ComboFix 11-07-15.01 - Max 2011-07-15 13:49:58.5.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.2047.1606 [GMT 2:00] Uruchomiony z: c:\documents and settings\Max\Moje dokumenty\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\Max\USTAWI~1\Temp\sfamcc00001.dll c:\docume~1\Max\USTAWI~1\Temp\sfareca00001.dll c:\documents and settings\All Users\Dane aplikacji\hpe2A2.dll c:\documents and settings\Max\dat1.000 c:\documents and settings\Max\dat2.000 c:\documents and settings\Max\dat3.000 c:\documents and settings\Max\Moje dokumenty\cc_20110623_225043.reg c:\documents and settings\Max\Ustawienia lokalne\temp\sfamcc00001.dll c:\documents and settings\Max\Ustawienia lokalne\temp\sfareca00001.dll c:\documents and settings\Max\WINDOWS c:\windows\IsUn0415.exe . Zainfekowana kopia c:\windows\system32\ctfmon.exe została znaleziona. Problem naprawiono Plik odzyskano z - c:\windows\system32\ctfmon.exe.backup . . ((((((((((((((((((((((((( Pliki utworzone od 2011-06-15 do 2011-07-15 ))))))))))))))))))))))))))))))) . . 2011-07-15 10:33 . 2011-07-15 10:33 388096 ----a-r- c:\documents and settings\Max\Dane aplikacji\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-07-11 16:48 . 2011-07-11 16:48 -------- d-----w- c:\program files\Apple Software Update 2011-06-30 13:32 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-06-16 19:46 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-14 06:22 . 2009-08-08 20:12 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-07-14 06:22 . 2009-12-24 18:54 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr 2011-07-14 06:22 . 2009-08-08 20:12 271200 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-07-13 18:47 . 2009-08-08 20:12 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0 2011-07-04 11:43 . 2011-02-14 05:52 40112 ----a-w- c:\windows\avastSS.scr 2011-07-04 11:43 . 2011-02-14 05:52 199304 ----a-w- c:\windows\system32\aswBoot.exe 2011-07-04 11:36 . 2011-02-14 05:53 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-07-04 11:35 . 2011-02-14 05:53 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-07-04 11:35 . 2011-02-14 05:53 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-07-04 11:35 . 2011-02-14 05:53 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-07-04 11:32 . 2011-02-14 05:53 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-07-04 11:32 . 2011-02-14 05:53 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-07-04 11:32 . 2011-02-14 05:53 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-07-03 14:59 . 2011-05-13 04:33 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-06 11:35 . 2008-04-14 19:35 1859200 ----a-w- c:\windows\system32\win32k.sys 2011-05-17 08:23 . 2010-12-20 14:50 0 ----a-w- c:\windows\system32\ConduitEngine.tmp 2011-05-04 02:52 . 2010-05-11 17:51 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-04 00:25 . 2009-03-28 22:49 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-05-02 15:32 . 2009-03-28 13:26 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25 . 2008-04-14 20:50 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19 . 2008-04-13 22:47 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-26 11:07 . 2008-04-14 20:50 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-04-26 11:07 . 2008-04-14 20:50 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-04-25 16:05 . 2008-05-02 06:47 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:05 . 2008-03-01 14:02 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:05 . 2008-03-01 14:02 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2008-05-02 06:47 385024 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2008-04-13 22:47 105472 ----a-w- c:\windows\system32\drivers\mup.sys . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="i:\utorrent\uTorrent.exe" [2011-03-24 399736] "DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"="g:\programy\Winamp\winampa.exe" [2009-03-09 37888] "RivaTunerStartupDaemon"="g:\programy\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe" [2009-08-22 2781184] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192] "Ashampoo HDD Control Guard"="g:\programy\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe" [2010-11-01 4085080] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632] "CTHelper"="CTHELPER.EXE" [2010-03-18 19456] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] "nltide_3"="advpack.dll" [2009-03-08 128512] . c:\documents and settings\Max\Menu Start\Programy\Autostart\ Skr˘t do RefreshLock.lnk - i:\instalki\refreshlock\RefreshLock.exe [2010-5-21 193536] SpeedFan.lnk - g:\programy\SpeedFan\speedfan.exe [2009-11-25 4009592] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk * . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Max^Menu Start^Programy^Autostart^Hide IP Proxy Updater.exe] path=c:\documents and settings\Max\Menu Start\Programy\Autostart\Hide IP Proxy Updater.exe backup=c:\windows\pss\Hide IP Proxy Updater.exeStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad Muncher] 2010-11-15 08:07 534728 ----a-w- g:\programy\Ad Muncher\AdMunch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-01-11 20:16 39792 ----a-w- g:\programy\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] 2008-08-14 06:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR10] 2011-03-27 12:20 939272 ----a-w- c:\programy\ABBYY FineReader 10\Bonus.ScreenshotReader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2010-06-09 18:55 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OSSelectorReinstall] 2007-03-09 16:37 2223985 ----a-w- c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 ----a-w- g:\programy\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion] 2009-12-08 12:51 774144 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) "ose"=3 (0x3) "odserv"=3 (0x3) "Microsoft Office Groove Audit Service"=3 (0x3) "idsvc"=3 (0x3) "avast! Mail Scanner"=3 (0x3) "Ati HotKey Poller"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "i:\\uTorrent\\uTorrent.exe"= "e:\\Gry\\FEAR\\FEAR.exe"= "g:\\programy\\Corel\\DVD9\\WinDVD.exe"= "i:\\DC++\\DCPlusPlus.exe"= "g:\\programy\\Gadu-Gadu\\gg.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "g:\\programy\\Opera\\opera.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "g:\\programy\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "e:\\Gry\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "c:\\Program Files\\Xfire\\Xfire.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"= "c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"= "c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"= "c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "e:\\Gry\\Dune 2000 ENG\\DUNE2000.DAT"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"= "i:\\emule0.50a-Xtreme8.0(dobreprogramy.pl)\\eMule.exe"= "g:\\programy\\Gadu-Gadu 10\\gg.exe"= "g:\\programy\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "g:\\Gry 2\\FABLE III\\Fable3.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "20000:TCP"= 20000:TCP:dc "20000:UDP"= 20000:UDP:dcUDP "5353:TCP"= 5353:TCP:Adobe CSI CS4 "29773:TCP"= 29773:TCP:29773 TCP "29773:UDP"= 29773:UDP:29773 UDP . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2003-03-28 685816] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-06-30 441176] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-02-14 309848] R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-09-29 809736] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-02-14 19544] R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2011-05-31 90112] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032] R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2011-03-25 99416] R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2011-03-25 555096] R3 ctgame;Game Port;c:\windows\system32\drivers\ctgame.sys [2011-03-25 18904] R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2011-03-25 566360] S2 gupdate;Usługa Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-14 136176] S3 ALSysIO;ALSysIO;\??\c:\docume~1\Max\USTAWI~1\Temp\ALSysIO.sys --> c:\docume~1\Max\USTAWI~1\Temp\ALSysIO.sys [?] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys --> c:\windows\system32\drivers\Ambfilt.sys [?] S3 AmdTools;AMD Special Tools Driver;c:\windows\system32\DRIVERS\AmdTools.sys --> c:\windows\system32\DRIVERS\AmdTools.sys [?] S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2011-03-25 99416] S3 cpuz130;cpuz130;\??\c:\docume~1\Max\USTAWI~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Max\USTAWI~1\Temp\cpuz130\cpuz_x32.sys [?] S3 Creative Dolby Digital Live Pack Licensing Service;Creative Dolby Digital Live Pack Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\DDLLicensing.exe [2011-03-25 79360] S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2011-03-25 555096] S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2011-03-25 100952] S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2011-03-25 100952] S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2011-03-25 566360] S3 DfSdkS;Defragmentation-Service;g:\programy\Ashampoo\Ashampoo HDD Control\DfSdkS.exe [2010-11-11 406016] S3 gupdatem;Usługa Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-14 136176] S3 PortTalk;PortTalk;c:\windows\system32\drivers\PortTalk.sys [2010-10-28 3567] S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2010-08-29 89256] S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2010-08-29 86824] S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2010-08-29 15016] S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2010-08-29 114728] S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2010-08-29 106208] S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2010-08-29 26024] S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2010-08-29 104744] S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2010-08-29 109864] S3 SetupNTGLM7X;SetupNTGLM7X;\??\h:\ntglm7x.sys --> h:\NTGLM7X.sys [?] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Zawartość folderu 'Zaplanowane zadania' . 2011-07-14 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2011-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-14 08:09] . 2011-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-14 08:09] . . ------- Skan uzupełniający ------- . IE: E&ksportuj do programu Microsoft Excel - g:\programy\MICROS~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 FF - ProfilePath - c:\documents and settings\Max\Dane aplikacji\Mozilla\Firefox\Profiles\h0bxeag5.default\ FF - prefs.js: browser.search.selectedEngine - Wikipedia (pl) FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ . - - - - USUNIĘTO PUSTE WPISY - - - - . HKLM-Run-TaskTray - (no file) HKLM-Run-RTHDCPL - RTHDCPL.EXE AddRemove-Chłopaki Nie Płaczą - d:\torrent\GRY\CHNP\UNWISE.EXE AddRemove-Testy IQ - c:\windows\IsUn0415.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-07-15 14:00 Windows 5.1.2600 Dodatek Service Pack 3 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run CTHelper = CTHELPER.EXE? . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*] "OODEFRAG11.00.00.01WORKSTATION"="41752D22F22D011D5D81496D7EC66333FDA7B1E0075D05B9D1F3EBD1BEBB5EC14455311B1CF1E5656EB6909A58590B7322EA2D84FA6732E600EE0A027D56C7AA1DECDF22F594663AB7210D1C570E068203848CDB3FBD3FA07543026653111EE539935387B21F06B11A47D2D6F0AEA09A8F42FB00A8FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B98088EDD5E5BE2F6E667A6A0AC4980AC7933959EABBC8D3E6F51D406CFD6D785E187E14773E640814737D17747EE68D7B231AC2D96015640071F6D6BE741E7C4C59D592BFA7E8A88B54F25E70FD6CEA24D94E548FCF13A0B77C25B4A9AC1FE9021F97E8B7ADEEF69997A6797F169D048C51C05CA6C86750A9F471FC89A60A56E04872CF7E9BE64E2D824F01DCAAF74DF76547DF446BAB6CD6DFBEA6CEFA8D90516767160155CD3D56EFECEF2C936AD22CE10F9E8410AA2896672A3A3F32A0C230E3D929A1BF71BC8E8FEC177760FE9EF536656AF66F95216A28265BD5678213ABB9108DF70D50D65E9DE3EEC28D1864C193026339490D06F4EC7FE70992CF2DC7EEFFBCD5BBFEFFA281AECF98A15575C4D0C2EC37CD89D34A922715294604D46CA19CE65F801FCF8ED722AA820F8246DAD5B689425602E2988B2746171347151AC91930C396B6376196D85E7BC1DA6EC0FC501BBE5B9E9B6D462F2FDAFCA16013FA0110D5F52432E9BD3C48909A90EECD734DA376E7C2DE6885B096AA24E62F835D2C392038F347CFCB3604503467D2684D50B644043466CB48D0CD1EE677382D2F75BAF117E40E456DC0433F9A08CF2229CDA87B1AB7B18FE2B01BF12C8DA0AF1A43BDA4781640C56E59054936BC5D1D43D48C76AD983E49E2CA3A359A31EA0FEB0F9EA3B7C13BB40269B09485C29E5553483B06BF20BEC5FCBE0D2E6AF357B7CB8E4205357B2E2683C6C1965ABA8F5EC3D74B1832332EE22885C85B22A8E73FE9CF99A4D001E13BA08002D8B19ABEC7C5CB29D5A970CD15B266BD787D10A85AF80ECDD38E5A102B43007D52EE30C5976D68D2CE804A19B132B9A4B836AFCD14CCB25D6F57E7F0A699D658497531BEE6237837A7C1F6E78E46327C21ABAAF1E26ABBFD040426E287D7C340F64B11A055ACBCC8438A26238035D03071111E0D222118B7DA2AD987EAC3E3FAF05CAC11510265330904E61CE2FEC56450439407E39AE8A727BC09B53C4190886BE703A3EC41CB1C450E3C454C329F90D618AF2CEF8FBF5A881020A90A884C215A87A25C450C83C6C15AA57062C6C7DD36CDA921C83B7B87E39F86944CD3F5842B13F158D9E8AF738506CD8C0E75524EFBB052C5C0DDFF234803233A03FC9E4D699208FA52E029C1A47787E8A8D4962A0396ABFAEDFB8F5EF863ED5F91A68B80275" . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'winlogon.exe'(892) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . - - - - - - - > 'explorer.exe'(2448) c:\windows\system32\WININET.dll c:\windows\system32\msi.dll c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll c:\windows\system32\webcheck.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Creative\Shared Files\CTAudSvc.exe c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\RUNDLL32.EXE g:\programy\PerfectDisk10\PDAgent.exe c:\windows\system32\PnkBstrA.exe c:\program files\Common Files\Protexis\License Service\PsiService_2.exe g:\programy\PerfectDisk10\PDEngine.exe g:\programy\PerfectDisk10\PDAgentS1.exe g:\programy\PerfectDisk10\PerfectDisk.exe . ************************************************************************** . Czas ukończenia: 2011-07-15 14:09:24 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2011-07-15 12:09 ComboFix2.txt 2010-05-06 19:19 . Przed: 13 206 663 168 bajtów wolnych Po: 13 356 929 024 bajtów wolnych . WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 94A6FB2698A61A25A787419C3300877D