Nagrywarka w laptopie świruje

**Posty:** 145 · przez **membership** 15 Paź 2008, 14:49

Witam, posiadam Acera model Extensa 5220, od jakiegoś czasu z nagrywarką DVD dzieją dziwne rzeczy. Czasem, gdy za mocno zamknę nagrywarkę to komputer w momencie zaczyna się zwieszać, równo co 2 sekundy mam ścięcie wszystkiego. Nie pomaga nic innego jak reset, po czym komputer staje na ładowaniu biosu i czekam parę minut aż przeskoczy do ładowania systemu. Najlepsze w tym jest to, że po takim czymś nie mogę korzystać z nagrywarki bo laptop jej nie widzi. Po parokrotnym resetowaniu wszystko wraca do normy. Co mogło wysiąść?

**Posty:** 8001 · przez **Okocza** 15 Paź 2008, 20:21

membership, wrzuć loga z combofixa w tagi code

**Posty:** 145 · przez **membership** 16 Paź 2008, 10:04

Kod: Zaznacz wszystko: ComboFix 08-10-15.06 - User 2008-10-16 10:00:32.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.1526 [GMT 2:00] Uruchomiony z: C:\Documents and Settings\User\Pulpit\dl\ComboFix.exe * Utworzono nowy punkt przywracania * Resident AV is active [COLOR=RED][B]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/B][/COLOR] . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll C:\WINDOWS\system32\bbghsjcl.ini C:\WINDOWS\system32\effcappt.ini C:\WINDOWS\system32\egbkqfmf.ini C:\WINDOWS\system32\liowihwi.ini C:\WINDOWS\system32\rtrjnink.ini . ((((((((((((((((((((((((( Pliki utworzone od 2008-09-16 do 2008-10-16 ))))))))))))))))))))))))))))))) . 2008-10-10 00:24 . 2008-10-10 01:14 173,141,539 --a------ C:\Armin_van_Buuren_presents_-_A_State_of_Trance_Episode_373.mp3 2008-10-05 22:43 . 2008-10-06 21:09 <DIR> d-------- C:\Fast.Track.No.Limits.2008.PL.AC3.DVDRip.XviD-FoXTeaM 2008-10-05 22:42 . 2008-10-05 22:42 <DIR> d-------- C:\AutoMapa 5.1.1 FULL PL + POI.AM.2008.09.06 2008-10-05 20:46 . 2008-10-10 11:40 <DIR> d-------- C:\Justice 2008-10-04 22:18 . 2008-10-04 22:18 <DIR> d-------- C:\Program Files\Patience 2008-10-04 22:16 . 2008-04-13 22:15 32,128 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2008-10-04 22:16 . 2008-04-14 20:50 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2008-10-04 22:16 . 2008-04-14 19:50 14,720 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2008-10-04 22:16 . 2001-10-26 14:57 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-10-04 22:16 . 2008-04-13 22:15 10,368 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2008-10-03 22:02 . 2008-10-03 22:03 <DIR> d-------- C:\Documents and Settings\User\Dane aplikacji\Nowe Gadu-Gadu 2008-10-03 22:01 . 2008-10-14 10:16 <DIR> d-------- C:\Program Files\Nowe Gadu-Gadu 2008-10-02 23:01 . 2008-10-02 23:01 <DIR> d-------- C:\Program Files\PowerQuest 2008-10-01 10:07 . 2008-10-01 10:07 <DIR> d-------- C:\Program Files\Codemasters 2008-09-28 22:20 . 2008-09-28 22:20 <DIR> d-------- C:\Program Files\GSpot 2008-09-26 16:05 . 2008-10-07 23:17 <DIR> d-------- C:\Program Files\Internet Download Manager 2008-09-26 16:05 . 2008-10-11 11:03 <DIR> d-------- C:\Documents and Settings\User\Dane aplikacji\IDM 2008-09-26 16:05 . 2008-10-07 23:17 <DIR> d-------- C:\Documents and Settings\User\Dane aplikacji\DMCache 2008-09-26 15:07 . 2008-09-26 15:56 <DIR> d-------- C:\download 2008-09-26 14:43 . 2008-09-26 14:44 <DIR> d-------- C:\Documents and Settings\User\Dane aplikacji\Nod32Pass 2008-09-26 14:33 . 2008-09-26 14:33 <DIR> d-------- C:\Program Files\GoldWave 2008-09-26 12:39 . 2008-09-26 12:39 <DIR> d-------- C:\Downloads 2008-09-26 12:32 . 2008-09-28 12:08 <DIR> d-------- C:\Program Files\FlashGet 2008-09-23 10:09 . 2008-09-23 10:09 <DIR> d-------- C:\Program Files\Resco 2008-09-23 10:09 . 2006-12-08 12:23 90,112 --a------ C:\WINDOWS\RSetupCE.exe 2008-09-23 09:40 . 2008-09-23 09:40 <DIR> d-------- C:\Documents and Settings\User\WINDOWS 2008-09-23 09:35 . 2008-09-23 09:35 <DIR> d-------- C:\Program Files\PHM 2008-09-22 21:06 . 2008-09-22 21:06 6,312 --a------ C:\WINDOWS\gwpreset.ini 2008-09-22 21:06 . 2008-09-22 21:06 3,362 --a------ C:\WINDOWS\express.eqx 2008-09-22 21:06 . 2008-09-22 21:19 444 --a------ C:\WINDOWS\goldwave.ini 2008-09-22 13:11 . 2008-04-13 22:26 30,592 --a------ C:\WINDOWS\system32\drivers\rndismpx.sys 2008-09-22 13:11 . 2008-04-13 22:26 12,800 --a------ C:\WINDOWS\system32\drivers\usb8023x.sys 2008-09-22 13:10 . 2008-09-23 10:08 <DIR> d-------- C:\Program Files\Microsoft ActiveSync 2008-09-18 10:56 . 2008-09-18 10:56 <DIR> d-------- C:\Program Files\IrfanView . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-15 17:23 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\Tlen.pl 2008-10-15 12:57 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\Skype 2008-10-15 12:10 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\skypePM 2008-10-15 11:44 --------- d-----w C:\Program Files\Eraser 2008-10-13 21:10 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\uTorrent 2008-10-13 07:19 --------- d-----w C:\Program Files\NAPI-PROJEKT 2008-10-02 21:01 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-10-01 08:20 --------- d-----w C:\Program Files\GameSpy Arcade 2008-10-01 08:07 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-26 12:42 381,971 ----a-w C:\Documents and Settings\User\upd.exe 2008-09-17 19:40 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\PC Suite 2008-09-06 14:02 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\Nokia 2008-09-06 14:02 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\PC Suite 2008-09-06 13:59 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-09-06 13:59 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2008-09-06 13:57 --------- d-----w C:\Program Files\Nokia 2008-09-06 13:57 --------- d-----w C:\Program Files\DIFX 2008-09-06 13:57 --------- d-----w C:\Program Files\Common Files\PCSuite 2008-09-06 13:57 --------- d-----w C:\Program Files\Common Files\Nokia 2008-09-06 13:56 --------- d-----w C:\Program Files\PC Connectivity Solution 2008-09-06 13:56 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Installations 2008-09-05 13:43 --------- d-----w C:\Program Files\Championship Manager 01-02 2008-09-05 12:18 --------- d-----w C:\Program Files\Alcohol Soft 2008-09-02 21:26 --------- d-----w C:\Program Files\Hard Drive Inspector 2008-09-02 21:26 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\AltrixSoft 2008-09-01 15:49 --------- d-----w C:\Program Files\AutoMapa EU 2008-08-28 02:07 188,640 ----a-w C:\WINDOWS\system32\HDDSvc.exe 2008-08-27 10:20 --------- d-----w C:\Program Files\Tlen.pl 2008-08-27 09:30 --------- d-----w C:\Program Files\Skype 2008-08-27 09:30 --------- d-----w C:\Program Files\Common Files\Skype 2008-08-27 09:30 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Skype 2008-08-25 23:13 301,568 ----a-w C:\Documents and Settings\User\NOD32Pass.exe 2008-08-25 07:54 --------- d-----w C:\Program Files\3D Driving-School 2008-08-24 14:24 413,696 ----a-w C:\WINDOWS\system32\wrap_oal.dll 2008-08-24 14:24 110,592 ----a-w C:\WINDOWS\system32\OpenAL32.dll 2008-08-24 14:24 --------- d-----w C:\Program Files\Trials 2 Second Edition 2008-08-24 14:24 --------- d-----w C:\Program Files\OpenAL 2008-08-22 15:16 --------- d-----w C:\Program Files\DAEMON Tools Toolbar 2008-08-22 15:16 --------- d-----w C:\Program Files\DAEMON Tools Lite 2008-08-22 15:14 --------- d-----w C:\Program Files\ESET 2008-08-22 08:48 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-08-22 08:48 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\DAEMON Tools 2008-08-20 20:23 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\ESET 2008-08-20 20:22 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\ESET 2008-08-20 19:41 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware 2008-08-20 19:40 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\Malwarebytes 2008-08-20 19:40 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2008-08-19 21:39 --------- d-----w C:\Program Files\Real Alternative 2008-08-19 20:24 --------- d-----w C:\Program Files\Safari 2008-08-19 20:24 --------- d-----w C:\Program Files\Apple Software Update 2008-08-19 20:24 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\Apple Computer 2008-08-19 20:24 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Apple 2008-08-17 13:01 38,472 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-17 13:01 17,144 ----a-w C:\WINDOWS\system32\drivers\mbam.sys 2008-08-17 10:17 273,920 ----a-w C:\Documents and Settings\User\updater.exe 2008-08-06 10:46 176,128 ----a-w C:\WINDOWS\system32\UCI32M16.dll 2008-08-05 21:41 315,392 ----a-w C:\WINDOWS\HideWin.exe 2008-08-05 20:54 9,715,200 ----a-w C:\WINDOWS\RTLCPL.exe 2008-08-05 20:54 86,016 ----a-w C:\WINDOWS\SoundMan.exe 2008-08-05 20:54 69,632 ----a-w C:\WINDOWS\Alcmtr.exe 2008-08-05 20:54 520,192 ----a-w C:\WINDOWS\RtlExUpd.dll 2008-08-05 20:54 49,152 ----a-w C:\WINDOWS\system32\ChCfg.exe 2008-08-05 20:54 2,808,832 ----a-w C:\WINDOWS\alcwzrd.exe 2008-08-05 20:54 2,162,688 ----a-w C:\WINDOWS\MicCal.exe 2008-08-05 20:54 16,132,608 ----a-w C:\WINDOWS\RTHDCPL.exe 2008-08-05 20:54 1,826,816 ----a-w C:\WINDOWS\SkyTel.exe 2008-08-05 20:54 1,191,936 ----a-w C:\WINDOWS\RtlUpd.exe . ------- Sigcheck ------- 2007-07-10 19:06 642560 ce594e18fe0d0af804f1f3694921ce62 C:\WINDOWS\system32\user32.dll 2008-06-16 03:28 361344 030dc4d48cc2b894fee2f390d8e66ad5 C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-16 03:28 549888 335813eacd16e84f3047a3326f6e5473 C:\WINDOWS\system32\winlogon.exe 2008-07-07 23:43 2074240 0dbf1939df18ac8f8c1e4bd63d7d4b0f C:\WINDOWS\system32\ntkrnlpa.exe 2008-07-06 23:44 2197376 37d5daaeda594b9bee00c82f185cc549 C:\WINDOWS\system32\ntoskrnl.exe 2008-06-27 05:36 1424896 4ec7ed41d95d18b3cd1a2bd9dfefb591 C:\WINDOWS\explorer.exe 2008-06-16 03:28 112128 37ed43f3dec4400586554d61c3129478 C:\WINDOWS\system32\wuauclt.exe . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Eraser"="C:\Program Files\Eraser\eraser.exe" [2003-07-25 536576] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-08-12 21741864] "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-02-22 217544] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280] "PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-06-27 143360] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-06-27 163840] "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2008-06-27 135168] "AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2008-08-05 53248] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400] "WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [2003-04-02 12288] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-03-13 1443072] "NOD Pass"="C:\Program Files\ESET\Password Updater\Nod32PassLauncher.exe" [2008-09-26 20992] "ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-05-24 475136] "Boot"="C:\Acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] "nltide_3"="advpack.dll" [2008-06-16 C:\WINDOWS\system32\advpack.dll] C:\Documents and Settings\User\Menu Start\Programy\Autostart\ Alienware Dock.lnk - C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe [2008-08-06 2074360] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2008-08-23 45056] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableStatusMessages"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoDesktopCleanupWizard"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoResolveSearch"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoResolveSearch"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB] 2001-12-20 23:34 24576 C:\Program Files\AlienGUIse\fastload.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll schannel.dll digest.dll msnsspc.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] --a------ 2008-08-05 22:54 16132608 C:\WINDOWS\RTHDCPL.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Tlen.pl\\tlen.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service *Newly Created Service* - PROCEXP90 . Zawartość folderu 'Zaplanowane zadania' 2008-09-30 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57] . - - - - USUNIĘTO PUSTE WPISY - - - - HKLM-Run-BroadcomWireless - C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe HKLM-Run-HDInspector.exe - D:\dl\Hard Drive Inspector for Notebooks v2.100 . ------- Skan uzupełniający ------- . FireFox -: Profile - C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\8yli3liw.default\ FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-16 10:02:44 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . Czas ukończenia: 2008-10-16 10:03:28 ComboFix-quarantined-files.txt 2008-10-16 08:03:25 Przed: 1 269 223 424 bajtów wolnych Po: 1,990,795,264 bajtów wolnych 230

**Posty:** 8001 · przez **Okocza** 16 Paź 2008, 17:22

Wykonaj to co jest podane w tym temacie

Zastosuj SDFix . Po pobraniu uruchom go a rozpakuje się do C:\SDFix. Uruchom komputer w trybie awaryjnym (F8 przy stracie systemu). Będąc w awaryjnym uruchom plik RunThis.bat z folderu SDFixa. Zatwierdź czyszczenie przez Y. Poczekaj aż ukończy i komputer zresetuje

Potem wejdz do folderu C:\SDFix wrzuc zawartość pliku Report.txt + log z combofixa oraz daj loga z hijacka

**Posty:** 5637 · przez **kahoona** 16 Paź 2008, 21:12

membership, - to może być (i prawdopodobnie jest) problem sprzętowy : zwykła, niedociśnięta wtyczka (zasilania lub danych) lub zwarcie na obudowie nagrywarki. Ze wskazaniem na wtyczkę.

**Posty:** 145 · przez **membership** 12 Lis 2008, 00:24

A więc, sprawdzałem to z wtyczką. Wyjąłem nagrywarkę i ku mojemu zdumieniu blaszka która miała ją trzymać bez ruchu jakimś cudem nawaliła(tzn. cała blaszka która ma zapobiec odpięciu się nagrywarki jest wygięta i lata). Dam rade coś z tym zrobić? może wiecie gdzie kupie jakąś tanią nagrywarkę do tego złomu?

A druga sprawa, wykonałem to co mi poradziliście, poniżej log z SDfixa:

Kod: Zaznacz wszystko: [b]SDFix: Version 1.240 [/b] Run by User on 2008-11-11 at 23:14 Microsoft Windows XP [Wersja 5.1.2600] Running From: C:\SDFix [b]Checking Services [/b]: Restoring Default Security Values Restoring Default Hosts File Restoring Missing Security Center Service Rebooting [b]Checking Files [/b]: No Trojan Files Found Removing Temp Files [b]ADS Check [/b]: [b]Final Check [/b]: catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-11 23:18:57 Windows 5.1.2600 Dodatek Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000001 "ujdew"=hex:14,04,f5,76,e9,53,0a,25,89,0d,f0,b2,14,91,b6,2e,fc,82,e2,09,06,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools Lite\" "h0"=dword:00000000 "khjeh"=hex:bc,b3,17,f2,5c,69,7f,5f,9b,50,bd,09,c5,e1,d4,fd,0a,70,5a,2e,c4,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,f2,f5,49,5c,8a,6f,e0,9b,0e,97,49,e8,f2,db,2d,d6,44,.. "khjeh"=hex:08,ed,1a,3f,10,82,7b,55,9b,bc,1d,be,c4,81,14,e7,75,b2,84,48,2f,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:8f,ae,2d,ce,87,c9,c4,cc,de,43,60,91,e5,8b,d0,0b,b3,dc,4b,0b,6d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000001 "ujdew"=hex:14,04,f5,76,e9,53,0a,25,89,0d,f0,b2,14,91,b6,2e,fc,82,e2,09,06,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools Lite\" "h0"=dword:00000000 "khjeh"=hex:bc,b3,17,f2,5c,69,7f,5f,9b,50,bd,09,c5,e1,d4,fd,0a,70,5a,2e,c4,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,f2,f5,49,5c,8a,6f,e0,9b,0e,97,49,e8,f2,db,2d,d6,44,.. "khjeh"=hex:08,ed,1a,3f,10,82,7b,55,9b,bc,1d,be,c4,81,14,e7,75,b2,84,48,2f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:8f,ae,2d,ce,87,c9,c4,cc,de,43,60,91,e5,8b,d0,0b,b3,dc,4b,0b,6d,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 [b]Remaining Services [/b]: Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Tlen.pl\\tlen.exe"="C:\\Program Files\\Tlen.pl\\tlen.exe:*:Enabled:Komunikator Tlen.pl" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0" [b]Remaining Files [/b]: [b]Files with Hidden Attributes [/b]: Wed 24 Oct 2007 2,045 ...H. --- "C:\Documents and Settings\All Users\Dane aplikacji\whlb32g.dll" [b]Finished![/b]

Dodatkowo log z Combofixa:

Kod: Zaznacz wszystko: ComboFix 08-11-10.01 - User 2008-11-11 23:28:52.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.1449 [GMT 1:00] Uruchomiony z: c:\documents and settings\User\Pulpit\ComboFix.exe * Utworzono nowy punkt przywracania * Resident AV is active [COLOR=RED][B]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/B][/COLOR] . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Dane aplikacji\whlb32g.dll . ((((((((((((((((((((((((( Pliki utworzone od 2008-10-11 do 2008-11-11 ))))))))))))))))))))))))))))))) . 2008-11-11 23:13 . 2008-11-11 23:13 <DIR> d-------- c:\windows\ERUNT 2008-11-11 23:13 . 2008-11-11 23:13 642,560 --a------ c:\windows\system32\dllcache\user32.dll 2008-11-11 23:09 . 2008-11-11 23:19 <DIR> d-------- C:\SDFix 2008-11-11 15:40 . 2008-11-11 15:40 <DIR> d-------- c:\program files\MSN Messenger 2008-10-25 13:29 . 2008-10-25 13:35 <DIR> d-------- c:\program files\PhotoScape 2008-10-23 17:36 . 2008-10-23 17:36 <DIR> d-------- c:\program files\Google 2008-10-20 04:52 . 2001-08-17 18:56 7,552 --a------ c:\windows\system32\drivers\SONYPVU1.SYS 2008-10-20 04:52 . 2001-08-17 18:56 7,552 --a------ c:\windows\system32\dllcache\sonypvu1.sys 2008-10-17 16:22 . 2008-10-17 16:22 <DIR> d-------- c:\windows\system32\xircom 2008-10-17 16:22 . 2008-10-17 16:22 <DIR> d-------- c:\windows\system32\oobe 2008-10-17 16:22 . 2008-10-17 16:22 <DIR> d-------- c:\windows\srchasst 2008-10-17 16:22 . 2008-10-17 16:22 <DIR> d-------- c:\windows\msagent 2008-10-17 16:22 . 2008-10-17 16:22 <DIR> d-------- c:\program files\microsoft frontpage . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-11 22:27 --------- d-----w c:\documents and settings\User\Dane aplikacji\Skype 2008-11-11 22:09 --------- d-----w c:\program files\Eraser 2008-11-11 21:25 --------- d-----w c:\documents and settings\User\Dane aplikacji\skypePM 2008-11-08 15:35 --------- d-----w c:\documents and settings\User\Dane aplikacji\Tlen.pl 2008-11-02 04:09 --------- d-----w c:\program files\Nowe Gadu-Gadu 2008-10-13 21:10 --------- d-----w c:\documents and settings\User\Dane aplikacji\uTorrent 2008-10-13 07:19 --------- d-----w c:\program files\NAPI-PROJEKT 2008-10-11 09:03 --------- d-----w c:\documents and settings\User\Dane aplikacji\IDM 2008-10-07 21:17 --------- d-----w c:\program files\Internet Download Manager 2008-10-07 21:17 --------- d-----w c:\documents and settings\User\Dane aplikacji\DMCache 2008-10-04 20:18 --------- d-----w c:\program files\Patience 2008-10-03 20:03 --------- d-----w c:\documents and settings\User\Dane aplikacji\Nowe Gadu-Gadu 2008-10-02 21:01 --------- d-----w c:\program files\PowerQuest 2008-10-02 21:01 --------- d-----w c:\program files\Common Files\InstallShield 2008-10-01 08:20 --------- d-----w c:\program files\GameSpy Arcade 2008-10-01 08:07 --------- d--h--w c:\program files\InstallShield Installation Information 2008-10-01 08:07 --------- d-----w c:\program files\Codemasters 2008-09-28 20:20 --------- d-----w c:\program files\GSpot 2008-09-28 10:08 --------- d-----w c:\program files\FlashGet 2008-09-26 12:44 --------- d-----w c:\documents and settings\User\Dane aplikacji\Nod32Pass 2008-09-26 12:42 381,971 ----a-w c:\documents and settings\User\upd.exe 2008-09-26 12:33 --------- d-----w c:\program files\GoldWave 2008-09-23 08:09 --------- d-----w c:\program files\Resco 2008-09-23 08:08 --------- d-----w c:\program files\Microsoft ActiveSync 2008-09-23 07:35 --------- d-----w c:\program files\PHM 2008-09-18 08:56 --------- d-----w c:\program files\IrfanView 2008-09-17 19:40 --------- d-----w c:\documents and settings\User\Dane aplikacji\PC Suite 2008-08-28 02:07 188,640 ----a-w c:\windows\system32\HDDSvc.exe 2008-08-25 23:13 301,568 ----a-w c:\documents and settings\User\NOD32Pass.exe 2008-08-24 14:24 413,696 ----a-w c:\windows\system32\wrap_oal.dll 2008-08-24 14:24 110,592 ----a-w c:\windows\system32\OpenAL32.dll 2008-08-17 10:17 273,920 ----a-w c:\documents and settings\User\updater.exe . ------- Sigcheck ------- 2007-07-10 18:06 642560 ce594e18fe0d0af804f1f3694921ce62 c:\windows\system32\user32.dll 2008-11-11 23:13 642560 ce594e18fe0d0af804f1f3694921ce62 c:\windows\system32\dllcache\user32.dll 2008-06-16 02:28 361344 030dc4d48cc2b894fee2f390d8e66ad5 c:\windows\system32\drivers\tcpip.sys 2008-06-16 02:28 549888 335813eacd16e84f3047a3326f6e5473 c:\windows\system32\winlogon.exe 2008-07-07 22:43 2074240 0dbf1939df18ac8f8c1e4bd63d7d4b0f c:\windows\system32\ntkrnlpa.exe 2008-07-06 22:44 2197376 37d5daaeda594b9bee00c82f185cc549 c:\windows\system32\ntoskrnl.exe 2008-06-27 04:36 1424896 4ec7ed41d95d18b3cd1a2bd9dfefb591 c:\windows\explorer.exe 2008-06-16 02:28 112128 37ed43f3dec4400586554d61c3129478 c:\windows\system32\wuauclt.exe . ((((((((((((((((((((((((((((( snapshot@2008-10-16_10.03.13,15 ))))))))))))))))))))))))))))))))))))))))) . + 2008-10-04 19:16:46 1,887,080 ----a-w c:\windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe - 2005-10-20 18:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE + 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE + 2008-08-07 14:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX\ERDNT.EXE + 2008-11-11 22:13:12 4,448,256 ----a-w c:\windows\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT + 2008-11-11 22:13:12 212,992 ----a-w c:\windows\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat + 2008-08-07 14:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-11-11 22:13:11 4,448,256 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT + 2008-11-11 22:13:11 212,992 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat + 2008-11-11 14:40:55 22,798 ----a-r c:\windows\Installer\{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}\MsblIco.Exe - 2000-08-31 06:00:00 28,672 ----a-w c:\windows\NIRCMD.exe + 2000-08-31 07:00:00 28,672 ----a-w c:\windows\NIRCMD.exe - 2000-08-31 06:00:00 161,792 ----a-w c:\windows\SWREG.exe + 2000-08-31 07:00:00 161,792 ----a-w c:\windows\SWREG.exe + 2008-10-05 03:16:26 235,936 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10a.exe - 2008-03-25 03:21:18 2,889,088 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll + 2008-10-05 03:24:02 3,695,008 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll - 2008-03-25 03:21:20 218,496 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe + 2008-10-05 03:24:04 235,936 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe + 2008-10-27 03:39:57 89,102 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe - 2008-08-06 11:10:42 70,264 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe + 2008-11-07 14:32:26 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe - 2008-10-15 11:44:08 66,912 ----a-w c:\windows\system32\perfc009.dat + 2008-10-29 12:18:51 66,912 ----a-w c:\windows\system32\perfc009.dat - 2008-10-15 11:44:08 84,456 ----a-w c:\windows\system32\perfc015.dat + 2008-10-29 12:18:51 84,456 ----a-w c:\windows\system32\perfc015.dat - 2008-10-15 11:44:08 417,878 ----a-w c:\windows\system32\perfh009.dat + 2008-10-29 12:18:51 417,878 ----a-w c:\windows\system32\perfh009.dat - 2008-10-15 11:44:08 474,908 ----a-w c:\windows\system32\perfh015.dat + 2008-10-29 12:18:51 474,908 ----a-w c:\windows\system32\perfh015.dat + 2008-11-11 22:21:26 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_820.dat . -- Migawka wyzerowana -- . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Eraser"="c:\program files\Eraser\eraser.exe" [2003-07-25 536576] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-02-22 217544] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-08-12 21741864] "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-09-04 6856704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-27 143360] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-27 163840] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-27 135168] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2008-08-05 53248] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-03-13 1443072] "NOD Pass"="c:\program files\ESET\Password Updater\Nod32PassLauncher.exe" [2008-09-26 20992] "ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-05-24 475136] "Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] "nltide_3"="advpack.dll" [2008-06-16 c:\windows\system32\advpack.dll] c:\documents and settings\User\Menu Start\Programy\Autostart\ Alienware Dock.lnk - c:\program files\AlienGUIse\AlienwareDock\ObjectDock.exe [2008-08-06 2074360] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2008-08-23 45056] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableStatusMessages"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoResolveSearch"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoResolveSearch"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB] 2001-12-20 22:34 24576 c:\program files\AlienGUIse\fastload.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll schannel.dll digest.dll msnsspc.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] --a------ 2008-08-05 21:54 16132608 c:\windows\RTHDCPL.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Tlen.pl\\tlen.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service . Zawartość folderu 'Zaplanowane zadania' 2008-11-04 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57] . . ------- Skan uzupełniający ------- . FireFox -: Profile - c:\documents and settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\8yli3liw.default\ . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-11 23:29:46 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . Czas ukończenia: 2008-11-11 23:30:24 ComboFix-quarantined-files.txt 2008-11-11 22:30:14 ComboFix2.txt 2008-10-16 08:03:29 Przed: 4 271 882 240 bajtów wolnych Po: 4,268,994,560 bajtów wolnych 201