niestety jak przeciagam plik do ComboFixa wlacza sie notatnik i nic sie nie dzieje…
Sprobowalem uruchomic samego Combofixa aby wywalil mi jakies smiecie (pliki .exe uruchamiam metoda “uruchom jako” - tylko w ten sposob moge je wlaczyc)
ponizej wklejam loga z programu moze cos na nim zobaczycie:
– Dodane 17.06.2009 (Śr) 22:27 –
ComboFix 09-06-16.05 - MasterAdmin 2009-06-17 22:16.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.511.226 [GMT 2:00]
Uruchomiony z: c:\documents and settings\MasterAdmin\Pulpit\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\b716d26c.sys
c:\windows\system32\hattric
c:\documents and settings\MasterAdmin\Dane aplikacji\wiaserva.log
c:\windows\system32\IcyTowerv10.exe
.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_b716d26c
((((((((((((((((((((((((( Pliki utworzone od 2009-05-17 do 2009-06-17 )))))))))))))))))))))))))))))))
.
2009-06-16 11:37 . 2009-06-16 11:38 -------- d-----w- c:\windows\system32\Adobe
2009-06-16 11:37 . 2009-06-16 11:38 681 ----a-w- c:\windows\mozver.dat
2009-06-14 19:57 . 2009-06-14 19:57 225 ----a-w- c:\documents and settings\MasterAdmin\plik.reg
2009-06-14 18:56 . 2009-06-14 18:56 225 ----a-w- c:\documents and settings\MasterAdmin.reg
2009-06-13 14:49 . 2009-06-13 14:49 -------- d-----w- c:\program files\Trend Micro
2009-06-06 06:46 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-06-06 06:46 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-06-06 06:46 . 2009-02-05 20:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-06-06 06:46 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-06-06 06:46 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-06-06 06:46 . 2009-02-05 20:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-06-06 06:46 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-06-06 06:46 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-06-06 06:46 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-05-29 16:12 . 2004-08-03 22:44 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-05-29 16:12 . 2004-08-03 22:44 21504 ----a-w- c:\windows\system32\dllcache\hidserv.dll
2009-05-27 08:21 . 2009-05-27 08:21 -------- d-----w- c:\program files\Password Spyer 2k
2009-05-27 08:20 . 2009-05-27 08:20 -------- d-----w- c:\program files\Password Solutions
2009-05-27 08:20 . 2009-05-27 08:20 -------- d-----w- c:\documents and settings\MasterAdmin\Dane aplikacji\Password Solutions
2009-05-26 20:36 . 2009-05-26 20:38 -------- d-----w- c:\documents and settings\MasterAdmin\Dane aplikacji\Passware
2009-05-26 20:36 . 2009-05-26 20:36 367686 ----a-r- c:\documents and settings\MasterAdmin\Dane aplikacji\Microsoft\Installer{F6E30EBA-2DFE-4793-BF0F-DB02F18B061F}\icon.exe
2009-05-26 20:24 . 2009-05-26 20:24 356352 ----a-w- c:\windows\eSellerateEngine.dll
2009-05-26 20:23 . 2009-05-26 20:28 -------- d-----w- c:\program files\Password Discovery
2009-05-26 20:18 . 2009-05-26 20:18 6518 ----a-r- c:\documents and settings\MasterAdmin\Dane aplikacji\Microsoft\Installer{0BB3FF9C-325E-40B8-A365-6337283F15BA}_5cb298.exe
2009-05-26 20:18 . 2009-05-26 20:18 6518 ----a-r- c:\documents and settings\MasterAdmin\Dane aplikacji\Microsoft\Installer{0BB3FF9C-325E-40B8-A365-6337283F15BA}_4d97265.exe
2009-05-26 20:18 . 2009-05-26 20:18 6518 ----a-r- c:\documents and settings\MasterAdmin\Dane aplikacji\Microsoft\Installer{0BB3FF9C-325E-40B8-A365-6337283F15BA}_28cc39ed.exe
2009-05-26 20:18 . 2009-05-26 20:18 -------- d-----w- c:\program files\XaviWare Password Recovery .MDB
2009-05-26 19:56 . 2009-05-26 20:36 -------- d-----w- c:\program files\Passware
2009-05-26 19:49 . 2009-05-26 20:05 -------- d-----w- c:\program files\SnadBoy’s Revelation v2
2009-05-26 14:42 . 2006-09-04 17:16 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2009-05-26 14:42 . 2006-09-04 17:16 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2009-05-22 14:23 . 2009-05-22 14:23 -------- d-----w- C:\csdos
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-15 17:43 . 2009-03-13 16:31 2226832 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2009-05-23 19:01 . 2009-01-08 13:47 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2009-05-22 15:08 . 2009-03-13 12:54 -------- d-----w- c:\program files\free-downloads.net
2009-05-21 20:40 . 2008-11-28 13:55 -------- d-----w- c:\documents and settings\MasterAdmin\Dane aplikacji\Skype
2009-05-21 19:40 . 2008-11-28 13:56 -------- d-----w- c:\documents and settings\MasterAdmin\Dane aplikacji\skypePM
2009-05-16 19:37 . 2009-01-31 16:29 -------- d—a-w- c:\documents and settings\All Users\Dane aplikacji\TEMP
2009-05-08 15:32 . 2009-05-08 15:29 -------- d-----w- c:\program files\NeoSmart Technologies
2009-05-08 11:14 . 2009-05-08 11:14 121882 ----a-w- c:\windows\Help\ECC.EXE
2009-05-06 17:19 . 2009-05-06 17:19 -------- d-----w- c:\program files\Robster Productions
2009-04-28 16:57 . 2009-04-27 16:34 -------- d-----w- c:\documents and settings\SpOLeM\Dane aplikacji\Nowe Gadu-Gadu
2009-04-28 12:28 . 2009-04-28 12:28 -------- d-----w- c:\documents and settings\SpOLeM\Dane aplikacji\Apple Computer
2009-04-27 16:27 . 2009-04-27 16:27 -------- d-----w- c:\documents and settings\SpOLeM\Dane aplikacji\Search Settings
2009-04-27 15:46 . 2009-04-27 15:46 74712 ----a-w- c:\documents and settings\SpOLeM\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-04-27 15:46 . 2009-04-27 15:46 131 ----a-w- c:\documents and settings\SpOLeM\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
2009-04-12 14:24 . 2001-10-26 20:15 86834 ----a-w- c:\windows\system32\perfc015.dat
2009-04-12 14:24 . 2001-10-26 20:15 495270 ----a-w- c:\windows\system32\perfh015.dat
2009-04-05 19:32 . 2009-04-05 19:32 691712 ----a-w- c:\windows\isRS-000.tmp
2009-03-22 16:38 . 2009-03-22 16:38 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2008-12-19 19:52 . 2008-11-28 11:52 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2008-12-19 19:52 . 2008-11-28 11:52 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-19 19:52 . 2008-11-28 11:52 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2008-12-19 19:52 . 2008-11-28 11:52 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2008-12-19 19:52 . 2008-11-28 11:52 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.
------- Sigcheck -------
[-] 2008-04-14 17:20 580096 A435C5C069AFD901751AC323AD238793 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\user32.dll
[-] 2007-07-10 13:06 642560 CE594E18FE0D0AF804F1F3694921CE62 c:\windows\system32\user32.dll
[-] 2009-01-27 19:55 642560 CE594E18FE0D0AF804F1F3694921CE62 c:\windows\system32\dllcache\user32.dll
[-] 2007-10-17 19:30 974848 16DF8A100E8966E48BA00C86F6C89972 c:\windows\explorer.exe
[-] 2008-04-14 17:21 1035264 C791ED9EAC5E76D9525E157B1D7A599A c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\explorer.exe
[-] 2008-04-14 17:20 1571840 A9ED600F08A92143253C10EDB5651ECF c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\sfcfiles.dll
[-] 2007-10-09 00:09 1548288 89878732D5EB0C845AD2356081142F2A c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE~\Browser Helper Objects{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
2009-05-26 20:31 2094616 ----a-w- c:\program files\ToggleEN\tbTog1.dll
[HKEY_LOCAL_MACHINE~\Browser Helper Objects{ecdee021-0d17-467f-a1ff-c7a115230949}]
2009-05-22 15:09 2094616 ----a-w- c:\program files\free-downloads.net\tbfre0.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“ctfmon.exe”=“c:\windows\system32\ctfmon.exe” [2004-08-04 15360]
“Gadu-Gadu”=“c:\program files\Gadu-Gadu\gg.exe” [2008-03-20 2127296]
“BitComet”=“c:\program files\BitComet\BitComet.exe” [2008-11-12 2511672]
“DAEMON Tools Lite”=“c:\program files\DAEMON Tools Lite\daemon.exe” [2008-12-29 687560]
“Skype”=“c:\program files\Skype\Phone\Skype.exe” [2008-11-18 21633320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2008-10-07 86016]
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2008-12-30 136600]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2008-10-07 13574144]
“Monitor”=“c:\windows\PixArt\PAC207\Monitor.exe” [2006-11-03 319488]
“HP Software Update”=“c:\program files\HP\HP Software Update\HPWuSchd2.exe” [2005-05-11 49152]
“NeroFilterCheck”=“c:\windows\system32\NeroCheck.exe” [2001-07-09 155648]
“QuickTime Task”=“c:\program files\QuickTime\QTTask.exe” [2009-01-05 413696]
“SearchSettings”=“c:\program files\Search Settings\SearchSettings.exe” [2008-06-12 991584]
“PowerS”=“c:\windows\PowerS.exe” [2001-08-03 159800]
“GrooveMonitor”=“c:\program files\Microsoft Office\Office12\GrooveMonitor.exe” [2006-10-26 31016]
“avast!”=“c:\progra~1\ALWILS~1\Avast4\ashDisp.exe” [2009-02-05 81000]
“iTunesHelper”=“c:\program files\iTunes\iTunesHelper.exe” [2009-01-06 290088]
“SoundMan”=“SOUNDMAN.EXE” - c:\windows\SOUNDMAN.EXE [2007-10-17 577536]
“nwiz”=“nwiz.exe” - c:\windows\system32\nwiz.exe [2006-11-17 1622016]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2004-08-04 15360]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
“nltide_2”=“shell32” [X]
“nltide_3”=“advpack.dll” - c:\windows\system32\advpack.dll [2008-12-20 124928]
c:\documents and settings\MasterAdmin\Menu Start\Programy\Autostart\
Tworzenie wycink˘w ekranu i uruchamianie programu OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
UniSpiker-2.6.lnk - c:\program files\ivo\UniSpiker-2.6\uni_spiker-2.6.exe [2006-3-6 86018]
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-5-17 661776]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]
HP Image Zone - szybkie uruchamianie.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-5-12 73728]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“DisableStatusMessages”= 1 (0x1)
[HKEY_USERS.default\software\microsoft\windows\currentversion\policies\explorer]
“NoSMMyPictures”= 1 (0x1)
“NoSMConfigurePrograms”= 1 (0x1)
“NoSMHelp”= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“%windir%\system32\sessmgr.exe”=
“c:\Program Files\BitComet\BitComet.exe”=
“c:\Program Files\Gadu-Gadu\gg.exe”=
“d:\Gry misada\metin2.bin”=
“d:\Gry misada\Game\TC2.exe”=
“c:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe”=
“c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE”=
“c:\Program Files\Microsoft Office\Office12\GROOVE.EXE”=
“c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE”=
“d:\Counter-Strike\hl.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqste08.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hposfx08.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hposid01.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe”=
“c:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe”=
“c:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpoews01.exe”=
“c:\Program Files\Motorola\Software Update\msu.exe”=
“c:\Program Files\Bonjour\mDNSResponder.exe”=
“c:\Program Files\iTunes\iTunes.exe”=
“c:\Program Files\Nowe Gadu-Gadu\gg.exe”=
“e:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe”=
“c:\Program Files\Skype\Phone\Skype.exe”=
“c:\Program Files\Password Solutions\Office Password Recovery PRO\OfficePasswordRecoveryPRO.exe”=
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“11605:TCP”= 11605:TCP:BitComet 11605 TCP
“11605:UDP”= 11605:UDP:BitComet 11605 UDP
“8461:TCP”= 8461:TCP:GoD High Port
“8462:TCP”= 8462:TCP:GoD Low Port
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-04-05 130424]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-06-06 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-06-06 20560]
R2 BT848;BtCap, WDM Video Capture;c:\windows\system32\drivers\BT848.SYS [2008-12-02 291768]
R2 BTTUNER;BtTuner, WDM TV Tuner;c:\windows\system32\drivers\BTTUNER.SYS [2008-12-02 21288]
R2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.SYS [2008-12-02 12568]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys --> c:\windows\system32\DRIVERS\motccgp.sys [?]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys --> c:\windows\system32\DRIVERS\motccgpfl.sys [?]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys --> c:\windows\system32\DRIVERS\motodrv.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-04-05 348752]
.
Zawartość folderu ‘Zaplanowane zadania’
2009-06-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-06-17 c:\windows\Tasks\User_Feed_Synchronization-{83AF7F50-30B4-421F-B802-B6B18F7D9395}.job
- c:\windows\system32\msfeedssync.exe [2007-10-08 23:35]
.
-
-
-
- USUNIĘTO PUSTE WPISY - - - -
HKCU-Run-Hattric - c:\windows\system32\hattric\smss.exe
HKCU-Run-1qaw3edr5 - c:\windows\system32\IcyTowerv10.exe
HKCU-Run-Steam - e:\nowy folder\Steam.exe
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKLM-Run-1qaw3edr5 - c:\windows\system32\IcyTowerv10.exe
HKLM-Explorer_Run-1qaw3edr5 - c:\windows\system32\IcyTowerv10.exe
.
------- Skan uzupełniający -------
.
mStart Page = hxxp://www.msn.com
uInternet Connection Wizard,ShellNext = hxxp://gg.hit.gemius.pl/hitredir/id=ogW … 04GGBANNER
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: pobierz wszystkie video za pomocą bitcomet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: pobierz wszystko za pomocą bitcomet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: pobierz za pomocą bitcomet - c:\program files\BitComet\BitComet.exe/AddLink.htm
Trusted Zone: mks.com.pl
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab
FF - ProfilePath -
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-17 22:23
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów …
skanowanie ukrytych wpisów autostartu …
skanowanie ukrytych plików …
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
c:\windows\system32\cscui.dll
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\stobject.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
c:\windows\system32\notepad.exe
.
**************************************************************************
.
Czas ukończenia: 2009-06-17 22:25 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2009-06-17 20:25
Przed: 2 686 459 904 bajtów wolnych
Po: 2 800 070 656 bajtów wolnych
276 — E O F — 2009-04-12 14:28