Użytkownik "staszek" <staszek666@gmail.com> napisał w wiadomości
news:9f918ff9-e232-4889-806b-5a82306ec94b@33g2000yqm.googlegroups.com...
> 2. HiJack -odznacz wszystkie swiństwa (które niepotrzebnie się uruchamiają
> w systemem) i z fix-uj
Nie bardzo mówiąc szczerze jarzę, co jest OK a co NIE... No i nie mam
zainstalowanej kontroli odzyskiwania - czym by to nie było.
Tu masz loga z tego:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:47:22, on 2009-03-24
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) -
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: GetRight IE Download Helper -
{31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: Java(tm) Plug-In SSV Helper -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre6\bin\ssv.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} -
C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -
C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six
Engine\SixEngine.exe" -r
O4 - HKLM\..\Run: [Spamihilator] "C:\Program
Files\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program
Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround
Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive
Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SpIDerNT] C:\PROGRA~1\DrWeb\spiderui.exe /agent
O4 - HKLM\..\Run: [DrWebScheduler] "C:\Program Files\DrWeb\DRWEBSCD.EXE"
O4 - HKLM\..\Run: [SpIDerMail] "C:\Program Files\DrWeb\spiderml.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan
Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User
'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User
'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User
'Default user')
O9 - Extra button: Create Mobile Favorite -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} -
C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan
Control) - http://edownload.grisoft.cz/ewidoOnlineScan.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan
Agent 6.6) -
http://ushousecall02.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer
Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237832290093
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) -
http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) -
http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) -
https://asp.photoprintit.de/microsite/1289/defaults/activex/ips/IPSUploader4.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software
AutoUpdate Support Package) -
http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{12090D13-3BD7-40E3-8257-8A5C676B4824}:
NameServer = 78.152.23.66,78.152.23.67
O17 -
HKLM\System\CS1\Services\Tcpip\..\{12090D13-3BD7-40E3-8257-8A5C676B4824}:
NameServer = 78.152.23.66,78.152.23.67
O17 -
HKLM\System\CS2\Services\Tcpip\..\{12090D13-3BD7-40E3-8257-8A5C676B4824}:
NameServer = 78.152.23.66,78.152.23.67
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: efcbCSkj - efcbCSkj.dll (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis -
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour
Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program
Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. -
C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd -
C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON
CORPORATION - C:\Documents and Settings\All Users\Dane aplikacji\EPSON\EPW!3
SSRP\E_S40RP7.EXE
O23 - Service: Firebird Guardian - DefaultInstance
(FirebirdGuardianDefaultInstance) - The Firebird Project -
I:\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance
(FirebirdServerDefaultInstance) - The Firebird Project -
I:\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. -
C:\Program Files\Common Files\Macrovision Shared\FLEXnet
Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun
Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program
Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown
owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools -
C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools -
C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity
Solution\ServiceLayer.exe
O23 - Service: SpIDer Guard for Windows (SPIDERNT) - Doctor Web, Ltd. -
C:\PROGRA~1\DrWeb\spidernt.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) -
Unknown owner - C:\Program Files\Common
Files\Acronis\Fomatik\TrueImageTryStartService.exe
> 4. COMBOFIX najnowszy zawsze na instalki.pl
> 5. Restart
> 6. Tryb normalny
ComboFix 09-03-22.01 - Administrator 2009-03-24 9:56:32.1 - NTFSx86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.3327.3060 [GMT
1:00]
Uruchomiony z: c:\10\ComboFix.exe
AV: Doctor Web Anti-Virus *On-access scanning disabled* (Updated)
FW: Look 'n' Stop 2.06 (Soft4Ever) *enabled*
UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.
(((((((((((((((((((((((((((((((((((((((
Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Darek\Dane aplikacji\inst.exe
c:\windows\system32\micr0st.dll
.
(((((((((((((((((((((((((((((((((((((((
Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ISODRIVE
-------\Service_ISODrive
((((((((((((((((((((((((( Pliki utworzone od 2009-02-24 do
009-03-24 )))))))))))))))))))))))))))))))
.
2009-03-24 09:47 . 2009-03-24 09:47 <DIR> d-------- c:\program files\Trend
Micro
2009-03-24 09:36 . 2009-03-24 09:36 <DIR> d-------- c:\documents and
settings\All Users\Dane aplikacji\Simply Super Software
2009-03-24 09:36 . 2006-05-25 15:52 162,304 --a------
c:\windows\system32\ztvunrar36.dll
2009-03-24 09:36 . 2003-02-02 20:06 153,088 --a------
c:\windows\system32\UNRAR3.dll
2009-03-24 09:36 . 2005-08-26 01:50 77,312 --a------
c:\windows\system32\ztvunace26.dll
2009-03-24 09:36 . 2002-03-06 01:00 75,264 --a------
c:\windows\system32\unacev2.dll
2009-03-24 09:36 . 2006-06-19 13:01 69,632 --a------
c:\windows\system32\ztvcabinet.dll
2009-03-24 09:28 . 2009-03-24 09:33 <DIR> d-------- C:\10
2009-03-24 09:01 . 2009-03-24 09:01 <DIR> d-------- c:\program files\MCS
Studios
2009-03-24 09:01 . 2005-12-14 22:16 237,568 --a------
c:\windows\system32\mcstabs.ocx
2009-03-24 09:01 . 1998-06-18 00:00 89,360 --a------
c:\windows\system32\VB5DB.DLL
2009-03-24 07:45 . 2009-03-24 09:25 <DIR> d-------- c:\program files\DrWeb
2009-03-24 07:45 . 2009-03-24 07:46 77,824 --a----t-
c:\windows\system32\DRWEBSP.DLL
2009-03-23 18:44 . 2009-03-24 10:00 4,958,588 --a------
c:\windows\{00000005-00000000-00000001-00001102-00000004-10071102}.BAK
2009-03-23 18:44 . 2009-03-24 09:44 31,056 --a------
c:\windows\system32\BMXStateBkp-{00000005-00000000-00000001-00001102-00000004-10071102}.rfx
2009-03-23 18:44 . 2009-03-24 09:44 31,056 --a------
c:\windows\system32\BMXState-{00000005-00000000-00000001-00001102-00000004-10071102}.rfx
2009-03-23 18:44 . 2009-03-24 09:44 30,528 --a------
c:\windows\system32\BMXCtrlState-{00000005-00000000-00000001-00001102-00000004-10071102}.rfx
2009-03-23 18:44 . 2009-03-24 09:44 30,528 --a------
c:\windows\system32\BMXBkpCtrlState-{00000005-00000000-00000001-00001102-00000004-10071102}.rfx
2009-03-23 18:44 . 2009-03-24 09:44 11,564 --a------
c:\windows\system32\DVCState-{00000005-00000000-00000001-00001102-00000004-10071102}.rfx
2009-03-23 18:44 . 2009-03-23 18:44 1,080 --a------
c:\windows\system32\settingsbkup.sfm
2009-03-23 18:44 . 2009-03-23 18:44 1,080 --a------
c:\windows\system32\settings.sfm
2009-03-23 18:41 . 2009-03-24 10:00 4,958,588 --a------
c:\windows\{00000005-00000000-00000001-00001102-00000004-10071102}.CDF
2009-03-23 18:37 . 1998-01-08 01:00 1,048,576 ---------
c:\windows\system32\SFMAN.DAT
2009-03-23 18:37 . 1995-01-13 14:10 149,504 ---------
c:\windows\system32\MFCANS32.DLL
2009-03-23 18:37 . 1995-01-13 14:10 108,032 ---------
c:\windows\system32\MFCUIA32.DLL
2009-03-23 18:37 . 2000-05-11 01:00 90,112 --------- c:\windows\Updreg.EXE
2009-03-23 18:37 . 1998-06-05 02:00 84,992 ---------
c:\windows\system32\SFCVRT32.DLL
2009-03-23 18:37 . 1995-08-30 02:02 82,432 ---------
c:\windows\system32\CTWFLT32.DLL
2009-03-23 18:37 . 1998-10-20 16:05 54,784 ---------
c:\windows\system32\INETWH32.DLL
2009-03-23 18:37 . 1994-12-05 03:11 53,552 --------- c:\windows\CTCCW.DLL
2009-03-23 18:37 . 1995-07-13 02:01 26,768 ---------
c:\windows\system32\CTL3D.DLL
2009-03-23 18:37 . 1996-05-23 02:24 24,976 --------- c:\windows\CTRES.DLL
2009-03-23 18:37 . 1999-01-14 14:04 231 --------- c:\windows\AC3API.INI
2009-03-23 18:34 . 2002-02-20 03:00 331,776 ---------
c:\windows\system32\CTMEDENG.DLL
2009-03-23 18:34 . 2001-09-18 03:00 139,264 --a------
c:\windows\system32\Video.skn
2009-03-23 18:34 . 2001-03-30 02:00 62,976 --a------
c:\windows\system32\CTDetres.dll
2009-03-23 18:34 . 2000-04-20 01:00 24,576 --a------
c:\windows\system32\CTMERes.DLL
2009-03-23 18:34 . 1998-09-17 01:52 17,350 --a------
c:\windows\system32\CTDetect.hlp
2009-03-23 18:34 . 1998-09-17 01:52 641 --a------
c:\windows\system32\CTDetect.cnt
2009-03-23 18:34 . 2009-03-23 18:37 136 --a------ c:\windows\SBWIN.INI
2009-03-23 18:32 . 2003-03-05 12:19 15,840 ---------
c:\windows\system32\pfmodnt.sys
2009-03-23 18:25 . 2009-03-24 09:43 2,145,386,496 --a------
c:\windows\MEMORY.DMP
2009-03-23 17:53 . 2005-04-20 20:31 1,712,128 -----c---
c:\windows\system32\dllcache\netshell.dll
2009-03-23 17:53 . 2005-04-20 20:31 474,624 -----c---
c:\windows\system32\dllcache\wzcsvc.dll
2009-03-23 17:53 . 2005-04-20 20:31 381,952 -----c---
c:\windows\system32\dllcache\wzcdlg.dll
2009-03-23 17:53 . 2005-04-20 20:31 52,736 -----c---
c:\windows\system32\dllcache\wzcsapi.dll
2009-03-23 17:53 . 2005-04-20 00:54 14,592 -----c---
c:\windows\system32\dllcache\ndisuio.sys
2009-03-23 17:51 . 2009-03-23 17:51 749 -rah-----
c:\windows\WindowsShell.Manifest
2009-03-23 17:51 . 2009-03-23 17:51 749 -rah-----
c:\windows\system32\wuaucpl.cpl.manifest
2009-03-23 17:51 . 2009-03-23 17:51 749 -rah-----
c:\windows\system32\sapi.cpl.manifest
2009-03-23 17:51 . 2009-03-23 17:51 749 -rah-----
c:\windows\system32\nwc.cpl.manifest
2009-03-23 17:51 . 2009-03-23 17:51 749 -rah-----
c:\windows\system32\ncpa.cpl.manifest
2009-03-23 17:51 . 2009-03-23 17:51 488 -rah-----
c:\windows\system32\logonui.exe.manifest
2009-03-23 17:47 . 2006-09-13 18:18 153,088 --a------
c:\windows\system32\irftp.exe
2009-03-23 17:47 . 2006-09-13 18:18 87,424 --a------
c:\windows\system32\drivers\irda.sys
2009-03-23 17:47 . 2006-09-13 18:19 27,648 --a------
c:\windows\system32\irmon.dll
2009-03-23 17:47 . 2006-09-13 18:18 8,192 --a------
c:\windows\system32\wshirda.dll
2009-03-23 17:38 . 2008-10-07 13:33 201,157 --a------
c:\windows\system32\nvapps.nvb
2009-03-23 17:33 . 2006-09-13 18:17 19,584 --a------
c:\windows\system32\drivers\rasirda.sys
2009-03-23 17:32 . 2001-10-26 19:29 24,661 --a------
c:\windows\system32\spxcoins.dll
2009-03-23 17:32 . 2001-10-26 19:29 13,312 --a------
c:\windows\system32\irclass.dll
2009-03-23 17:31 . 2004-08-04 01:27 1,896,400 --a--c---
c:\windows\system32\dllcache\NT5.CAT
2009-03-23 17:31 . 2004-08-04 01:27 1,086,058 --a--c---
c:\windows\system32\dllcache\NTPRINT.CAT
2009-03-23 17:31 . 2004-08-04 01:27 1,086,058 -ra------ c:\windows\SET95.tmp
2009-03-23 17:31 . 2004-08-04 01:32 1,014,483 -ra------ c:\windows\SET92.tmp
2009-03-23 17:31 . 2004-08-04 01:27 620,500 --a--c---
c:\windows\system32\dllcache\NT5INF.CAT
2009-03-23 17:31 . 2004-08-04 01:28 141,702 --a--c---
c:\windows\system32\dllcache\netfx.cat
2009-03-23 17:31 . 2004-08-04 01:32 102,826 --a--c---
c:\windows\system32\dllcache\tabletpc.cat
2009-03-23 17:31 . 2004-08-04 01:27 31,965 --a--c---
c:\windows\system32\dllcache\mediactr.cat
2009-03-23 17:31 . 2004-08-04 01:27 30,983 --a--c---
c:\windows\system32\dllcache\FP4.CAT
2009-03-23 17:31 . 2004-08-04 01:26 14,043 --a--c---
c:\windows\system32\dllcache\IMS.CAT
2009-03-23 17:31 . 2004-08-04 01:26 14,043 -ra------ c:\windows\SETA1.tmp
2009-03-23 17:31 . 2004-08-04 01:27 7,245 --a--c---
c:\windows\system32\dllcache\MSTSWEB.CAT
2009-03-23 16:38 . 2009-03-23 16:38 <DIR> d-------- c:\documents and
settings\All Users\Dane aplikacji\Kaspersky Lab
2009-03-23 11:00 . 2009-03-23 11:00 <DIR> d-------- c:\program files\Seagate
2009-03-23 08:18 . 2008-06-19 16:24 28,544 --a------
c:\windows\system32\drivers\pavboot.sys
2009-03-23 08:17 . 2009-03-23 08:17 <DIR> d-------- c:\program files\Panda
Security
2009-03-22 11:35 . 2009-03-22 11:35 <DIR> d-------- c:\program files\Common
Files\Wise Installation Wizard
2009-03-20 17:29 . 2009-03-20 17:29 <DIR> d--------
c:\windows\system32\HouseCall 6.6
2009-03-20 17:29 . 2009-03-20 17:29 <DIR> d-------- c:\documents and
settings\Darek\Dane aplikacji\HouseCall 6.6
2009-03-20 15:41 . 2009-03-20 15:41 13,137,952 --a------ C:\cureit.exe
2009-03-19 08:18 . 2009-03-19 08:29 278 --a------ c:\windows\HAFASWIN.INI
2009-03-19 08:18 . 2009-03-19 08:18 21 --a------ c:\windows\progman.ini
2009-03-19 07:21 . 2009-03-19 07:23 31 --a------ c:\windows\bluevoda.ini
2009-03-18 23:04 . 2009-03-18 23:03 737,280 --a------ c:\windows\iun6002.exe
2009-03-18 22:59 . 2009-03-18 22:59 <DIR> d-------- c:\documents and
settings\Darek\Dane aplikacji\GibbHill Properties Ltd
2009-03-18 20:02 . 2009-03-09 20:06 15,688 --a------
c:\windows\system32\lsdelete.exe
2009-03-18 19:37 . 2009-03-23 08:18 78,362 --a------ c:\windows\setupapi.old
2009-03-18 19:37 . 2009-03-09 20:06 64,160 --a------
c:\windows\system32\drivers\Lbd.sys
2009-03-18 19:36 . 2009-03-18 19:36 <DIR> d-------- c:\program
files\Lavasoft
2009-03-18 19:36 . 2009-03-18 19:36 <DIR> d--h-c--- c:\documents and
settings\All Users\Dane aplikacji\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-16 00:02 . 2007-04-11 21:52 185,344 --a------
c:\windows\system32\iwpsetup.exe
2009-03-16 00:02 . 1997-01-16 00:00 29,696 --a------
c:\windows\system32\VB5STKIT.DLL
2009-03-16 00:02 . 1997-01-16 13:42 6,114 --a------
c:\windows\system32\SHELLLNK.TLB
2009-03-11 17:48 . 2009-03-19 10:13 <DIR> d-------- C:\7
2009-03-11 17:39 . 2009-03-15 23:38 <DIR> d-------- c:\program
files\Blockstar
2009-03-11 16:58 . 2009-03-11 17:46 <DIR> d-------- c:\documents and
settings\Darek\Dane aplikacji\Cream Software
2009-02-26 09:16 . 2009-03-11 17:06 <DIR> d-------- C:\6
2009-02-24 21:57 . 2009-02-24 21:57 <DIR> d-------- c:\program files\Skype
2009-02-24 21:57 . 2009-02-24 21:57 <DIR> d-------- c:\program files\Common
Files\Skype
2009-02-24 08:50 . 2009-02-24 08:50 <DIR> d-------- C:\5
.
(((((((((((((((((((((((((((((((((((((((( Sekcja
nd3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-24 08:42 --------- d---a-w c:\documents and settings\All Users\Dane
aplikacji\Temp
2009-03-24 08:42 --------- d-----w c:\program files\Trojan Remover
2009-03-24 08:27 --------- d-----w c:\program files\GetRight
2009-03-24 08:18 --------- d-----w c:\documents and settings\Darek\Dane
aplikacji\Spamihilator
2009-03-24 06:45 --------- d--h--w c:\program files\InstallShield
Installation Information
2009-03-23 18:26 360,576 ----a-w c:\windows\system32\drivers\tcpip.sys
2009-03-23 18:24 --------- d-----w c:\documents and settings\Darek\Dane
aplikacji\ZoomBrowser EX
2009-03-23 18:24 --------- d-----w c:\documents and settings\All Users\Dane
aplikacji\ZoomBrowser
2009-03-23 17:53 --------- d-----w c:\program files\Creative
2009-03-21 07:58 --------- d-----w c:\program files\Create-Ringtone
2009-03-20 16:23 --------- d-----w c:\program files\Spybot - Search &
Destroy
2009-03-20 16:23 --------- d-----w c:\documents and settings\All Users\Dane
aplikacji\Spybot - Search & Destroy
2009-03-20 10:12 --------- d-----w c:\program files\SkanerOnline
2009-03-19 19:10 --------- d-----w c:\program files\Spyware Doctor
2009-03-19 09:14 --------- d-----w c:\program files\emule
2009-03-19 06:44 --------- d-----w c:\program files\PeerGuardian2
2009-03-19 06:44 --------- d-----w c:\documents and settings\Darek\Dane
aplikacji\uTorrent
2009-03-17 21:04 --------- d-----w c:\documents and settings\Darek\Dane
aplikacji\Skype
2009-03-17 21:01 --------- d-----w c:\documents and settings\Darek\Dane
aplikacji\skypePM
2009-03-17 06:31 --------- d-----w c:\program files\Microsoft ActiveSync
2009-03-14 15:34 --------- d-----w c:\documents and settings\Darek\Dane
aplikacji\Vso
2009-03-08 10:22 --------- d-----w c:\program files\Soulseek
2009-02-24 20:57 --------- d-----w c:\documents and settings\All Users\Dane
aplikacji\Skype
2009-02-22 23:55 --------- d-----w c:\documents and settings\Darek\Dane
aplikacji\foobar2000
2009-02-22 10:44 --------- d-----w c:\program files\Magic Video Converter
2009-02-18 22:57 --------- d-----w c:\program files\foobar2000
2009-02-18 21:13 --------- d-----w c:\program files\MediaFACE II
2009-02-18 20:59 --------- d-----w c:\program files\ALLPlayer
2009-02-18 20:22 --------- d-----w c:\documents and settings\Darek\Dane
aplikacji\Moyea
2009-02-18 20:18 --------- d-----w c:\program files\Moyea
2009-02-18 20:08 --------- d-----w c:\program files\FLVPlayer
2009-02-18 20:04 --------- d-----w c:\program files\Smallvideosoft
2009-02-10 20:58 --------- d-----w c:\program files\Yahoo!
2009-02-09 14:20 --------- d-----w c:\program files\eSkiMoS R2
2009-02-06 20:23 --------- d-----w c:\documents and settings\All Users\Dane
aplikacji\DVD Shrink
2008-11-30 13:23 47,360 ----a-w c:\documents and settings\Darek\Dane
aplikacji\pcouffin.sys
2007-04-04 20:40 221 ----a-w c:\program files\Common Files\max.kk
2006-06-24 06:48 32,768 ----a-r c:\windows\inf\UpdateUSB.exe
.
------- Sigcheck -------
2008-06-20 12:59 361600 ad978a1b783b5719720cff204b666c8e
c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
2009-03-23 19:26 360576 e7dfcffa380749b8626ad71e8f367dcb
c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe
jestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe"
[2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Six Engine"="c:\program files\ASUS\Six Engine\SixEngine.exe" [2008-05-14
5958656]
"Spamihilator"="c:\program files\Spamihilator\spamihilator.exe" [2008-12-23
1321984]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
[2008-11-10 136600]
"Look 'n' Stop"="c:\program files\Soft4Ever\looknstop\looknstop.exe"
[2008-12-28 512070]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"CTSysVol"="c:\program files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe"
[2002-10-29 49152]
"SBDrvDet"="c:\program files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03
45056]
"SpIDerNT"="c:\progra~1\DrWeb\spiderui.exe" [2008-10-23 197896]
"DrWebScheduler"="c:\program files\DrWeb\DRWEBSCD.EXE" [2008-05-06 283888]
"SpIDerMail"="c:\program files\DrWeb\spiderml.exe" [2008-06-10 501080]
"nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]
"CTHelper"="CTHELPER.EXE" [2008-06-27 c:\windows\system32\CtHelper.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
c:\documents and settings\Darek\Menu Start\Programy\Autostart\
Spyware Doctor Updater.exe [2008-10-30 29228]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft
Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^Darek^Menu
Start^Programy^Autostart^Express Assist Check.lnk]
path=c:\documents and settings\Darek\Menu Start\Programy\Autostart\Express
Assist Check.lnk
backup=c:\windows\pss\Express Assist Check.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\PDVD8LanguageShortcut
HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\RemoteControl8
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\Acronis Scheduler2 Service]
--a------ 2007-09-14 02:55 140568 c:\program files\Common
Files\Acronis\Schedule2\schedhlp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\AcronisTimounterMonitor]
--a------ 2007-09-14 03:02 905056 c:\program
files\Acronis\TrueImageHome\TimounterMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\Ad-Watch]
--a------ 2009-03-09 20:06 515416 c:\program
files\Lavasoft\Ad-Aware\AAWTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 c:\program files\Adobe\Reader
8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\ALLUpdate]
--a------ 2008-11-24 20:44 869888 c:\program files\ALLPlayer\ALLUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\CTDVDDET]
--a------ 2003-06-18 01:00 45056 c:\program
files\Creative\DVDAudio\CTDVDDET.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\EPSON Stylus DX7400 Series]
--a------ 2007-04-12 07:00 182272
c:\windows\system32\spool\drivers\w32x86\3\E_FATICDE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\LanguageShortcut]
--a------ 2006-04-13 11:09 49152 c:\program
files\CyberLink\PowerDVD\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 16:40 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\Nokia.PCSync]
--a------ 2008-06-17 16:00 1249280 c:\program files\Nokia\Nokia PC Suite
7\PcSync2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\NvCplDaemon]
--a------ 2008-10-07 13:33 13574144 c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\NvMediaCenter]
--a------ 2008-10-07 13:33 86016 c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC
Suite Tray]
--a------ 2008-08-11 08:31 1124352 c:\program files\Nokia\Nokia PC Suite
7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\RemoteControl]
--a------ 2005-12-07 22:57 30208 c:\program
files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\TrueImageMonitor.exe]
--a------ 2007-09-14 02:52 2595480 c:\program
files\Acronis\TrueImageHome\TrueImageMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\WinampAgent]
--a------ 2001-10-02 00:42 10752 c:\program files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupreg\nwiz]
--a------ 2008-10-07 13:33 1630208 c:\windows\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Soulseek\\slsk.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program
files\Microsoft
ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI
Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program
files\Microsoft
ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync
Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program
files\Microsoft
ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync
Application
"c:\\Program Files\\Spamihilator\\cdcc.exe"=
"c:\\Program Files\\Spamihilator\\dccproc.exe"=
"c:\\Program Files\\Spamihilator\\spamihilator.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-18 64160]
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [2008-07-22 151592]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-03-23
28544]
R1 lnsfw1;lnsfw1;c:\windows\system32\drivers\lnsfw1.sys [2008-12-28 77184]
R2 SPIDER;SpIDer Guard File System Monitor;c:\progra~1\DrWeb\spider.sys
[2009-03-24 268040]
R2 SPIDERNT;SpIDer Guard for Windows;c:\progra~1\DrWeb\spidernt.exe
[2009-03-24 197896]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys
[2008-06-27 99352]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys
[2008-06-27 555032]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys
[2008-06-27 566296]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113 PCI-E Ethernet
Controller;c:\windows\system32\drivers\l1e51x86.sys [2008-11-04 36864]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2008-06-27
99352]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2008-06-27
555032]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys
[2008-06-27 100888]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2008-06-27
100888]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2008-06-27
566296]
S3 FirebirdGuardianDefaultInstance;Firebird Guardian -
DefaultInstance;i:\firebird\Firebird_1_5\bin\fbguard.exe -s -->
i:\firebird\Firebird_1_5\bin\fbguard.exe -s [?]
S3 FirebirdServerDefaultInstance;Firebird Server -
DefaultInstance;i:\firebird\Firebird_1_5\bin\fbserver.exe -s -->
i:\firebird\Firebird_1_5\bin\fbserver.exe -s [?]
S3 KS-959;Kingsun KS-959 USB Infrared
Adapter;c:\windows\system32\drivers\ks-959.sys [2005-07-23 19034]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program
files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632]
S3 nmwcdnsu;Nokia USB Flashing Phone
Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-12-24 138112]
S3 nmwcdnsuc;Nokia USB Flashing
Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-12-24 8320]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware
Doctor\pctsAuxs.exe [2009-01-23 356920]
S3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys
[2008-11-04 178913]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{521142a4-c6ba-11dd-9b11-000000000000}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE
Shell32.DLL,ShellExec_RunDLL explore.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b08c2893-aa51-11dd-a53b-806d6172696f}]
\Shell\AutoRun\command - M:\setup.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed
components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Zawartość folderu 'Zaplanowane zadania'
2009-03-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 20:06]
2009-03-23 c:\windows\Tasks\Norton Security Scan for Darek.job
- c:\program files\Norton Security Scan\Nss.exe [2008-09-19 04:18]
.
- - - - USUNIĘTO PUSTE WPISY - - - -
Notify-efcbCSkj - efcbCSkj.dll
MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search &
Destroy\TeaTimer.exe
MSConfigStartUp-UVS11 Preload - e:\program files\Ulead Systems\Ulead
VideoStudio 11\uvPL.exe
MSConfigStartUp-Vidalia - c:\program files\Vidalia
Bundle\Vidalia\vidalia.exe
.
------- Skan uzupełniający -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Download with GetRight Pro - c:\program files\GetRight\GRdownload.htm
IE: E&ksport do programu Microsoft Excel -
c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Open with GetRight Pro Browser - c:\program files\GetRight\GRbrowse.htm
LSP: c:\windows\system32\DRWEBSP.DLL
FF - ProfilePath - c:\documents and settings\Darek\Dane
aplikacji\Mozilla\Firefox\Profiles\zx5x027r.default\
FF - prefs.js: browser.startup.homepage - www.google.pl
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPGetRt.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-03-24 10:00:22
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTHelper = CTHELPER.EXE?
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi
procesami ---------------------
- - - - - - - > 'lsass.exe'(1204)
c:\windows\system32\relog_ap.dll
c:\windows\system32\DRWEBSP.DLL
.
------------------------ Pozostałe uruchomione
procesy ------------------------
.
c:\windows\system32\savedump.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\documents and settings\Darek\Menu Start\Programy\Autostart\Spyware Doctor
Updater.exe
c:\windows\system32\CTSVCCDA.EXE
c:\documents and settings\All Users\Dane aplikacji\EPSON\EPW!3
SSRP\E_S40RP7.EXE
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\DrWeb\spidernt.exe
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wscntfy.exe
c:\program files\DrWeb\drwebupw.exe
.
**************************************************************************
.
Czas ukończenia: 2009-03-24 10:01:55 - komputer został uruchomiony ponownie
[Darek]
ComboFix-quarantined-files.txt 2009-03-24 09:01:52
Przed: 2 921 869 312 bajtów wolnych
Po: 4,011,827,200 bajtów wolnych
Pozdro
-- ---------------------- Negatyw negatyw001(małpa)o2.pl ----------------------Received on Tue Mar 24 10:10:03 2009
To archiwum zostało wygenerowane przez hypermail 2.1.8 : Tue 24 Mar 2009 - 10:51:08 MET