proszę o sprawdzenie loga z ComboFix'a - restart kompa

[pc1985]

Witam!
Proszę o sprawdzenie loga z ComboFix'a. Komp się restartuje po bluescreenie, w którym coś o pamięci jest... Niestety znika zbyt szybko, żeby przeczytać o co dokładnie chodzi. Złapałem jakiegoś syfa (amvo.exe) i teraz jest problem. Po wyłączeniu z autostarta komp się włącza. Skanowanie Pandą 2008 wykryło i wyleczyło 5 jakiś wirusów. Ręcznie usunąłem wszystko w rejestrze co dotyczyło amvo.exe. Poleciałem ComboFix'em i myslałem, że wszystko już w porządku, ale po podłączeniu pendrive'a znów restart więc znowu odpaliłem ComboFix'a, ale tym razem z podłączonym penem. Nie wiem czy to ma znaczenie, ale tak zrobiłem. Niestety mam tylko tego ostatniego loga...

ComboFix 08-02-18.1 - gosia 2008-02-18 19:24:52.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.494 [GMT 1:00]
Running from: C:\Documents and Settings\gosia\Pulpit\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-01-18 to 2008-02-18 )))))))))))))))))))))))))))))))
.

2008-02-18 18:37 . 2004-08-03 23:44 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-02-18 18:04 . 2008-02-18 18:31 <DIR> d-------- C:\Program Files\RegCleaner
2008-02-17 22:14 . 2008-02-17 22:14 8,627 --a------ C:\WINDOWS\system32\PAV_FOG.OPC
2008-02-17 22:02 . 2008-02-18 19:24 220,468 --a------ C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2008-02-17 22:02 . 2008-02-18 19:24 1,184 --a------ C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2008-02-17 21:51 . 2008-02-18 19:24 13,880 --a------ C:\WINDOWS\system32\drivers\COMFiltr.sys
2008-02-17 21:49 . 2008-02-17 21:49 <DIR> d-------- C:\Program Files\Panda Security
2008-02-17 21:49 . 2008-02-17 21:49 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Backup
2008-02-17 21:48 . 2007-07-12 13:49 178,872 --a------ C:\WINDOWS\system32\drivers\PavProc.sys
2008-02-17 21:48 . 2007-05-23 15:40 38,968 --a------ C:\WINDOWS\system32\drivers\ShlDrv51.sys
2008-02-17 21:09 . 2008-02-17 21:09 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\sentinel
2008-02-17 21:03 . 2008-02-17 21:48 <DIR> d-------- C:\Program Files\Common Files\Panda Software
2008-02-17 17:56 . 2004-08-04 00:44 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-02-17 17:56 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-02-17 17:56 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-02-17 17:56 . 2001-10-26 17:29 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-02-17 17:34 . 2008-02-17 17:34 <DIR> d-------- C:\WINDOWS\Sun
2008-02-17 17:32 . 2008-02-17 17:32 <DIR> d-------- C:\Program Files\Java
2008-02-17 17:32 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-17 17:31 . 2008-02-17 17:31 <DIR> d-------- C:\Program Files\Common Files\Java
2008-02-17 12:46 . 2008-02-17 12:46 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-02-17 12:46 . 2008-02-17 12:46 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-02-17 12:45 . 2008-02-17 12:45 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-02-17 12:45 . 2008-02-17 12:46 <DIR> d-------- C:\Program Files\Nokia
2008-02-17 12:15 . 2005-06-23 13:56 48,384 --------- C:\WINDOWS\system32\drivers\ser2pl.sys
2008-02-17 11:18 . 2008-02-17 11:18 104,946 -r-hs---- C:\0hct8ybw.bat
2008-02-17 09:53 . 2008-02-17 14:29 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-02-16 23:23 . 2008-02-16 23:23 26 --a------ C:\WINDOWS\system32\cvmpeg32.cfg
2008-02-16 23:21 . 2008-02-16 23:21 <DIR> d-------- C:\Program Files\NetLook
2008-02-16 23:21 . 2008-02-16 23:21 62 --a------ C:\WINDOWS\system32\mscomdb32.dat
2008-02-16 22:57 . 2008-02-17 17:34 1,279 --a------ C:\WINDOWS\mozver.dat
2008-02-16 20:11 . 2008-02-17 20:54 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Symantec
2008-02-16 20:10 . 2008-02-17 20:59 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-16 20:01 . 2008-02-16 20:01 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-16 18:59 . 2008-02-16 18:59 <DIR> d-------- C:\Documents and Settings\LocalService\Menu Start
2008-02-16 11:12 . 2008-02-16 11:12 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\AdobeUM
2008-02-16 11:04 . 2008-02-16 11:05 <DIR> d-------- C:\Program Files\Deutsch-Translator
2008-02-15 20:23 . 2008-02-15 20:23 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\Gadu-Gadu
2008-02-15 20:20 . 2008-02-17 12:48 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\Nokia
2008-02-15 20:20 . 2008-02-15 20:20 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
2008-02-15 20:19 . 2008-02-17 12:46 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-02-15 20:19 . 2008-02-15 20:19 <DIR> d-------- C:\Program Files\DIFX
2008-02-15 20:19 . 2008-02-17 12:48 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\PC Suite
2008-02-15 20:19 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-02-15 20:18 . 2008-02-16 19:56 <DIR> d-------- C:\Program Files\Screamer Radio
2008-02-15 20:18 . 2008-02-15 20:18 <DIR> d-------- C:\Program Files\MarBit
2008-02-15 20:18 . 2008-02-17 11:42 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Installations
2008-02-15 20:17 . 2008-02-16 19:14 <DIR> d-------- C:\Program Files\Gadu-Gadu
2008-02-15 20:17 . 2008-02-16 19:16 <DIR> d-------- C:\Documents and Settings\gosia\Gadu-Gadu
2008-02-15 20:15 . 2008-02-17 18:21 <DIR> d-------- C:\WINDOWS\system32\quicktime
2008-02-15 20:15 . 2008-02-17 18:19 <DIR> d-------- C:\Program Files\DivX
2008-02-15 20:14 . 2008-02-17 18:23 <DIR> d-------- C:\Program Files\ffdshow
2008-02-15 20:14 . 2008-02-15 20:14 <DIR> d-------- C:\Program Files\DirectShow Pack
2008-02-14 15:44 . 2001-10-26 16:57 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-02-14 15:44 . 2001-10-26 16:57 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-02-14 15:44 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-02-14 15:44 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-02-14 00:14 . 2008-02-14 00:14 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\ATI
2008-02-14 00:06 . 2008-02-14 00:11 <DIR> d-------- C:\Program Files\ATI Technologies
2008-02-13 23:59 . 2006-12-16 22:23 6,684,672 --a------ C:\WINDOWS\system32\atioglx1.dll
2008-02-13 23:59 . 2006-12-16 22:30 3,107,788 --a------ C:\WINDOWS\system32\ativvaxx.dat
2008-02-13 23:59 . 2006-12-16 22:41 307,200 --a------ C:\WINDOWS\system32\atiiiexx.dll
2008-02-13 23:59 . 2006-12-16 22:16 303,104 --a------ C:\WINDOWS\system32\ATIDEMGR.dll
2008-02-13 23:59 . 2006-12-16 22:17 241,664 --a------ C:\WINDOWS\system32\atikvmag.dll
2008-02-13 23:59 . 2006-12-16 22:44 26,112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2008-02-13 23:59 . 2006-12-16 22:16 17,408 --a------ C:\WINDOWS\system32\atitvo32.dll
2008-02-13 23:59 . 2006-11-21 18:48 6,973 --a------ C:\WINDOWS\system32\atifglpf.xml
2008-02-13 23:59 . 2006-08-23 18:26 2,096 --a------ C:\WINDOWS\system32\drivers\ativckxx.vp
2008-02-13 23:50 . 2007-01-08 04:55 3,107,788 -ra------ C:\WINDOWS\system32\atiumdva.dat
2008-02-13 23:25 . 2008-02-13 23:25 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\InstallShield
2008-02-13 23:25 . 2006-12-14 16:44 85,120 --a------ C:\WINDOWS\system32\drivers\Rtnicxp.sys
2008-02-13 21:29 . 2008-02-17 18:21 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-02-13 21:25 . 2006-11-06 12:47 11,245 -ra------ C:\WINDOWS\atiogl.xml
2008-02-13 21:18 . 2008-02-13 21:18 10 --a------ C:\WINDOWS\WININIT.INI
2008-02-13 20:44 . 2008-02-13 20:56 <DIR> d-------- C:\Program Files\Winamp
2008-02-13 20:44 . 2008-02-13 23:36 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\Winamp
2008-02-13 20:32 . 2008-02-13 20:32 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-02-13 20:01 . 2007-06-21 05:30 547,072 --a------ C:\WINDOWS\system32\drivers\ar5211.sys
2008-02-13 19:48 . 2006-08-23 18:27 655,842 --a------ C:\WINDOWS\system32\drivers\ativcaxx.cpa
2008-02-13 19:48 . 2006-12-16 23:08 38,944 --a------ C:\WINDOWS\system32\drivers\ativvpxx.vp
2008-02-13 19:48 . 2006-08-23 10:26 2,096 -ra------ C:\WINDOWS\system32\drivers\ativpkxx.vp
2008-02-13 19:48 . 2006-08-23 10:26 2,096 -ra------ C:\WINDOWS\system32\drivers\ativokxx.vp
2008-02-13 19:48 . 2006-08-23 10:26 2,096 -ra------ C:\WINDOWS\system32\drivers\ativdkxx.vp
2008-02-13 19:48 . 2006-08-23 18:27 929 --a------ C:\WINDOWS\system32\drivers\ativcaxx.vp
2008-02-13 19:46 . 2006-11-10 07:38 506,368 -ra------ C:\WINDOWS\system32\drivers\athr.sys
2008-02-13 19:06 . 2003-06-19 01:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-02-13 19:06 . 2008-02-13 19:06 421 --a------ C:\WINDOWS\ODBC.INI
2008-02-13 19:05 . 2008-02-13 19:05 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-02-13 19:05 . 2008-02-13 19:05 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-02-13 19:03 . 2008-02-13 19:03 <DIR> dr-h----- C:\MSOCache
2008-02-13 19:01 . 2008-02-13 19:02 <DIR> d-------- C:\Program Files\DAEMON Tools
2008-02-13 19:01 . 2008-02-13 19:01 223,128 --a------ C:\WINDOWS\system32\drivers\dtscsi.sys
2008-02-13 19:00 . 2008-02-13 19:00 642,560 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-02-13 19:00 . 2008-02-13 19:00 96,256 --a------ C:\WINDOWS\system32\drivers\sptd7341.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-18 18:24 220,468 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
2008-02-18 18:24 1,184 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
2008-02-17 20:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-16 19:05 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Trend Micro
2008-02-13 23:10 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-13 22:25 --------- d-----w C:\Program Files\Realtek
2008-02-13 17:59 --------- d-----w C:\Documents and Settings\gosia\Dane aplikacji\Ahead
2008-02-13 17:47 --------- d-----w C:\Documents and Settings\gosia\Dane aplikacji\CyberLink
2008-02-13 17:47 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\CyberLink
2008-02-13 17:45 --------- d-----w C:\Program Files\CyberLink
2008-02-13 17:44 --------- d-----w C:\Program Files\Joybook Screen Saver
2008-02-13 17:39 --------- d-----w C:\Program Files\Common Files\Ahead
2008-02-13 17:38 --------- d-----w C:\Program Files\Nero
2008-02-13 17:38 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
2008-02-13 17:35 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-13 17:32 --------- d-----w C:\Program Files\Atheros
2008-02-13 17:26 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-13 17:06 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-13 17:04 --------- d-----w C:\Program Files\Usługi online
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-07 01:08 662,016 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:42 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44 15360]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 08:03 16125440 C:\WINDOWS\RTHDCPL.exe]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 15:57 133016]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 09:12 90112]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"APVXDWIN"="C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.exe" [2007-07-23 18:30 406832]
"SCANINICIO"="C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe" [2007-07-11 15:17 27952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2007-02-15 20:02 50736 C:\WINDOWS\system32\avldr.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
--a------ 2007-05-10 15:36 2111176 C:\Program Files\Gadu-Gadu\gg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--a------ 2006-12-05 22:55 54832 C:\Program Files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
--a------ 2007-12-10 10:12 695808 C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 2006-11-23 15:10 56928 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2007-10-10 06:28 36352 C:\Program Files\Winamp\winampa.exe

R1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-05-11 09:33]
R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 09:33]
R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-05-11 09:33]
R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 11:39]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-05-11 09:33]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2007-05-23 15:40]
R1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 09:33]
R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 09:33]
R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys [2007-06-08 08:44]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 13:49]
R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys []
R3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-04-24 15:43]
R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys []
S3 athr;Atheros Extensible Wireless LAN device driver;C:\WINDOWS\system32\DRIVERS\athr.sys [2006-11-10 07:38]
S3 R300;R300;C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2007-01-08 05:16]
S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b8a47f8-da5d-11dc-9b79-001b24a347b5}]
\Shell\AutoRun\command - F:\3wcxx91.cmd
\Shell\explore\Command - F:\3wcxx91.cmd
\Shell\open\Command - F:\3wcxx91.cmd


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {E616A801-DF44-76CA-4CD7-F84E3D77B01A} /qb
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-18 19:25:56
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-18 19:26:20
ComboFix-quarantined-files.txt 2008-02-18 18:26:17
ComboFix2.txt 2008-02-18 18:06:54
.
2008-02-17 13:30:27 --- E O F ---

Bardzo proszę więc o sprawdzenie i odpowiedź co dalej (jeśli trzeba) z tym zrobić lub czy już to tak zostawić. I jeszcze co z penem, bo nie wiem czy można go używać (w sensie czy nie będzie zarażał)?

[murarz777]

przeskanuj pamięć tym programem jeżeli piszesz że wyskoczył bluescreen związany z pamięcią ram
http://www.instalki.pl/programy/downloa ... emTest.php

[pc1985]

Wytrwałem do ponad 300% przy ustawieniu "All unused RAM" i nie wykazało żadnych błedów...

[pp3088]

Wklej do Notatnika:

File::
C:\0hct8ybw.bat
C:\WINDOWS\SYSTEM32\avldr.dll

Registry::
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]

>>Plik>>Zapisz jako... >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe)
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe)
– podobnie jak na tym obrazku -->
(jeśli pojawi się pytanie "1 or 2" - to wpisz 1 i naciśnij ENTER) Ma się rozpocząć usuwanie. (i powstanie log)
Po restarcie usuń ręcznie folder C: \Qoobox.
Po tym nowy log z Combofix.

[pc1985]

Wklej do Notatnika:
...
Po restarcie usuń ręcznie folder C: \Qoobox.
Po tym nowy log z Combofix.

Zrobiłem tak jak napisane i otrzymałem takiego loga:

ComboFix 08-02-18.1 - gosia 2008-02-19 22:10:35.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.498 [GMT 1:00]
Running from: C:\Documents and Settings\gosia\Pulpit\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\0hct8ybw.bat
C:\WINDOWS\SYSTEM32\avldr.dll . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2008-01-19 to 2008-02-19 )))))))))))))))))))))))))))))))
.

2008-02-18 18:37 . 2004-08-03 23:44 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-02-18 18:04 . 2008-02-18 18:31 <DIR> d-------- C:\Program Files\RegCleaner
2008-02-17 22:14 . 2008-02-18 20:06 8,627 --a------ C:\WINDOWS\system32\PAV_FOG.OPC
2008-02-17 22:02 . 2008-02-19 22:09 222,640 --a------ C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2008-02-17 22:02 . 2008-02-19 22:09 1,184 --a------ C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2008-02-17 21:51 . 2008-02-19 22:08 13,880 --a------ C:\WINDOWS\system32\drivers\COMFiltr.sys
2008-02-17 21:49 . 2008-02-17 21:49 <DIR> d-------- C:\Program Files\Panda Security
2008-02-17 21:49 . 2008-02-17 21:49 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Backup
2008-02-17 21:48 . 2007-07-12 13:49 178,872 --a------ C:\WINDOWS\system32\drivers\PavProc.sys
2008-02-17 21:48 . 2007-05-23 15:40 38,968 --a------ C:\WINDOWS\system32\drivers\ShlDrv51.sys
2008-02-17 21:09 . 2008-02-17 21:09 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\sentinel
2008-02-17 21:03 . 2008-02-17 21:48 <DIR> d-------- C:\Program Files\Common Files\Panda Software
2008-02-17 17:56 . 2004-08-04 00:44 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-02-17 17:56 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-02-17 17:56 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-02-17 17:56 . 2001-10-26 17:29 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-02-17 17:34 . 2008-02-17 17:34 <DIR> d-------- C:\WINDOWS\Sun
2008-02-17 17:32 . 2008-02-17 17:32 <DIR> d-------- C:\Program Files\Java
2008-02-17 17:32 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-17 17:31 . 2008-02-17 17:31 <DIR> d-------- C:\Program Files\Common Files\Java
2008-02-17 12:46 . 2008-02-17 12:46 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-02-17 12:46 . 2008-02-17 12:46 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-02-17 12:45 . 2008-02-17 12:45 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-02-17 12:45 . 2008-02-17 12:46 <DIR> d-------- C:\Program Files\Nokia
2008-02-17 12:15 . 2005-06-23 13:56 48,384 --------- C:\WINDOWS\system32\drivers\ser2pl.sys
2008-02-17 09:53 . 2008-02-17 14:29 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-02-16 23:23 . 2008-02-16 23:23 26 --a------ C:\WINDOWS\system32\cvmpeg32.cfg
2008-02-16 23:21 . 2008-02-16 23:21 <DIR> d-------- C:\Program Files\NetLook
2008-02-16 23:21 . 2008-02-16 23:21 62 --a------ C:\WINDOWS\system32\mscomdb32.dat
2008-02-16 22:57 . 2008-02-17 17:34 1,279 --a------ C:\WINDOWS\mozver.dat
2008-02-16 20:11 . 2008-02-17 20:54 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Symantec
2008-02-16 20:10 . 2008-02-17 20:59 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-16 20:01 . 2008-02-16 20:01 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-16 18:59 . 2008-02-16 18:59 <DIR> d-------- C:\Documents and Settings\LocalService\Menu Start
2008-02-16 11:12 . 2008-02-16 11:12 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\AdobeUM
2008-02-16 11:04 . 2008-02-16 11:05 <DIR> d-------- C:\Program Files\Deutsch-Translator
2008-02-15 20:23 . 2008-02-15 20:23 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\Gadu-Gadu
2008-02-15 20:20 . 2008-02-17 12:48 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\Nokia
2008-02-15 20:20 . 2008-02-15 20:20 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
2008-02-15 20:19 . 2008-02-17 12:46 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-02-15 20:19 . 2008-02-15 20:19 <DIR> d-------- C:\Program Files\DIFX
2008-02-15 20:19 . 2008-02-17 12:48 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\PC Suite
2008-02-15 20:19 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-02-15 20:18 . 2008-02-16 19:56 <DIR> d-------- C:\Program Files\Screamer Radio
2008-02-15 20:18 . 2008-02-15 20:18 <DIR> d-------- C:\Program Files\MarBit
2008-02-15 20:18 . 2008-02-17 11:42 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Installations
2008-02-15 20:17 . 2008-02-16 19:14 <DIR> d-------- C:\Program Files\Gadu-Gadu
2008-02-15 20:17 . 2008-02-16 19:16 <DIR> d-------- C:\Documents and Settings\gosia\Gadu-Gadu
2008-02-15 20:15 . 2008-02-17 18:21 <DIR> d-------- C:\WINDOWS\system32\quicktime
2008-02-15 20:15 . 2008-02-17 18:19 <DIR> d-------- C:\Program Files\DivX
2008-02-15 20:14 . 2008-02-17 18:23 <DIR> d-------- C:\Program Files\ffdshow
2008-02-15 20:14 . 2008-02-15 20:14 <DIR> d-------- C:\Program Files\DirectShow Pack
2008-02-14 15:44 . 2001-10-26 16:57 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-02-14 15:44 . 2001-10-26 16:57 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-02-14 15:44 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-02-14 15:44 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-02-14 00:14 . 2008-02-14 00:14 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\ATI
2008-02-14 00:06 . 2008-02-14 00:11 <DIR> d-------- C:\Program Files\ATI Technologies
2008-02-13 23:59 . 2006-12-16 22:23 6,684,672 --a------ C:\WINDOWS\system32\atioglx1.dll
2008-02-13 23:59 . 2006-12-16 22:30 3,107,788 --a------ C:\WINDOWS\system32\ativvaxx.dat
2008-02-13 23:59 . 2006-12-16 22:41 307,200 --a------ C:\WINDOWS\system32\atiiiexx.dll
2008-02-13 23:59 . 2006-12-16 22:16 303,104 --a------ C:\WINDOWS\system32\ATIDEMGR.dll
2008-02-13 23:59 . 2006-12-16 22:17 241,664 --a------ C:\WINDOWS\system32\atikvmag.dll
2008-02-13 23:59 . 2006-12-16 22:44 26,112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2008-02-13 23:59 . 2006-12-16 22:16 17,408 --a------ C:\WINDOWS\system32\atitvo32.dll
2008-02-13 23:59 . 2006-11-21 18:48 6,973 --a------ C:\WINDOWS\system32\atifglpf.xml
2008-02-13 23:59 . 2006-08-23 18:26 2,096 --a------ C:\WINDOWS\system32\drivers\ativckxx.vp
2008-02-13 23:50 . 2007-01-08 04:55 3,107,788 -ra------ C:\WINDOWS\system32\atiumdva.dat
2008-02-13 23:25 . 2008-02-13 23:25 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\InstallShield
2008-02-13 23:25 . 2006-12-14 16:44 85,120 --a------ C:\WINDOWS\system32\drivers\Rtnicxp.sys
2008-02-13 21:29 . 2008-02-17 18:21 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-02-13 21:25 . 2006-11-06 12:47 11,245 -ra------ C:\WINDOWS\atiogl.xml
2008-02-13 21:18 . 2008-02-13 21:18 10 --a------ C:\WINDOWS\WININIT.INI
2008-02-13 20:44 . 2008-02-13 20:56 <DIR> d-------- C:\Program Files\Winamp
2008-02-13 20:44 . 2008-02-13 23:36 <DIR> d-------- C:\Documents and Settings\gosia\Dane aplikacji\Winamp
2008-02-13 20:32 . 2008-02-13 20:32 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-02-13 20:01 . 2007-06-21 05:30 547,072 --a------ C:\WINDOWS\system32\drivers\ar5211.sys
2008-02-13 19:48 . 2006-08-23 18:27 655,842 --a------ C:\WINDOWS\system32\drivers\ativcaxx.cpa
2008-02-13 19:48 . 2006-12-16 23:08 38,944 --a------ C:\WINDOWS\system32\drivers\ativvpxx.vp
2008-02-13 19:48 . 2006-08-23 10:26 2,096 -ra------ C:\WINDOWS\system32\drivers\ativpkxx.vp
2008-02-13 19:48 . 2006-08-23 10:26 2,096 -ra------ C:\WINDOWS\system32\drivers\ativokxx.vp
2008-02-13 19:48 . 2006-08-23 10:26 2,096 -ra------ C:\WINDOWS\system32\drivers\ativdkxx.vp
2008-02-13 19:48 . 2006-08-23 18:27 929 --a------ C:\WINDOWS\system32\drivers\ativcaxx.vp
2008-02-13 19:46 . 2006-11-10 07:38 506,368 -ra------ C:\WINDOWS\system32\drivers\athr.sys
2008-02-13 19:06 . 2003-06-19 01:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-02-13 19:06 . 2008-02-13 19:06 421 --a------ C:\WINDOWS\ODBC.INI
2008-02-13 19:05 . 2008-02-13 19:05 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-02-13 19:05 . 2008-02-13 19:05 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-02-13 19:03 . 2008-02-13 19:03 <DIR> dr-h----- C:\MSOCache
2008-02-13 19:01 . 2008-02-13 19:02 <DIR> d-------- C:\Program Files\DAEMON Tools
2008-02-13 19:01 . 2008-02-13 19:01 223,128 --a------ C:\WINDOWS\system32\drivers\dtscsi.sys
2008-02-13 19:00 . 2008-02-13 19:00 642,560 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-02-13 19:00 . 2008-02-13 19:00 96,256 --a------ C:\WINDOWS\system32\drivers\sptd7341.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-19 21:09 222,640 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
2008-02-19 21:09 1,184 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
2008-02-17 20:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-16 19:05 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Trend Micro
2008-02-13 23:10 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-13 22:25 --------- d-----w C:\Program Files\Realtek
2008-02-13 17:59 --------- d-----w C:\Documents and Settings\gosia\Dane aplikacji\Ahead
2008-02-13 17:47 --------- d-----w C:\Documents and Settings\gosia\Dane aplikacji\CyberLink
2008-02-13 17:47 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\CyberLink
2008-02-13 17:45 --------- d-----w C:\Program Files\CyberLink
2008-02-13 17:44 --------- d-----w C:\Program Files\Joybook Screen Saver
2008-02-13 17:39 --------- d-----w C:\Program Files\Common Files\Ahead
2008-02-13 17:38 --------- d-----w C:\Program Files\Nero
2008-02-13 17:38 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
2008-02-13 17:35 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-13 17:32 --------- d-----w C:\Program Files\Atheros
2008-02-13 17:26 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-13 17:06 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-13 17:04 --------- d-----w C:\Program Files\Usługi online
2007-12-07 01:08 662,016 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:42 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44 15360]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 08:03 16125440 C:\WINDOWS\RTHDCPL.exe]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 15:57 133016]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 09:12 90112]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2007-02-15 20:02 50736 C:\WINDOWS\system32\avldr.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
--a------ 2007-05-10 15:36 2111176 C:\Program Files\Gadu-Gadu\gg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--a------ 2006-12-05 22:55 54832 C:\Program Files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
--a------ 2007-12-10 10:12 695808 C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 2006-11-23 15:10 56928 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2007-10-10 06:28 36352 C:\Program Files\Winamp\winampa.exe

R1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-05-11 09:33]
R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 09:33]
R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-05-11 09:33]
R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 11:39]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-05-11 09:33]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2007-05-23 15:40]
R1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 09:33]
R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 09:33]
R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys [2007-06-08 08:44]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 13:49]
R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys []
R3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-04-24 15:43]
R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys []
S3 athr;Atheros Extensible Wireless LAN device driver;C:\WINDOWS\system32\DRIVERS\athr.sys [2006-11-10 07:38]
S3 R300;R300;C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2007-01-08 05:16]
S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b8a47f8-da5d-11dc-9b79-001b24a347b5}]
\Shell\AutoRun\command - F:\3wcxx91.cmd
\Shell\explore\Command - F:\3wcxx91.cmd
\Shell\open\Command - F:\3wcxx91.cmd


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {E616A801-DF44-76CA-4CD7-F84E3D77B01A} /qb
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-19 22:11:24
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-19 22:11:47
ComboFix-quarantined-files.txt 2008-02-19 21:11:44
ComboFix2.txt 2008-02-18 18:26:21
ComboFix3.txt 2008-02-18 18:06:54
.
2008-02-17 13:30:27 --- E O F ---

Czy teraz będzie dobrze?

[pp3088]

Startujesz do awaryjnego i usuwasz ręcznie C:\WINDOWS\SYSTEM32\avldr.dll

start>>uruchom>>regedit>>ctrl+f>>wklejasz mountpoints2 i usuwasz jak znajdziesz taki klucz:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b8a47f8-da5d-11dc-9b79-001b24a347b5}]

[pc1985]

Ogromne dzięki za pomoc w rozwiązaniu problemu. Mam nadzieję, że teraz już wszystko będzie ok. Obyście sami nie mieli problemów z Waszymi kompami Pozdrowienia