRUE\Hide.Any.Window.v2.7.Crack.ReadNFO-tRUE\haw.exe
    
    
    .
    ------- Skan uzupełniający -------
    .
    uStart Page = about:blank
    mStart Page = about:blank
    uInternet Settings,ProxyOverride = *.local
    IE: &Ściągnij przy pomocy FlashGet&#39;a - c:\program files\FlashGet\jc_link.htm
    IE: &Ściągnij wszystko przy pomocy FlashGet&#39;a - c:\program files\FlashGet\jc_all.htm
    IE: Dodaj do listy blokowanych banerów - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
    IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    TCP: {09026B6A-671E-4C7C-88BB-1789EA7CDB6B} = 192.168.1.4
    FF - ProfilePath - c:\documents and settings\SGJ\Dane aplikacji\Mozilla\Firefox\Profiles\7lgp44g3.default\
    FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
    .
    
    **************************************************************************
    
    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-04 16:28:18
    Windows 5.1.2600 Dodatek Service Pack 2 NTFS
    
    skanowanie ukrytych procesów ...**
    
    skanowanie ukrytych wpisów autostartu ... 
    
    skanowanie ukrytych plików ...**
    
    skanowanie pomyślnie ukończone
    ukryte pliki: 0
    
    **************************************************************************
    .
    --------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
    
    - - - - - - - > &#39;winlogon.exe&#39;(1196)
    c:\windows\system32\Ati2evxx.dll
    c:\windows\system32\klogon.dll
    
    - - - - - - - > &#39;explorer.exe&#39;(7728)
    c:\windows\TEMP\logishrd\LVPrcInj01.dll
    .
    ------------------------ Pozostałe uruchomione procesy ------------------------
    .
    c:\windows\system32\ati2evxx.exe
    c:\windows\system32\ati2evxx.exe
    e:\program files\Borland\InterBase\bin\ibguard.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    c:\windows\system32\PnkBstrA.exe
    e:\program files\Borland\InterBase\bin\ibserver.exe
    c:\windows\system32\imapi.exe
    .
    **************************************************************************
    .
    Czas ukończenia: 2009-02-04 16:31:29 - komputer został uruchomiony ponownie [SGJ]
    ComboFix-quarantined-files.txt**2009-02-04 15:31:11
    
    Przed: 2,040,008,704 bajtów wolnych
    Po: 2,130,939,904 bajtów wolnych
    
    333****--- E O F ---****2009-02-04 10:51:02

  7. #7
    Użytkownik
    Dołączył
    14-05-2009
    Posty
    10

    Domyślnie

    Log z HijackThis
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:53:03, on 2009-05-15
    Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ULi5287\ULi5287.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\Winamp\winampa.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Tlen.pl\tlen.exe
    C:\xampp\apache\bin\apache.exe
    C:\Program Files\Nowe Gadu-Gadu\gg.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
    C:\xampp\mysql\bin\mysqld-nt.exe
    C:\xampp\apache\bin\apache.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [ULiRaid] C:\Program Files\ULi5287\ULi5287.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
    O4 - HKCU\..\Run: [EdHTML] C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe /none
    O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe"
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User &#39;SYSTEM&#39
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User &#39;Default user&#39
    O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra &#39;Tools&#39; menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra &#39;Tools&#39; menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\apache.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe

    --
    End of file - 5118 bytes[/b]
    Log z ComboFix
    ComboFix 09-05-15.01 - Mateusz 2009-05-15 19:38.1 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.1535.729 [GMT 2:00]
    Uruchomiony z: c:\documents and settings\Mateusz\Pulpit\ComboFix.exe
    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

    UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
    .

    ((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\system\smss.exe
    c:\windows\system32\ccbcccfc4_z.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_POWERMANAGER
    -------\Service_PowerManager


    ((((((((((((((((((((((((( Pliki utworzone od 2009-04-15 do 2009-05-15 )))))))))))))))))))))))))))))))
    .

    2009-05-15 17:30 . 2009-05-15 17:33 -------- d-----w c:\program files\Unlocker
    2009-05-15 11:39 . 2009-05-15 11:39 -------- d-----w c:\documents and settings\Mateusz\Dane aplikacji\Tibia
    2009-05-15 11:38 . 2009-05-15 11:38 -------- d-----w c:\program files\Tibia
    2009-05-15 11:36 . 2009-05-15 11:36 -------- d-----w c:\program files\TibiaCam TV Lite
    2009-05-14 14:05 . 2009-05-14 14:05 -------- d-----w c:\program files\IrfanView
    2009-05-14 11:57 . 2009-05-14 11:57 -------- d-----w c:\program files\Trend Micro
    2009-05-14 09:02 . 2009-05-14 11:14 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\OpenFM
    2009-05-14 09:02 . 2009-05-14 09:02 -------- d-----w c:\documents and settings\Mateusz\Dane aplikacji\OpenFM
    2009-05-14 09:01 . 2009-05-15 11:39 -------- d-----w C:\Logs
    2009-05-14 08:00 . 2009-05-14 08:01 -------- d-----w c:\program files\Nowe Gadu-Gadu
    2009-05-14 07:51 . 2009-05-14 09:01 -------- d-----w c:\windows\SxsCaPendDel
    2009-05-13 18:12 . 2009-05-14 07:53 -------- d--h--w C:\$AVG8.VAULT$
    2009-05-13 18:10 . 2009-05-15 11:20 11952 ----a-w c:\windows\system32\avgrsstx.dll
    2009-05-13 18:10 . 2009-05-15 11:20 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
    2009-05-13 18:09 . 2009-05-15 11:20 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
    2009-05-13 18:09 . 2009-05-15 11:21 -------- d-----w c:\windows\system32\drivers\Avg
    2009-05-13 18:09 . 2009-05-14 07:38 -------- d-----w c:\documents and settings\Mateusz\Dane aplikacji\AVGTOOLBAR
    2009-05-13 18:09 . 2009-05-13 18:09 -------- d-----w c:\program files\AVG
    2009-05-13 18:09 . 2009-05-13 18:09 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\avg8
    2009-05-13 17:41 . 2009-05-13 17:42 -------- d-----w c:\program files\jv16 PowerTools 2008
    2009-04-20 18:33 . 2009-05-14 07:25 -------- d-----w c:\documents and settings\Mateusz\Tracing
    2009-04-20 18:22 . 2006-11-29 11:06 3426072 ----a-w c:\windows\system32\d3dx9_32.dll
    2009-04-20 18:20 . 2009-04-20 18:24 -------- d-----w c:\program files\Microsoft
    2009-04-20 18:07 . 2009-04-20 18:07 -------- d-----w c:\program files\Common Files\Windows Live

    .
    (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) ))
    .
    2009-05-14 07:45 . 2008-06-24 12:52 -------- d-----w c:\program files\Ahead
    2009-05-14 07:45 . 2008-06-24 12:52 -------- d-----w c:\program files\Common Files\Ahead
    2009-05-14 07:33 . 2008-03-27 19:45 -------- d--h--w c:\program files\InstallShield Installation Information
    2009-04-20 20:33 . 2001-10-26 16:15 84336 ----a-w c:\windows\system32\perfc015.dat
    2009-04-20 20:33 . 2001-10-26 16:15 491140 ----a-w c:\windows\system32\perfh015.dat
    2009-04-20 18:33 . 2008-03-27 19:43 41056 ----a-w c:\documents and settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
    2009-04-04 11:26 . 2009-04-04 11:26 -------- d-----w c:\program files\microsoft frontpage
    2009-03-24 12:54 . 2009-03-24 12:54 -------- d-----w c:\program files\MSBuild
    2009-03-24 12:54 . 2009-03-24 12:54 115944 ----a-w c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
    2009-03-24 12:50 . 2009-03-24 12:50 -------- d-----w c:\program files\Reference Assemblies
    2009-03-15 08:49 . 2009-03-15 08:49 70 ----a-w c:\windows\brassi.dat
    2009-03-15 08:49 . 2009-03-15 08:49 413184 ----a-w c:\windows\system32\paintball.scr
    2009-03-14 23:03 . 2009-03-14 23:03 1700352 ----a-w c:\windows\system32\gdiplus.dll
    2009-02-17 16:58 . 2009-02-17 16:58 65536 ----a-w c:\windows\IFinst27.exe
    2009-02-11 07:44 . 2009-02-11 07:44 10022 --sha-w c:\windows\system32\KGyGaAvL.sys
    .

    ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
    "Komunikator"="c:\program files\Tlen.pl\tlen.exe" [2008-01-15 6290944]
    "EdHTML"="c:\program files\Binboy\EdHTMLv5.0\EdHTML.exe" [2003-03-24 1443328]
    "Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-04-20 9818728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
    "ULiRaid"="c:\program files\ULi5287\ULi5287.exe" [2005-08-23 409600]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
    "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-03-27 36352]
    "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-15 1947928]
    "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]
    "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2005-07-13 14679552]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
    2009-05-15 11:20 11952 ----a-w c:\windows\system32\avgrsstx.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^SnagIt 8.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\SnagIt 8.lnk
    backup=c:\windows\pss\SnagIt 8.lnkCommon Startup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg

    [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\Tibia\\tibia.exe"=
    "c:\\Documents and Settings\\Mateusz\\Pulpit\\Kostladek =)\\Tibia =)\\OT =]\\DevLand_0.96b_XML\\DevLand_0.96b_XML\\Project-XML\\DevLand-XML.exe"=
    "c:\\Documents and Settings\\Mateusz\\Pulpit\\Kostladek =)\\Tibia =)\\OT =]\\Evolution 8.1 - By Aciek .. WERSJA POPRAWNA\\Evolution 8.1 - By Aciek .. WERSJA POPRAWNA\\By Aciek v2.0.exe"=
    "c:\\Documents and Settings\\Mateusz\\Pulpit\\Kostladek =)\\Tibia =)\\OT =]\\DevLand-XML 0 1 .97b\\Project-XML\\DevLand-XML.exe"=
    "c:\\Documents and Settings\\Mateusz\\Pulpit\\Kostladek =)\\Tibia =)\\OT =]\\Aries 0.4.5 XML\\Aries 0.4.5 - XML\\Aries-XML.exe"=
    "c:\\Documents and Settings\\Mateusz\\Pulpit\\Kostladek =)\\Tibia =)\\OT =]\\Servfull\\Servfull\\Servfull.exe"=
    "c:\\Program Files\\Tlen.pl\\tlen.exe"=
    "c:\\Documents and Settings\\Mateusz\\Ustawienia lokalne\\Dane aplikacji\\MM-Project Evolutions-XML.exe"=
    "c:\\Documents and Settings\\Mateusz\\Pulpit\\Kostladek =)\\Tibia =)\\OT =]\\Salvion44+Film\\Salvion44\\Salvion 4.4 XML + POI\\Salvion.exe"=
    "c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
    "c:\\xampp\\apache\\bin\\apache.exe"=
    "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
    "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
    "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

    R0 m5287;m5287;c:\windows\system32\drivers\m5287.sys [2006-03-10 101120]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-05-13 325896]
    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-05-13 108552]
    R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [2008-06-14 17408]
    R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-05-13 908568]
    R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-05-13 298776]

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{0e2ef5f0-13d3-11dd-963a-00142a9e8abc}]
    \Shell\AutoRun\command - F:\vnlcurgm.exe
    \Shell\explore\Command - F:\vnlcurgm.exe
    \Shell\open\Command - F:\vnlcurgm.exe
    .
    - - - - USUNIĘTO PUSTE WPISY - - - -

    BHO-{AE90C38C-97CF-4696-B290-C7973DC9675E} - c:\program files\Little Fighter 2 Toolbar\v3.3.0.1\Little_Fighter_2_Toolbar.dll
    Toolbar-{C3CD744D-2FAE-4640-8297-16B5DA423104} - c:\program files\Little Fighter 2 Toolbar\v3.3.0.1\Little_Fighter_2_Toolbar.dll
    WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
    WebBrowser-{C3CD744D-2FAE-4640-8297-16B5DA423104} - c:\program files\Little Fighter 2 Toolbar\v3.3.0.1\Little_Fighter_2_Toolbar.dll
    HKCU-Run-MSMSGS - c:\program files\Messenger\msmsgs.exe
    HKCU-Run-KxptG - c:\windows\KxptG.exe
    HKLM-Run-lsass.exe - c:\windows\lsass.exe
    HKLM-Run-System Files Updater - c:\windows\FlyakiteOSX\System Files Updater.exe
    Notify-WgaLogon - (no file)


    .
    ------- Skan uzupełniający -------
    .
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    FF - ProfilePath - c:\documents and settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\tow28hmx.defaul t\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
    FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
    FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
    FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector .dll
    FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
    .

    ************************************************** ************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-15 19:42
    Windows 5.1.2600 Dodatek Service Pack 2 NTFS

    skanowanie ukrytych procesów ...

    skanowanie ukrytych wpisów autostartu ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    lsass.exe = c:\windows\lsass.exe?????????????????????????????

    skanowanie ukrytych plików ...

    skanowanie pomyślnie ukończone
    ukryte pliki: 0

    ************************************************** ************************
    .
    --------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

    - - - - - - - > &#39;winlogon.exe&#39;(728)
    c:\windows\system32\Ati2evxx.dll

    - - - - - - - > &#39;explorer.exe&#39;(7700)
    c:\program files\Tlen.pl\hook.dll
    c:\windows\system32\browselc.dll
    c:\program files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
    c:\program files\Microsoft Office\OFFICE11\msohev.dll
    c:\windows\system32\shdoclc.dll
    .
    ------------------------ Pozostałe uruchomione procesy ------------------------
    .
    c:\windows\system32\ati2evxx.exe
    c:\windows\system32\ati2evxx.exe
    c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\program files\Nowe Gadu-Gadu\spellchecker_gg.exe
    c:\xampp\mysql\bin\mysqld-nt.exe
    c:\windows\system32\wdfmgr.exe
    c:\program files\AVG\AVG8\avgrsx.exe
    c:\progra~1\AVG\AVG8\avgnsx.exe
    c:\program files\AVG\AVG8\avgcsrvx.exe
    c:\windows\system32\wscntfy.exe
    .
    ************************************************** ************************
    .
    Czas ukończenia: 2009-05-15 19:44 - komputer został uruchomiony ponownie
    ComboFix-quarantined-files.txt 2009-05-15 17:44

    Przed: 44*573*671*424 bajtów wolnych
    Po: 44*868*743*168 bajtów wolnych

    182 --- E O F --- 2008-12-19 07:38[/b]

  8. #8
    Khalt
    Guest

    Domyślnie

    Mateuszu ... xP

    Ja nic nie znalazłem. Natomiast polecam przestać grać w Tibię i odpuścić sobie zabawę z OTS&#39;ami :P.

  9. #9
    Użytkownik
    Dołączył
    14-05-2009
    Posty
    10

    Domyślnie

    Regulamin zabrania o rozmawianiu o Tibii, ale... W Tibie właśnie przestałem grać... Strata czasu jak i pieniędzy. Pozostałem przy filmach.
    Na innym forum uzyskałem odpowiedź, że to nie potrzebne
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"[/b]

  10. #10
    Khalt
    Guest

    Domyślnie

    No cóż... "niepotrzebna" to jest większość rzeczy, które tam masz w tych logach. Bo co jest tak na prawdę potrzebne ... ?

    Winamp Agent szkodliwy nie jest. Ułatwia korzystanie z/pracę Winamp&#39;a. Jeśli już tak bardzo go nie chcesz to wejdź do opcji Winamp&#39;a i w "File Types" wyłącz go.

    Regulamin zabrania o rozmawianiu o Tibii[/b]
    Żeby się pozbyć przeciwnika (w tym przypadku - szkodnika) trzeba mu stawić czoła, a nie unikać go niczym tchórz ... XD.

  11. #11
    Użytkownik
    Dołączył
    01-02-2009
    Skąd
    Siemiatycze
    Posty
    7

    Domyślnie

    Kod:
    ComboFix 09-06-05.07 - WieslaweK 2009-06-06 14:59.1 - NTFSx86
    Microsoft Windows XP Professional**5.1.2600.2.1250.48.1045.18.767.530 [GMT 2:00]
    Uruchomiony z: c:\downloads\ComboFix.exe
    
    UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
    .
    
    (((((((((((((((((((((((((((((((((((((((** Usunięto** )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    
    c:\windows\system32\AutoRun.inf
    
    .
    (((((((((((((((((((((((((** Pliki utworzone od 2009-05-06 do 2009-06-06**)))))))))))))))))))))))))))))))
    .
    
    2009-06-05 18:25 . 2009-06-05 18:25****--------****d-----w-****c:\program files\PowerQuest
    2009-06-05 14:07 . 2009-06-05 14:27****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\mIRC
    2009-06-05 14:07 . 2009-06-05 14:08****--------****d-----w-****c:\program files\mIRC
    2009-06-05 14:07 . 2007-11-06 20:13****1985024****----a-w-****c:\windows\system32\verify.exe
    2009-06-05 14:07 . 2007-11-05 07:16****1725000****----a-w-****c:\windows\system32\mirc631.exe
    2009-06-04 18:45 . 2009-06-04 18:45****--------****d-----w-****c:\program files\Tasker
    2009-06-04 17:57 . 2009-06-04 18:05****137928****----a-w-****c:\windows\system32\drivers\PnkBstrK.sys
    2009-06-04 17:57 . 2009-06-04 18:19****189768****----a-w-****c:\windows\system32\PnkBstrB.exe
    2009-06-04 17:56 . 2009-06-04 17:56****75064****----a-w-****c:\windows\system32\PnkBstrA.exe
    2009-06-04 17:56 . 2009-06-04 17:56****--------****d-----w-****c:\windows\system32\LogFiles
    2009-06-04 17:56 . 2009-06-04 17:56****--------****d-----w-****c:\documents and settings\WieslaweK\Ustawienia lokalne\Dane aplikacji\PunkBuster
    2009-06-03 19:02 . 2009-06-03 19:02****--------****d-sh--w-****c:\windows\ftpcache
    2009-06-03 13:10 . 2009-06-03 13:10****--------****d-----w-****c:\program files\Elaborate Bytes
    2009-06-02 13:22 . 2009-06-02 17:24****--------****d-----w-****c:\documents and settings\All Users\Dane aplikacji\TrackMania
    2009-06-02 12:32 . 2009-06-02 12:32****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\Ashampoo
    2009-06-02 12:31 . 2009-06-02 12:31****--------****d-----w-****c:\documents and settings\WieslaweK\Ustawienia lokalne\Dane aplikacji\ashampoo
    2009-06-02 12:31 . 2009-06-02 12:31****--------****d-----w-****c:\documents and settings\All Users\Dane aplikacji\ashampoo
    2009-06-02 12:31 . 2009-06-02 12:31****--------****d-----w-****c:\program files\Ashampoo
    2009-06-01 18:41 . 2009-06-05 14:28****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\AIMP
    2009-06-01 18:41 . 2009-06-01 18:41****--------****d-----w-****c:\program files\AIMP2
    2009-06-01 13:28 . 2006-06-29 11:07****14048****------w-****c:\windows\system32\spmsg2.dll
    2009-06-01 13:27 . 2009-06-01 13:27****--------****d-----w-****c:\windows\system32\pl-PL
    2009-06-01 13:25 . 2009-06-01 13:25****69024****----a-w-****c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
    2009-06-01 13:24 . 2009-06-01 13:24****--------****d-----w-****c:\windows\system32\XPSViewer
    2009-06-01 13:24 . 2009-06-01 13:24****--------****d-----w-****c:\program files\MSBuild
    2009-06-01 13:24 . 2009-06-01 13:24****--------****d-----w-****c:\program files\Reference Assemblies
    2009-06-01 13:23 . 2008-07-06 12:06****89088****-c----w-****c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2009-06-01 13:23 . 2008-07-06 12:06****575488****-c----w-****c:\windows\system32\dllcache\xpsshhdr.dll
    2009-06-01 13:23 . 2008-07-06 12:06****575488****------w-****c:\windows\system32\xpsshhdr.dll
    2009-06-01 13:23 . 2008-07-06 12:06****1676288****-c----w-****c:\windows\system32\dllcache\xpssvcs.dll
    2009-06-01 13:23 . 2008-07-06 12:06****1676288****------w-****c:\windows\system32\xpssvcs.dll
    2009-06-01 13:23 . 2008-07-06 12:06****117760****------w-****c:\windows\system32\prntvpt.dll
    2009-06-01 13:23 . 2008-07-06 10:50****597504****-c----w-****c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2009-06-01 13:19 . 2007-11-30 11:18****26488****----a-w-****c:\windows\system32\spupdsvc.exe
    2009-06-01 13:19 . 2009-06-01 13:19****--------****d-----w-****c:\program files\MSXML 6.0
    2009-06-01 11:02 . 2009-06-06 12:58****--------****d-----w-****C:\Downloads
    2009-06-01 11:01 . 2009-06-01 11:01****--------****d-----w-****c:\program files\MoorHunt
    2009-05-30 10:54 . 2009-05-30 10:55****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\Tibia
    2009-05-30 10:54 . 2009-05-30 10:54****--------****d-----w-****c:\program files\Tibia
    2009-05-28 20:16 . 2003-03-29 14:45****89184****----a-w-****c:\windows\system32\drivers\imagedrv.sys
    2009-05-28 20:16 . 2009-05-28 20:16****--------****d-----w-****c:\program files\Common Files\Ahead
    2009-05-28 20:16 . 2001-07-06 16:24****283920****----a-w-****c:\windows\system32\ImagXpr5.dll
    2009-05-28 20:16 . 2001-07-06 12:41****569344****----a-w-****c:\windows\system32\imagr5.dll
    2009-05-28 20:16 . 2001-07-06 10:44****544768****----a-w-****c:\windows\system32\imagx5.dll
    2009-05-28 20:16 . 2001-06-26 06:15****38912****----a-w-****c:\windows\system32\picn20.dll
    2009-05-28 20:16 . 2001-07-09 09:50****155648****----a-w-****c:\windows\system32\NeroCheck.exe
    2009-05-28 20:16 . 2009-05-28 20:16****--------****d-----w-****c:\program files\Ahead
    2009-05-28 19:41 . 2009-05-28 19:41****--------****d-----w-****c:\program files\CdCoverCreator
    2009-05-28 15:15 . 2009-05-28 19:50****--------****d-----w-****c:\program files\Common Files\Blizzard Entertainment
    2009-05-28 15:13 . 2009-05-28 15:13****167376****----a-w-****c:\documents and settings\WieslaweK\Dane aplikacji\Mozilla\Firefox\Profiles\kmshc764.default\FlashGot.exe
    2009-05-28 15:12 . 2009-06-06 12:58****--------****d-----w-****c:\program files\FlashGet
    2009-05-28 14:20 . 2009-05-28 14:20****--------****d-----w-****c:\documents and settings\WieslaweK\Ustawienia lokalne\Dane aplikacji\Identities
    2009-05-28 14:06 . 2009-06-02 17:58****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\Tlen.pl
    2009-05-28 14:06 . 2009-05-28 14:06****--------****d-----w-****c:\documents and settings\All Users\Dane aplikacji\Tlen.pl
    2009-05-28 14:06 . 2009-05-28 14:06****--------****d-----w-****c:\program files\Tlen.pl
    2009-05-28 13:48 . 2009-05-28 13:48****--------****d-----w-****c:\documents and settings\WieslaweK\Ustawienia lokalne\Dane aplikacji\HP
    2009-05-28 13:40 . 2007-03-08 04:20****16496****----a-r-****c:\windows\system32\drivers\HPZipr12.sys
    2009-05-28 13:40 . 2007-03-08 04:20****49920****----a-r-****c:\windows\system32\drivers\HPZid412.sys
    2009-05-28 13:40 . 2009-05-28 13:40****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\HP
    2009-05-28 13:40 . 2009-05-28 13:40****--------****d-----w-****c:\documents and settings\All Users\Dane aplikacji\Hewlett-Packard
    2009-05-28 13:40 . 2007-03-30 15:29****267864****----a-r-****c:\windows\system32\hpzids01.dll
    2009-05-28 13:40 . 2007-03-28 12:01****118272****----a-w-****c:\windows\system32\hpz3l5ha.dll
    2009-05-28 13:40 . 2007-03-08 04:20****21568****----a-r-****c:\windows\system32\drivers\HPZius12.sys
    2009-05-28 13:39 . 2007-03-17 06:39****303104****----a-r-****c:\windows\system32\hpovst11.dll
    2009-05-28 13:39 . 2007-03-17 06:39****958464****----a-r-****c:\windows\system32\hpotiop4.dll
    2009-05-28 13:39 . 2007-03-08 04:20****364544****----a-r-****c:\windows\system32\hppldcoi.dll
    2009-05-28 13:39 . 2007-03-08 04:20****309760****----a-r-****c:\windows\system32\difxapi.dll
    2009-05-28 13:39 . 2007-03-17 06:39****675840****----a-r-****c:\windows\system32\hpowiax4.dll
    2009-05-28 13:39 . 2004-08-03 20:58****15104****-c--a-w-****c:\windows\system32\dllcache\usbscan.sys
    2009-05-28 13:39 . 2004-08-03 20:58****15104****----a-w-****c:\windows\system32\drivers\usbscan.sys
    2009-05-28 13:32 . 2009-05-28 13:32****--------****d-----w-****c:\documents and settings\All Users\Dane aplikacji\HPSSUPPLY
    2009-05-28 13:31 . 2009-05-28 13:31****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\HPAppData
    2009-05-28 13:29 . 2009-05-28 13:29****--------****d-----w-****c:\documents and settings\All Users\Dane aplikacji\HP Product Assistant
    2009-05-28 13:29 . 2009-05-28 13:30****--------****d-----w-****c:\documents and settings\All Users\Dane aplikacji\HP
    2009-05-28 13:29 . 2009-05-28 13:29****--------****d-----w-****c:\program files\Common Files\HP
    2009-05-28 13:28 . 2009-05-28 13:28****--------****d-----w-****c:\program files\Hewlett-Packard
    2009-05-28 13:28 . 2009-05-28 13:28****--------****d-----w-****c:\program files\Common Files\Hewlett-Packard
    2009-05-28 13:27 . 2009-05-28 13:28****--------****dc----w-****c:\windows\system32\DRVSTORE
    2009-05-28 13:27 . 2009-05-28 13:32****--------****d-----w-****c:\program files\HP
    2009-05-28 13:25 . 2009-05-28 13:38****152051****----a-w-****c:\windows\hpoins15.dat
    2009-05-28 13:25 . 2007-06-05 23:04****1039****------w-****c:\windows\hpomdl15.dat
    2009-05-27 13:01 . 2009-05-28 14:34****--------****d-----w-****c:\documents and settings\WieslaweK\Ustawienia lokalne\Dane aplikacji\ApplicationHistory
    2009-05-27 13:01 . 2009-05-27 13:01****134****----a-w-****c:\documents and settings\WieslaweK\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
    2009-05-27 13:01 . 2009-05-27 13:01****1078****----a-r-****c:\documents and settings\WieslaweK\Dane aplikacji\Microsoft\Installer\{1F66D380-CA34-40B4-87BC-CEB5FFA723FA}\_2cd672ae.exe
    2009-05-27 13:01 . 2009-05-27 13:01****--------****d-----w-****c:\program files\Gios
    2009-05-27 12:59 . 2009-05-27 13:00****--------****d-----w-****c:\windows\system32\URTTemp
    2009-05-25 12:16 . 2009-05-25 12:16****134312****----a-w-****c:\windows\system32\ElbyVCD.dll
    2009-05-25 12:01 . 2009-05-25 12:01****89256****----a-w-****c:\windows\system32\ElbyCDIO.dll
    2009-05-24 16:06 . 2009-05-24 16:06****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\fretsonfire
    2009-05-24 13:55 . 2009-05-24 13:55****--------****d-----w-****c:\documents and settings\NetworkService\Dane aplikacji\Xfire
    2009-05-24 13:55 . 2009-06-04 19:20****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\Xfire
    2009-05-24 13:55 . 2009-06-03 15:09****--------****d-----w-****c:\program files\Xfire
    2009-05-24 13:47 . 2004-08-03 22:44****221184****----a-w-****c:\windows\system32\wmpns.dll
    2009-05-24 12:12 . 2004-08-03 21:01****25856****-c--a-w-****c:\windows\system32\dllcache\usbprint.sys
    2009-05-24 12:12 . 2004-08-03 21:01****25856****----a-w-****c:\windows\system32\drivers\usbprint.sys
    2009-05-24 12:12 . 2004-08-03 21:08****31616****-c--a-w-****c:\windows\system32\dllcache\usbccgp.sys
    2009-05-24 12:12 . 2004-08-03 21:08****31616****----a-w-****c:\windows\system32\drivers\usbccgp.sys
    2009-05-24 09:23 . 2009-06-05 14:37****34****----a-w-****c:\documents and settings\WieslaweK\jagex_runescape_preferences.dat
    2009-05-24 09:23 . 2009-05-24 09:23****--------****d-----w-****c:\windows\.jagex_cache_32
    2009-05-24 09:06 . 2005-05-26 13:34****2297552****----a-w-****c:\windows\system32\d3dx9_26.dll
    2009-05-24 07:25 . 2009-06-01 13:33****16504****----a-w-****c:\documents and settings\WieslaweK\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
    2009-05-23 17:20 . 2009-05-23 17:20****--------****d-----w-****c:\program files\Kaspersky Lab
    2009-05-23 17:19 . 2009-05-23 17:19****--------****d-----w-****c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
    2009-05-23 17:16 . 2009-05-27 09:44****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\Nowe Gadu-Gadu
    2009-05-23 17:15 . 2009-05-23 17:15****--------****d-----w-****c:\program files\Nowe Gadu-Gadu
    
    .
    ((((((((((((((((((((((((((((((((((((((((** Sekcja Find3M** ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-06-05 15:24 . 2009-05-23 16:49****1****----a-w-****c:\documents and settings\WieslaweK\Dane aplikacji\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
    2009-06-04 17:17 . 2004-07-17 09:36****163644****----a-w-****c:\windows\system32\drivers\secdrv.sys
    2009-06-01 13:26 . 2001-10-26 16:15****88618****----a-w-****c:\windows\system32\perfc015.dat
    2009-06-01 13:26 . 2001-10-26 16:15****499958****----a-w-****c:\windows\system32\perfh015.dat
    2009-05-25 16:01 . 2009-05-23 14:21****86327****----a-w-****c:\windows\pchealth\helpctr\OfflineCache\index.dat
    2009-05-23 17:40 . 2009-05-23 17:39****--------****d-----w-****c:\program files\K-Lite Codec Pack
    2009-05-23 16:48 . 2009-05-23 16:48****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\OpenOffice.org
    2009-05-23 16:47 . 2009-05-23 16:47****410984****----a-w-****c:\windows\system32\deploytk.dll
    2009-05-23 16:47 . 2009-05-23 16:47****--------****d-----w-****c:\program files\Java
    2009-05-23 16:47 . 2009-05-23 16:47****152576****----a-w-****c:\documents and settings\WieslaweK\Dane aplikacji\Sun\Java\jre1.6.0_13\lzma.dll
    2009-05-23 16:46 . 2009-05-23 16:46****--------****d-----w-****c:\program files\OpenOffice.org 3
    2009-05-23 16:12 . 2009-05-23 16:12****--------****d-----w-****c:\program files\3do
    2009-05-23 16:12 . 2009-05-23 14:29****--------****d-----w-****c:\program files\Common Files\InstallShield
    2009-05-23 15:41 . 2009-05-23 15:41****0****----a-w-****c:\windows\nsreg.dat
    2009-05-23 15:26 . 2009-05-23 15:25****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\TrueCrypt
    2009-05-23 15:25 . 2009-05-23 15:25****217536****----a-w-****c:\windows\system32\drivers\truecrypt.sys
    2009-05-23 15:25 . 2009-05-23 15:25****--------****d-----w-****c:\program files\TrueCrypt
    2009-05-23 14:45 . 2009-05-23 14:45****107888****----a-w-****c:\windows\system32\CmdLineExt.dll
    2009-05-23 14:42 . 2009-05-23 14:29****--------****d--h--w-****c:\program files\InstallShield Installation Information
    2009-05-23 14:38 . 2009-05-23 14:38****6820****----a-w-****c:\windows\system32\d3d9caps.dat
    2009-05-23 14:38 . 2009-05-23 14:38****552****----a-w-****c:\windows\system32\d3d8caps.dat
    2009-05-23 14:38 . 2009-05-23 14:38****--------****d-----w-****c:\documents and settings\WieslaweK\Dane aplikacji\atitray
    2009-05-23 14:34 . 2009-05-23 14:34****472576****----a-w-****c:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe
    2009-05-23 14:34 . 2009-05-23 14:34****--------****d-----w-****c:\program files\Radeon Omega Drivers
    2009-05-23 14:33 . 2009-05-23 14:33****--------****d-----w-****c:\program files\WLAN
    2009-05-23 14:31 . 2009-05-23 14:31****--------****d-----w-****c:\program files\Realtek Sound Manager
    2009-05-23 14:31 . 2009-05-23 14:31****--------****d-----w-****c:\program files\AvRack
    2009-05-23 14:30 . 2009-05-23 14:30****--------****d-----w-****c:\program files\Intel
    2009-05-23 14:22 . 2009-05-23 14:22****--------****d-----w-****c:\program files\microsoft frontpage
    2009-05-23 14:21 . 2009-05-23 14:21****--------****d-----w-****c:\program files\Usługi online
    2009-05-23 14:19 . 2009-05-23 14:19****21856****----a-w-****c:\windows\system32\emptyregdb.dat
    2009-05-22 23:08 . 2009-05-22 23:08****29696****----a-w-****c:\windows\system32\drivers\VClone.sys
    2009-05-21 22:51 . 2009-05-21 22:51****41808****----a-w-****c:\windows\system32\xfcodec.dll
    .
    
    ------- Sigcheck -------
    
    [7] 2004-08-03 21:14****359040****9F4B36614A0FC234525BA224957DE55C****c:\windows\system32\dllcache\tcpip.sys
    [-] 2004-08-03 21:14****359040****6A603809F598332DBEDD535BDBCE313E****c:\windows\system32\drivers\tcpip.sys
    .
    (((((((((((((((((((((((((((((((((((((** Wpisy startowe rejestru** ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane**
    REGEDIT4
    
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Komunikator"="c:\program files\Tlen.pl\tlen.exe" [2009-01-17 5853672]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-23 148888]
    "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
    "MSConfig"="c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-03 159744]
    "SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2003-08-15 57344]
    "AtiPTA"="atiptaxx.exe" - c:\windows\system32\atiptaxx.exe [2006-02-22 344064]
    "Windows 32-bit DLL Integrity Verifier"="verify.exe" - c:\windows\system32\verify.exe [2007-11-06 1985024]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
    "Windows 32-bit DLL Integrity Verifier"="verify.exe" - c:\windows\system32\verify.exe [2007-11-06 1985024]
    
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
    
    c:\documents and settings\All Users\Menu Start\Programy\Autostart\
    WConfig.lnk - c:\program files\WLAN\WConfig\WConfig.exe [2009-5-23 385024]
    
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
    backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
    
    [HKLM\~\startupfolder\C:^Documents and Settings^WieslaweK^Menu Start^Programy^Autostart^OpenOffice.org 3.1.lnk]
    path=c:\documents and settings\WieslaweK\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk
    backup=c:\windows\pss\OpenOffice.org 3.1.lnkStartup
    
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "d:\\Steam\\SteamApps\\hruswik\\counter-strike\\hl.exe"=
    "c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
    "c:\\Program Files\\Xfire\\Xfire.exe"=
    "c:\\Program Files\\Tlen.pl\\tlen.exe"=
    "c:\\Program Files\\FlashGet\\flashget.exe"=
    
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
    
    R1 atitray;atitray;c:\program files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys [2009-05-23 17952]
    R3 RT2400PCI;802.11b WLAN PCI;c:\windows\system32\drivers\rt2400.sys [2009-05-23 61056]
    
    --- Inne Usługi/Sterowniki w Pamięci ---
    
    *NewlyCreated* - PQNTDRV
    
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12****REG_MULTI_SZ** ****Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt****REG_MULTI_SZ** ****hpqcxs08 hpqddsvc
    .
    - - - - USUNIĘTO PUSTE WPISY - - - -
    
    SafeBoot-procexp90.Sys
    
    
    .
    ------- Skan uzupełniający -------
    .
    IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
    IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
    FF - ProfilePath - c:\documents and settings\WieslaweK\Dane aplikacji\Mozilla\Firefox\Profiles\kmshc764.default\
    FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
    FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
    .
    
    **************************************************************************
    
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-06-06 15:01
    Windows 5.1.2600 Dodatek Service Pack 2 NTFS
    
    skanowanie ukrytych procesów ...**
    
    skanowanie ukrytych wpisów autostartu ... 
    
    skanowanie ukrytych plików ...**
    
    skanowanie pomyślnie ukończone
    ukryte pliki: 0
    
    **************************************************************************
    .
    --------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
    
    - - - - - - - > &#39;winlogon.exe&#39;(784)
    c:\windows\system32\Ati2evxx.dll
    .
    Czas ukończenia: 2009-06-06 15:02
    ComboFix-quarantined-files.txt**2009-06-06 13:02
    
    Przed: 5*316*169*728 bajtów wolnych
    Po: 5*484*355*584 bajtów wolnych
    
    232

  12. #12

    Domyślnie

    Brawo, wreszcie dobry dział, ale chyba warn poleci...

  13. #13
    Użytkownik
    Dołączył
    01-02-2009
    Skąd
    Siemiatycze
    Posty
    7

    Domyślnie

    A ty posty nabijasz? Musisz 40 postów napisać o tym, że wkleiłem loga z ComboFixa do tematu z HijackThisem, bo mam klawiaturę pełną śmiecia?

  14. #14

    Domyślnie

    Nie, nie nabijam postów, po prostu nie lubię ludzi twojego pokroju.
    ...bo mam klawiaturę pełną śmiecia?[/b]
    Tzn? bo to się ma nijak do nieczytanego regulaminu...

  15. #15
    Użytkownik
    Dołączył
    01-02-2009
    Skąd
    Siemiatycze
    Posty
    7

    Domyślnie

    Fakt, założyłem temat zamiast napisać w już istniejącym, ale co post
    Brawo, wreszcie dobry dział, ale chyba warn poleci...[/b]
    wniósł do tematu? Mam zaśmieconą klawiaturę i nie działa mi dobrze Ctrl. Nie skopiowałem loga z hijackthisa tylko wkleiłem stary z Combofixa. Poprawiłem, więc po co te posty? Może zamiast nabijać kolejnego posta rzuciłbyś okiem na logi?

Podobne wątki

  1. Odpowiedzi: 0
    Ostatni post / autor: 20-12-2013, 17:54
  2. Gmer
    Przez boyka
    w forum Kryptografia/Szyfrowanie
    Odpowiedzi: 0
    Ostatni post / autor: 10-12-2013, 15:25
  3. ComboFix
    Przez boyka
    w forum Kryptografia/Szyfrowanie
    Odpowiedzi: 0
    Ostatni post / autor: 07-12-2013, 14:06
  4. prośba o sprawdzenie loga gmer 2.1
    Przez rogersmith
    w forum Bezpieczeństwo
    Odpowiedzi: 1
    Ostatni post / autor: 04-12-2013, 15:59
  5. Logi z combofix proszę sprawdzić
    Przez toperprg
    w forum Bezpieczeństwo
    Odpowiedzi: 0
    Ostatni post / autor: 18-08-2013, 03:27

Uprawnienia

  • Nie możesz zakładać nowych tematów
  • Nie możesz pisać wiadomości
  • Nie możesz dodawać załączników
  • Nie możesz edytować swoich postów
  •