Pojawiają mi się jakieś komunikaty “potential spyware operation”, muli mi komputer, zmieniła mi się tapeta na taką z logo wirusa i napisem “your privacy is i danger” i nie mogę sobie z tym poradzić ani antywirusem (NOD32) bo niby znajduje, niektóre usuwa ale problem pozostaje. Oprócz noda skanowałem też “Spyware Doctorem” i też znajduje, usuwa a za chwilę znowu jest jakieś 10 - 20 spywarów. Widziałem, że mogą być pomocne logi z ComboFixa i HijackThis, więc załączam.
Logfile of HijackThis v1.99.1
Scan saved at 10:34:22, on 2007-07-01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Eset\nod32krn.exe
d:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\system32\PnkBstrA.exe
d:\Program Files\Spyware Doctor\svcntaux.exe
d:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Eset\nod32kui.exe
D:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
D:\Program Files\Gadu-Gadu\gg.exe
C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\NEOSTR~1\neostradatp.exe
C:\PROGRA~1\NEOSTR~1\ComComp.exe
C:\PROGRA~1\NEOSTR~1\Toaster.exe
C:\PROGRA~1\NEOSTR~1\Inactivity.exe
C:\PROGRA~1\NEOSTR~1\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\NEOSTR~1\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gomyron.com/NjU2NA==/2/3560/homepage/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: MSVPS System - {8E6CFDFE-79A8-421C-B854-04081690CE6B} - C:\WINDOWS\ddesupport.dll
O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM…\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM…\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM…\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe”
O4 - HKLM…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 - HKLM…\Run: [nod32kui] “C:\Program Files\Eset\nod32kui.exe” /WAITSERVICE
O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe
O4 - HKLM…\Run: [sDTray] “d:\Program Files\Spyware Doctor\SDTrayApp.exe”
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe”
O4 - HKCU…\Run: [Gadu-Gadu] “D:\Program Files\Gadu-Gadu\gg.exe” /tray
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Szybkie dostosowywanie programu Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - d:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O17 - HKLM\System\CCS\Services\Tcpip…{12AF1572-D32E-4244-9482-2C626D406AFE}: NameServer = 194.204.159.1 217.98.63.164
O21 - SSODL: msole - {82F122F0-C017-4785-B101-AAF42B77BCA2} - C:\WINDOWS\msole.dll
O21 - SSODL: msdde - {AF32457D-6ED5-44D0-A95F-4F0ED488BAEA} - C:\WINDOWS\msdde.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - d:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - d:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - d:\Program Files\Spyware Doctor\swdsvc.exe
i Combofix:
ComboFix 07-06-18.2 - G:\Obrazy pyt\ComboFix.exe
“Lopez” - 2007-07-01 10:07:04 - Dodatek Service Pack 2
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Program Files\install.log
C:\WINDOWS\system32\KB33669342.exe
C:\WINDOWS\system32\msxml3a.dll
C:\WINDOWS\system32\Yul39.sys
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\RpcApi
((((((((((((((((((((((((( Files Created from 2007-06-01 to 2007-07-01 )))))))))))))))))))))))))))))))
2007-07-01 10:05 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-30 10:40 13,573 --a------ C:\WINDOWS\system32\KB_963491.exe
2007-06-30 10:39 7,435 --a------ C:\sysopbd.exe
2007-06-30 09:45
2007-06-28 23:48 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-06-28 23:48
2007-06-28 23:08 83,456 --a------ C:\WINDOWS\msdde.dll
2007-06-28 23:08 76,800 --a------ C:\WINDOWS\msole.dll
2007-06-28 23:08 30,720 --a------ C:\WINDOWS\main_uninstaller.exe
2007-06-28 23:08 266,240 --a------ C:\WINDOWS\ddesupport.dll
2007-06-28 21:54
2007-06-25 22:13
2007-06-25 15:24
2007-06-25 15:21 909,824 --------- C:\WINDOWS\system32\qd3d.dll
2007-06-25 15:21 70,656 --------- C:\WINDOWS\system32\3dviewer.dll
2007-06-25 15:21 553,984 --------- C:\WINDOWS\system32\rave.dll
2007-06-25 15:21 39,095 --------- C:\WINDOWS\iccsigs.dat
2007-06-25 15:21 112,688 --------- C:\WINDOWS\system32\shw32.dll
2007-06-25 15:20 245,760 --------- C:\WINDOWS\system32\Sccomp91.dll
2007-06-25 15:20 225,280 --------- C:\WINDOWS\system32\Scint91.dll
2007-06-25 15:20 168,448 --------- C:\WINDOWS\system32\Awrtl30.dll
2007-06-25 15:20 110,592 --------- C:\WINDOWS\system32\Sccres91.dll
2007-06-25 15:20 100,864 --------- C:\WINDOWS\system32\awpe.dll
2007-06-25 15:20
2007-06-25 15:20
2007-06-25 15:18
2007-06-22 21:44
2007-06-22 21:43 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2007-06-22 21:43
2007-06-22 21:34
2007-06-22 21:26 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-06-22 21:20
2007-06-22 21:20
2007-06-22 21:19
2007-06-22 21:17
2007-06-22 21:12 40,960 --a------ C:\WINDOWS\system32\SSUBTMR6.DLL
2007-06-22 21:12 10,752 --a------ C:\WINDOWS\system32\aamd532.dll
2007-06-22 16:36
2007-06-21 20:28
2007-06-17 21:28
2007-06-16 22:21
2007-06-16 22:20 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2007-06-16 22:20 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2007-06-16 09:11 502,208 --a------ C:\WINDOWS\system32\drivers\amon.sys
2007-06-16 09:11 270,336 --a------ C:\WINDOWS\system32\imon.dll
2007-06-15 16:58
2007-06-14 19:40
2007-06-11 21:15 22,584 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-06-11 20:22 99,904 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-06-11 20:22 63,040 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-06-11 20:22
2007-06-11 19:49
2007-06-11 17:28
2007-06-11 17:21
2007-06-08 19:32 0 --a------ C:\WINDOWS\nsreg.dat
2007-06-08 19:03
2007-06-08 17:21 32,768 --a------ C:\WINDOWS\system32\WooDial2000.dll
2007-06-08 17:10 94,208 --a------ C:\WINDOWS\system32\W32n50.dll
2007-06-08 17:10 64,000 --a------ C:\WINDOWS\system32\drivers\e4ldr.sys
2007-06-08 17:10 50,007 --a------ C:\WINDOWS\system32\drivers\adildr.sys
2007-06-08 17:10 46,892 --a------ C:\WINDOWS\system32\ADADIX16.DLL
2007-06-08 17:10 4,981 --a------ C:\WINDOWS\system32\ADADIX2K.DLL
2007-06-08 17:10 24,576 --a------ C:\WINDOWS\enddisk32.exe
2007-06-08 17:10 22,395 --a------ C:\WINDOWS\system32\drivers\fpga.bin
2007-06-08 17:10 16,128 --------- C:\WINDOWS\system32\PCANDIS5.SYS
2007-06-08 17:10 155,648 --a------ C:\WINDOWS\system32\adadix32.dll
2007-06-08 17:10 152,220 --a------ C:\WINDOWS\system32\drivers\L1E4I2.BIN
2007-06-08 17:10 152,220 --a------ C:\WINDOWS\system32\drivers\L1E4I1.BIN
2007-06-08 17:10 152,220 --a------ C:\WINDOWS\system32\drivers\L1E4I0.BIN
2007-06-08 17:10 152,132 --a------ C:\WINDOWS\system32\drivers\L1E4P2.BIN
2007-06-08 17:10 152,132 --a------ C:\WINDOWS\system32\drivers\L1E4P1.BIN
2007-06-08 17:10 152,132 --a------ C:\WINDOWS\system32\drivers\L1E4P0.BIN
2007-06-08 17:10 152,126 --a------ C:\WINDOWS\system32\drivers\L1E9P2.BIN
2007-06-08 17:10 152,126 --a------ C:\WINDOWS\system32\drivers\L1E9P1.BIN
2007-06-08 17:10 152,126 --a------ C:\WINDOWS\system32\drivers\L1E9P0.BIN
2007-06-08 17:10 152,126 --a------ C:\WINDOWS\system32\drivers\L1E9I2.BIN
2007-06-08 17:10 152,126 --a------ C:\WINDOWS\system32\drivers\L1E9I1.BIN
2007-06-08 17:10 152,126 --a------ C:\WINDOWS\system32\drivers\L1E9I0.BIN
2007-06-08 17:10 152,036 --a------ C:\WINDOWS\system32\drivers\L1E4D2.BIN
2007-06-08 17:10 152,034 --a------ C:\WINDOWS\system32\drivers\L1E4D1.BIN
2007-06-08 17:10 152,034 --a------ C:\WINDOWS\system32\drivers\L1E4D0.BIN
2007-06-08 17:10 135,168 --a------ C:\WINDOWS\system32\unaddrv.exe
2007-06-08 17:10 127,456 --a------ C:\WINDOWS\system32\IPDETECT.EXE
2007-06-08 17:10 126,976 --a------ C:\WINDOWS\system32\coclassfast.dll
2007-06-08 17:10 126,489 --a------ C:\WINDOWS\system32\drivers\adiusbaw.sys
2007-06-08 17:10 116,992 --a------ C:\WINDOWS\system32\drivers\e4usbaw.sys
2007-06-08 17:10
2007-06-08 17:09
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-22 20:28:44 79,408 ----a-w C:\WINDOWS\system32\perfc015.dat
2007-06-22 20:28:44 458,022 ----a-w C:\WINDOWS\system32\perfh015.dat
2007-05-03 08:31:30 1,237 ----a-w C:\WINDOWS\unins000.dat
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-06 15:48:38 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=d:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 06:12]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{8E6CFDFE-79A8-421C-B854-04081690CE6B}=C:\WINDOWS\ddesupport.dll [2007-06-28 11:03]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“SoundMan”=“SOUNDMAN.EXE” [2004-07-27 17:01 C:\WINDOWS\soundman.exe]
“ATIPTA”=“C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe” [2005-02-22 21:05]
“Resume copy”=“copyfstq.exe” [2002-03-24 12:54 C:\WINDOWS\COPYFSTQ.EXE]
“REGSHAVE”=“C:\Program Files\REGSHAVE\REGSHAVE.exe” [2002-02-04 22:32]
“RemoteControl”=“C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” [2004-11-02 20:24]
“DAEMON Tools”=“C:\Program Files\DAEMON Tools\daemon.exe” [2006-09-14 21:09]
“nod32kui”=“C:\Program Files\Eset\nod32kui.exe” [2007-06-16 09:10]
“WOOWATCH”=“C:\PROGRA~1\NEOSTR~1\Watch.exe” [2004-08-23 14:49]
“WOOTASKBARICON”=“C:\PROGRA~1\NEOSTR~1\GestMaj.exe” [2004-10-14 16:55]
“SDTray”=“d:\Program Files\Spyware Doctor\SDTrayApp.exe” [2007-06-29 00:01]
“QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe” [2005-09-27 17:19]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe” [2005-10-28 16:25]
“Gadu-Gadu”=“D:\Program Files\Gadu-Gadu\gg.exe” [2007-05-10 16:36]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
“NoVisualStyleChoice”=0 (0x0)
“NoColorChoice”=0 (0x0)
“NoSizeChoice”=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
“NoRemoteRecursiveEvents”=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
“user32.dll”=C:\Program Files\Video ActiveX Access\iesmn.exe
“rare”=C:\Program Files\Video ActiveX Access\imsmain.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
“NoChangeKeyboardNavigationIndicators”=0 (0x0)
“NoSaveSettings”=0 (0x0)
“NoLowDiskSpaceChecks”=1 (0x1)
“NoSharedDocuments”=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= file:///C:\WINDOWS\privacy_danger\index.htm
FriendlyName= Privacy Protection
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
“{82F122F0-C017-4785-B101-AAF42B77BCA2}”=“C:\WINDOWS\msole.dll” [2007-06-28 11:03]
“{AF32457D-6ED5-44D0-A95F-4F0ED488BAEA}”=“C:\WINDOWS\msdde.dll” [2007-06-28 11:03]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DaemonTools_WhenUSave_Installer]
C:\Program Files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
“C:\Program Files\Messenger\msmsgs.exe” /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
“C:\Program Files\QuickTime\qttask.exe” -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
**************************************************************************
catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-01 10:11:40
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI
scanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0
**************************************************************************
Files hidden from API:
C:\WINDOWS\BĄbelki.bmp
C:\WINDOWS\Indiaäski pled.bmp
C:\WINDOWS\system32\Pokaľ kanay.scf
Completion time: 2007-07-01 10:14:32 - machine was rebooted
C:\ComboFix-quarantined-files.txt … 2007-07-01 10:13
— E O F —
Proszę bardzo o pomoc!