Witam, napisze to w skrócie. Do niedawna wszystko śmigało jak zawsze i jak powinno do momentu aż miałem trojana. Usunąłem go Spyware dr 5.5.178. Sprawdzałem też Trojan Remover oraz innymi programami do usuwania trojanów i tego całego syfu. Teoretycznie mi to pousuwało ale problem dalej tkwi. Wolniej pracuje mi komp no i co ciekawe często rozłącza mi podczas rozmowy skype. Nie raz po minucie a nieraz po 30min. Tlen też traci połączenie. Sam już nie wiem czy to jest wina wirusa czy usługodawcy internetu czy może tych od komunikatorów.

Wrzucam tu logfile z hijackthis, jeżeli jest w nim coś czego nie powinno być to proszę o pomoc, proszę też o szczegóły pozbycia się tego (krok po kroku) gdyż nie znam się aż tak bardzo. Z góry dzięk.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:41:36, on 2008-04-24

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\DllHost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\PROGRA~1\COSIDS\BIN\TbMux32.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Spyware Doctor\pctsAuxs.exe

C:\Program Files\Spyware Doctor\pctsSvc.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\COSIDS\APACHE~1\APACHE\ApchT2kW.exe

C:\PROGRA~1\COSIDS\APACHE~1\APACHE\ApchT2kW.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\PROGRA~1\JAVA\JRE16~1.0_0\bin\java.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\PROGRA~1\AVG\AVG8\avgam.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\WINDOWS\System32\SCardSvr.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\PROGRA~1\TWEAKM~1\TMTray.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Spyware Doctor\pctsTray.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantec.com/region/reg_eu/t … _info.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\WINDOWS\cgmopenbho.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: TweakMASTER PRO Component - {7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} - C:\PROGRA~1\TWEAKM~1\TweakBHO.dll

O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll

O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll

O3 - Toolbar: &Tłumaczenie - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll

O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll

O4 - HKLM…\Run: [QlbCtrl] “C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe” /Start

O4 - HKLM…\Run: [CognizanceTS] “rundll32.exe” C:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule

O4 - HKLM…\Run: [TweakMASTER] “C:\PROGRA~1\TWEAKM~1\TMTray.exe”

O4 - HKLM…\Run: [QPService] “C:\Program Files\HP\QuickPlay\QPService.exe”

O4 - HKLM…\Run: [iSTray] “C:\Program Files\Spyware Doctor\pctsTray.exe”

O4 - HKLM…\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized

O4 - HKCU…\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe

O4 - HKCU…\Run: [CFi ShellToys Utility Manager] “C:\Program Files\CFi\ShellToys\CFiShlMan.exe” -start

O4 - Startup: Battery Doubler.lnk = C:\Program Files\Dachshund Software\Battery Doubler\Battery Doubler.exe

O4 - Global Startup: BTTray.lnk = ?

O8 - Extra context menu item: Add to &LinkFox - res://C:\PROGRA~1\TWEAKM~1\TweakBHO.dll/IESCRIPT

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Wyślij do interfejsu &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra ‘Tools’ menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll

O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra ‘Tools’ menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll

O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll

O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll

O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll

O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll

O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O17 - HKLM\System\CCS\Services\Tcpip…{CD3AD0D1-B272-40FC-BC2C-BFD417EA1C46}: NameServer = 62.58.10.100,62.58.10.101

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: APSHook.dll,avgrsstx.dll

O20 - Winlogon Notify: OneCard - C:\Program Files\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: COSIDS_TB - TransAction Software, D 81737 Munich - C:\PROGRA~1\COSIDS\BIN\TbMux32.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Hewlett-Packard Company - (no file)

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: SentinelSuperProNet Server (SuperProServer) - Unknown owner - C:\WINDOWS\system32\spnsrvnt.exe

O23 - Service: TIS 2000 Apache Web Server - Unknown owner - C:\PROGRA~1\COSIDS\APACHE~1\APACHE\ApchT2kW.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

–

End of file - 10132 bytes

fix w hijackthis

Pokaż log z Combofix

Z tym combofix to ciekawa sprawa bo zeskanował mi kompa i usunął coś lub całość do logowania za pomocą odciska palca.teraz już mi to nie działa(nie ma oprogramowania) ale mniejsza z tym o to log z combofix:

ComboFix 08-04-22.5 - diablo-82 2008-04-24 18:08:44.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1483 [GMT 2:00]

Running from: C:\Documents and Settings\diablo-82\Pulpit\download\ComboFix.exe

* Created a new restore point

* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\diablo-82\Dane aplikacji\inst.exe

C:\Program Files\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_ASBroker

-------\Service_ASBroker

((((((((((((((((((((((((( Files Created from 2008-03-24 to 2008-04-24 )))))))))))))))))))))))))))))))

.

2008-04-24 17:41 . 2008-04-24 17:41

2008-04-20 15:13 . 2008-04-21 20:10

2008-04-20 14:54 . 2008-04-24 14:25

2008-04-20 14:54 . 2008-04-20 15:32

2008-04-20 14:54 . 2008-04-20 14:54 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys

2008-04-20 14:54 . 2008-04-20 14:54 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys

2008-04-20 14:54 . 2008-04-20 14:54 12,424 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys

2008-04-20 14:54 . 2008-04-20 14:54 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll

2008-04-20 14:53 . 2008-04-20 14:53

2008-04-20 14:53 . 2008-04-20 14:53

2008-04-20 11:07 . 2008-04-20 11:09

2008-04-20 11:07 . 2008-04-20 11:07

2008-04-20 11:07 . 2008-04-20 11:07

2008-04-20 11:07 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll

2008-04-20 11:07 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll

2008-04-20 11:07 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll

2008-04-20 11:07 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll

2008-04-20 11:07 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll

2008-04-19 21:02 . 2008-04-19 21:02

2008-04-19 21:02 . 2008-04-19 21:02

2008-04-14 22:49 . 2008-04-14 22:49

2008-04-14 22:49 . 2008-04-15 18:43 246 --ah----- C:\WINDOWS\sysreg.dat

2008-04-13 15:32 . 2008-04-13 15:39

2008-04-13 15:31 . 2008-04-13 15:53

2008-04-09 22:49 . 2008-04-09 23:04

2008-04-09 22:49 . 2008-04-09 22:49 94,208 --a------ C:\WINDOWS\system32\drivers\ezplay.sys

2008-04-09 22:49 . 2008-04-09 23:04 94,208 --a------ C:\Documents and Settings\diablo-82\Dane aplikacji\ezplay.sys

2008-04-09 22:49 . 2008-04-09 22:49 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys

2008-04-09 22:49 . 2008-04-09 23:04 47,360 --a------ C:\Documents and Settings\diablo-82\Dane aplikacji\pcouffin.sys

2008-04-09 21:37 . 2008-04-09 21:37

2008-04-09 21:34 . 2008-04-24 18:10

2008-04-09 21:34 . 2008-04-09 21:36

2008-04-09 21:34 . 2008-02-07 20:18

2008-04-09 21:34 . 2008-02-07 21:08

2008-04-09 21:34 . 2008-04-09 21:37

2008-04-09 21:34 . 2008-02-07 21:08

2008-04-09 21:34 . 2008-04-09 21:35

2008-04-09 21:34 . 2008-04-20 14:54

2008-04-09 21:34 . 2008-04-24 18:08 1,024 --ah----- C:\Documents and Settings\Administrator\NtUser.dat.LOG

2008-04-09 21:18 . 2008-04-09 21:18

2008-04-09 20:17 . 2008-04-09 20:17

2008-04-09 20:17 . 2008-04-09 20:17

2008-04-09 20:10 . 2008-04-09 20:10

2008-04-08 23:06 . 2008-04-08 23:06

2008-04-06 17:25 . 2008-04-06 17:25

2008-04-06 17:03 . 2008-04-06 17:03

2008-04-06 14:25 . 2008-04-06 14:26

2008-04-06 11:08 . 2008-04-06 11:08

2008-04-06 11:06 . 2008-04-06 11:06

2008-04-06 11:06 . 2008-04-06 11:06

2008-04-06 11:06 . 2008-04-06 11:06

2008-04-06 11:06 . 2006-07-11 21:55 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll

2008-04-06 11:06 . 2008-04-24 18:14 2,410 --a------ C:\hpqp.ini

2008-04-06 11:06 . 2008-04-24 18:13 39 --a------ C:\XP_TV.ini

2008-04-05 20:49 . 2008-04-20 15:16

2008-04-05 20:12 . 2008-04-05 20:12

2008-04-05 20:12 . 2008-04-05 20:12

2008-04-05 16:39 . 2007-08-16 00:33 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe

2008-04-05 16:39 . 2007-08-16 00:33 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe

2008-04-03 22:54 . 2008-04-03 22:54

2008-04-02 21:29 . 2008-04-02 21:29

2008-04-02 16:07 . 2004-08-04 00:44 221,184 --a------ C:\WINDOWS\system32\wmpns.dll

2008-04-02 16:07 . 1998-08-27 06:51 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll

2008-04-02 16:07 . 1998-08-20 13:02 140,800 --a------ C:\WINDOWS\system32\tm20dec.ax

2008-04-02 16:07 . 1998-09-02 10:28 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe

2008-04-02 16:07 . 1998-09-02 10:28 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll

2008-04-02 16:06 . 1998-09-02 10:02 194,320 --a------ C:\WINDOWS\system32\qcut.dll

2008-04-02 16:06 . 1998-08-17 11:21 11,776 --a------ C:\WINDOWS\system32\mciqtz.drv

2008-04-02 16:06 . 1998-08-17 11:21 10,240 --a------ C:\WINDOWS\system32\vidx16.dll

2008-04-02 16:06 . 1998-08-17 11:21 5,672 --a------ C:\WINDOWS\system32\quartz.vxd

2008-04-02 16:06 . 2008-04-02 16:06 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll

2008-04-02 16:06 . 2008-04-02 16:06 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll

2008-04-02 16:02 . 2008-04-02 16:18

2008-04-01 21:35 . 2002-03-11 18:10 90,112 --a------ C:\WINDOWS\cgmopenbho.2

2008-04-01 21:34 . 2008-04-01 21:34

2008-04-01 21:34 . 2008-04-01 21:34

2008-04-01 21:34 . 2001-04-06 08:11 118,784 --a------ C:\WINDOWS\system32\spnsrvnt.exe

2008-04-01 21:34 . 2001-04-06 08:11 73,216 --a------ C:\WINDOWS\system32\drivers\SENTINEL.SYS

2008-04-01 21:34 . 2001-04-06 08:11 49,152 --a------ C:\WINDOWS\system32\SNTI386.DLL

2008-04-01 21:34 . 2001-04-06 08:11 9,949 --------- C:\WINDOWS\system32\SENTINEL.HLP

2008-04-01 21:33 . 2008-04-01 21:36

2008-04-01 20:59 . 2002-03-11 18:10 90,112 --a------ C:\WINDOWS\cgmopenbho.1

2008-04-01 18:47 . 2008-04-01 18:52

2008-04-01 18:08 . 1998-05-07 10:57 143,872 --a------ C:\WINDOWS\system32\iacenc.dll

2008-04-01 17:38 . 2008-04-01 17:38

2008-04-01 17:38 . 2008-04-01 17:38

2008-03-31 23:25 . 2008-03-31 23:25 831,488 --a------ C:\WINDOWS\system32\divx_xx0a.dll

2008-03-31 23:25 . 2008-03-31 23:25 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll

2008-03-31 23:25 . 2008-03-31 23:25 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll

2008-03-31 23:25 . 2008-03-31 23:25 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll

2008-03-31 23:25 . 2008-03-31 23:25 682,496 --a------ C:\WINDOWS\system32\DivX.dll

2008-03-31 23:25 . 2008-03-31 23:25 161,096 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe

2008-03-30 22:01 . 2008-03-30 22:01 0 --a------ C:\WINDOWS\frontend.INI

2008-03-30 21:48 . 2008-04-01 21:40 914 --a------ C:\WINDOWS\ODBC.INI

2008-03-30 21:44 . 2008-04-24 18:12

2008-03-30 21:43 . 1997-04-08 20:08 299,520 --a------ C:\WINDOWS\uninst.exe

2008-03-30 21:43 . 2002-08-28 14:42 10,752 --a------ C:\WINDOWS\system32\testfile.doc

2008-03-30 21:33 . 2002-03-21 08:26 115,200 --a------ C:\WINDOWS\system32\HMPCab.dll

2008-03-29 22:20 . 2008-03-29 22:47

2008-03-29 22:07 . 2008-03-29 22:07

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-04-24 16:14 --------- d-----w C:\Documents and Settings\diablo-82\Dane aplikacji\Skype

2008-04-24 16:07 --------- d—a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP

2008-04-24 15:44 --------- d-----w C:\Program Files\Mozilla Thunderbird

2008-04-24 15:37 --------- d-----w C:\Documents and Settings\diablo-82\Dane aplikacji\uTorrent

2008-04-24 12:30 --------- d-----w C:\Program Files\Spyware Doctor

2008-04-23 17:23 --------- d-----w C:\Documents and Settings\diablo-82\Dane aplikacji\skypePM

2008-04-19 19:30 --------- d-----w C:\Program Files\English Translator 3

2008-04-19 19:02 --------- d–h--w C:\Program Files\InstallShield Installation Information

2008-04-09 19:12 --------- d-----w C:\Program Files\Restorator 2007

2008-04-09 19:12 --------- d-----w C:\Program Files\Pitagoras 2000

2008-04-09 18:41 --------- d-----w C:\Program Files\DivX

2008-04-08 20:05 --------- d-----w C:\Documents and Settings\diablo-82\Dane aplikacji\Tlen.pl

2008-04-06 09:05 --------- d-----w C:\Program Files\Hp

2008-04-06 07:52 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help

2008-04-05 19:53 --------- d-----w C:\Program Files\Winamp

2008-04-05 19:52 --------- d-----w C:\Documents and Settings\diablo-82\Dane aplikacji\Winamp

2008-04-05 15:33 --------- d-----w C:\Program Files\Codec Pack - All In 1

2008-03-31 20:20 --------- d-----w C:\Program Files\Call of Duty

2008-03-22 15:26 --------- d-----w C:\Program Files\Common Files\InstallShield

2008-03-21 20:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe

2008-03-21 20:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll

2008-03-21 20:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll

2008-03-21 20:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll

2008-03-21 20:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll

2008-03-21 20:28 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll

2008-03-21 20:28 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll

2008-03-21 20:28 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll

2008-03-21 20:28 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll

2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll

2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll

2008-03-21 20:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll

2008-03-21 20:28 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll

2008-03-18 16:06 --------- d-----w C:\Documents and Settings\diablo-82\Dane aplikacji\AD ON Multimedia

2008-03-18 16:03 --------- d-----w C:\Program Files\CDex_150

2008-03-17 09:13 --------- d-----w C:\Program Files\Java

2008-03-17 09:11 --------- d-----w C:\Program Files\Common Files\Java

2008-03-16 18:27 --------- d-----w C:\Program Files\uTorrent

2008-03-13 18:28 57,344 ------w C:\WINDOWS\system32\sol.exe

2008-03-13 13:51 86,016 ----a-w C:\WINDOWS\system32\OpenAL32.dll

2008-03-13 13:51 262,144 ----a-w C:\WINDOWS\system32\wrap_oal.dll

2008-03-13 13:49 --------- d-----w C:\Program Files\Futuremark

2008-03-13 10:16 --------- d-----w C:\Program Files\CPUMon

2008-03-06 14:29 --------- d-----w C:\Program Files\Lexmark X5100 Series

2008-03-02 15:13 --------- d-----w C:\Program Files\Common Files\BinarySense

2008-03-02 14:43 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth

2008-03-02 12:44 --------- d-----w C:\Program Files\IVT Corporation

2008-03-02 09:20 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Hagel Technologies

2008-02-28 20:22 --------- d-----w C:\Program Files\NAPI-PROJEKT

2008-02-24 18:40 --------- d-----w C:\Documents and Settings\diablo-82\Dane aplikacji\BinarySense

2008-02-24 14:59 --------- d-----w C:\Documents and Settings\diablo-82\Dane aplikacji\Corel

2008-02-13 18:29 164 ----a-w C:\install.dat

2008-02-09 20:26 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys

2008-02-07 20:11 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat

2008-02-07 19:40 737,280 ----a-w C:\WINDOWS\iun6002.exe

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE~\Browser Helper Objects{A057A204-BACC-4D26-9990-79A187E2698E}]

2008-04-20 14:54 2051328 --a------ C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

“{A057A204-BACC-4D26-9990-79A187E2698E}”= “C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll” [2008-04-20 14:54 2051328]

[HKEY_CLASSES_ROOT\clsid{a057a204-bacc-4d26-9990-79a187e2698e}]

[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

“{A057A204-BACC-4D26-9990-79A187E2698E}”= C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll [2008-04-20 14:54 2051328]

[HKEY_CLASSES_ROOT\clsid{a057a204-bacc-4d26-9990-79a187e2698e}]

[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CFi]

@={2DBD5D71-CBB7-41D1-B170-511646B170BD}

[HKEY_CLASSES_ROOT\CLSID{2DBD5D71-CBB7-41D1-B170-511646B170BD}]

2008-02-25 15:22 55296 --a------ C:\PROGRA~1\CFi\SHELLT~1\CFiShlJP.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Skype”=“C:\Program Files\Skype\Phone\Skype.exe” [2007-11-12 16:51 21877544]

“Komunikator”=“C:\Program Files\Tlen.pl\tlen.exe” [2007-12-07 12:16 6254592]

“CFi ShellToys Utility Manager”=“C:\Program Files\CFi\ShellToys\CFiShlMan.exe” [2008-02-25 15:22 44032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“QlbCtrl”=“C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe” [2007-02-13 12:38 159744]

“CognizanceTS”=“rundll32.exe” [2004-08-04 00:44 33280 C:\WINDOWS\system32\rundll32.exe]

“TweakMASTER”=“C:\PROGRA~1\TWEAKM~1\TMTray.exe” [2006-11-27 16:26 284712]

“QPService”=“C:\Program Files\HP\QuickPlay\QPService.exe” [2006-07-11 21:55 102400]

“AVG8_TRAY”=“C:\PROGRA~1\AVG\AVG8\avgtray.exe” [2008-04-20 14:54 1177368]

“NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2007-08-07 19:21 8462336]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

“{067B597C-C099-4A08-A180-E5FEC5DCF2DF}”= C:\PROGRA~1\CFi\SHELLT~1\CFiShlEx.dll [2008-02-25 15:22 43008]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

“AppInit_DLLs”=APSHook.dll,avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

“vidc.iv31”= C:\WINDOWS\system32\ir32_32.dll

“vidc.iv32”= C:\WINDOWS\system32\ir32_32.dll

“msacm.l3acm”= l3codecp.acm

“vidc.DIV3”= DivXc32.dll

“vidc.DIV4”= DivXc32f.dll

“vidc.XVID”= xvid.dll

“VIDC.HFYU”= huffyuv.dll

“msacm.divxa32”= DivXa32.acm

“msacm.lameacm”= LameACM.dll

“vidc.3ivx”= 3ivxVfWCodec.dll

“SENTINEL”= snti386.dll

[HKLM~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.lnk]

path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk

backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM~\startupfolder\C:^Documents and Settings^diablo-82^Menu Start^Programy^Autostart^HDDlife.lnk]

path=C:\Documents and Settings\diablo-82\Menu Start\Programy\Autostart\HDDlife.lnk

backup=C:\WINDOWS\pss\HDDlife.lnkStartup

[HKLM~\startupfolder\C:^Documents and Settings^diablo-82^Menu Start^Programy^Autostart^Rejestrowanie produktów Corela.lnk]

path=C:\Documents and Settings\diablo-82\Menu Start\Programy\Autostart\Rejestrowanie produktów Corela.lnk

backup=C:\WINDOWS\pss\Rejestrowanie produktów Corela.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

–a------ 2007-10-23 15:18 202024 C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

–a------ 2004-08-04 00:44 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DU Meter]

C:\Program Files\DU Meter\DUMeter.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

–a------ 2006-10-27 01:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]

–a------ 2006-07-27 15:44 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

–a------ 2005-02-17 00:11 49152 c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]

–a------ 2007-10-03 16:15 480560 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

–a------ 2005-08-11 17:30 249856 C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

–a------ 2005-08-11 17:30 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 1200 Series]

–a------ 2006-07-13 07:33 57344 C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X5100 Series]

–a------ 2003-03-04 15:03 86099 C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]

–a------ 2007-08-23 18:36 455968 C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LinkScanner Monitor]

–a------ 2007-11-25 18:31 1967384 C:\Program Files\ExPLabs.com\LinkScanner\LinkScannerMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

–a------ 2007-09-20 09:51 1836328 C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

–a------ 2007-03-01 15:57 153136 C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

–a------ 2004-08-04 00:44 33280 C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

–a------ 2007-08-07 19:21 81920 C:\WINDOWS\system32\NVMCTRAY.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

–a------ 2007-08-07 19:22 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]

–a------ 2008-01-04 21:56 5367664 C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

–a------ 2008-02-22 05:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]

–a------ 2007-09-14 20:29 102400 C:\Program Files\Synaptics\SynTP\SynTPStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]

–a------ 2008-04-07 19:51 873040 C:\Program Files\Trojan Remover\Trjscan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Twoje TVN24]

C:\Program Files\Pasek TVN24\tvn-ustawienia.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

–a------ 2008-03-27 08:35 36352 C:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

“AntiVirusDisableNotify”=dword:00000001

“UpdatesDisableNotify”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

“DisableMonitoring”=dword:00000001

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe”=

“C:\Program Files\Tlen.pl\tlen.exe”=

“C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE”=

“C:\Program Files\Microsoft Office\Office12\GROOVE.EXE”=

“C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE”=

“C:\Program Files\uTorrent\uTorrent.exe”=

“C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.321\Polish\setup.exe”=

“C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe”=

“C:\Program Files\Mozilla Firefox\firefox.exe”=

“C:\Program Files\AVG\AVG8\avgupd.exe”=

“C:\Program Files\AVG\AVG8\avgemc.exe”=

“C:\Program Files\AVG\AVG8\avgnsx.exe”=

“C:\Program Files\Skype\Phone\Skype.exe”=

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

“3389:TCP”= 3389:TCP:@xpsp2res.dll,-22009

R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-04-20 14:54]

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-04-20 14:54]

R2 ASChannel;Local Communication Channel;C:\WINDOWS\System32\svchost.exe [2004-08-04 00:44]

R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-04-20 14:54]

R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-04-20 14:53]

R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-04-20 14:54]

R2 COSIDS_TB;COSIDS_TB;C:\PROGRA~1\COSIDS\BIN\TbMux32.exe [2001-11-20 15:37]

R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-11-14 12:04]

S3 mirrorv3;mirrorv3;C:\WINDOWS\system32\DRIVERS\rminiv3.sys [2006-11-01 06:01]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Cognizance REG_MULTI_SZ ASBroker ASChannel

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

“C:\Program Files\Common Files\LightScribe\LSRunOnce.exe”

.

**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-24 18:13:19

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

folder error: C:\DOCUME~1\DIABLO~1\USTAWI~1\Temp\

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe

• C:\Program Files\Tlen.pl\hook.dll

.

------------------------ Other Running Processes ------------------------

.

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\PROGRA~1\cosids\APACHE~1\Apache\ApchT2kW.exe

C:\PROGRA~1\cosids\APACHE~1\Apache\ApchT2kW.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\PROGRA~1\Java\JRE16~1.0_0\bin\java.exe

C:\PROGRA~1\AVG\AVG8\avgam.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

C:\Program Files\Skype\Plugin Manager\skypePM.exe

.

**************************************************************************

.

Completion time: 2008-04-24 18:17:09 - machine was rebooted

ComboFix-quarantined-files.txt 2008-04-24 16:17:03

Pre-Run: 64,691,802,112 bajtów wolnych

Post-Run: 64,676,061,184 bajt˘w wolnych

363

W dniu 24.04.2008 , o godzinie 19:43 został dopisany post przez diablo-82

No i czy ktoś coś widzi nie pożądanego w tych dwóch log-ach? Proszę o możliwie szybką odpowiedź. Czy może problem nie tkwi w zainfekowaniu?

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=213350

Nic nie widać oprócz masy zbędników w autostarcie