Mój problem polega na tym że każdy folder (oprócz dyskowych C,D …) nie otwiera się normalnie (podwójne kliknięcie) tylko pojawia się okienko “otwieranie za pomocą”… Czytałem na forach, szukałem w googlach ale sam sobie nie poradzę, potrzebuję pomocy. Mam tak już grubo ponad dwa miesiące. Aha i foldery mogę otwierać jedynie poprzez “ppm -> otwórz/eksploruj” . Czekam na wasze odpowiedzi.
Przeskanuj system programem antywirusowym np. AVG oraz Malwarebytes AntiMalware. Przed skanowanie zaktualizuj programy.
Daj logi z OTL’a. Opis masz tutaj jak wykonać log.
Chodzi o xp
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\Folder]
@="Folder"
"EditFlags"=hex:d2,03,00,00
"TileInfo"="prop:Size"
[HKEY_CLASSES_ROOT\Folder\DefaultIcon]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,68,00,\
65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,33,00,00,00
[HKEY_CLASSES_ROOT\Folder\shell]
[HKEY_CLASSES_ROOT\Folder\shell\explore]
"BrowserFlags"=dword:00000022
"ExplorerFlags"=dword:00000021
[HKEY_CLASSES_ROOT\Folder\shell\explore\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,45,00,78,00,70,00,6c,00,6f,00,72,00,65,00,72,00,2e,00,65,00,78,00,\
65,00,20,00,2f,00,65,00,2c,00,2f,00,69,00,64,00,6c,00,69,00,73,00,74,00,2c,\
00,25,00,49,00,2c,00,25,00,4c,00,00,00
[HKEY_CLASSES_ROOT\Folder\shell\explore\ddeexec]
@="[ExploreFolder(\"%l\", %I, %S)]"
"NoActivateHandler"=""
[HKEY_CLASSES_ROOT\Folder\shell\explore\ddeexec\application]
@="Folders"
[HKEY_CLASSES_ROOT\Folder\shell\explore\ddeexec\ifexec]
@="[]"
[HKEY_CLASSES_ROOT\Folder\shell\explore\ddeexec\topic]
@="AppProperties"
[HKEY_CLASSES_ROOT\Folder\shell\open]
"BrowserFlags"=dword:00000010
"ExplorerFlags"=dword:00000012
[HKEY_CLASSES_ROOT\Folder\shell\open\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,45,00,78,00,70,00,6c,00,6f,00,72,00,65,00,72,00,2e,00,65,00,78,00,\
65,00,20,00,2f,00,69,00,64,00,6c,00,69,00,73,00,74,00,2c,00,25,00,49,00,2c,\
00,25,00,4c,00,00,00
[HKEY_CLASSES_ROOT\Folder\shell\open\ddeexec]
@="[ViewFolder(\"%l\", %I, %S)]"
"NoActivateHandler"=""
[HKEY_CLASSES_ROOT\Folder\shell\open\ddeexec\application]
@="Folders"
[HKEY_CLASSES_ROOT\Folder\shell\open\ddeexec\ifexec]
@="[]"
[HKEY_CLASSES_ROOT\Folder\shell\open\ddeexec\topic]
@="AppProperties"
[HKEY_CLASSES_ROOT\Folder\shellex]
[HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers]
[HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}]
@=""
[HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}]
@=""
[HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}]
@=""
[HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}]
@=""
[HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers]
[HKEY_CLASSES_ROOT\Folder\shellex\DragDropHandlers]
[HKEY_CLASSES_ROOT\Folder\shellex\DragDropHandlers\{BD472F60-27FA-11cf-B8B4-444553540000}]
@=""
[HKEY_CLASSES_ROOT\Folder\shellex\PropertySheetHandlers]
skopiuj do notatnika ,zapisz jako .reg dodaj do rejestru ,wyloguj/zaloguj/ewentualnie restart
-- [b]Dodane 19.06.2010 (So) 0:09[/b] --
[2010-06-18 17:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010-06-17 22:08:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\muza
[2010-06-15 17:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Nieużywane skróty pulpitu
[2010-06-03 12:24:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Electronic_Arts_Inc
[2010-06-01 20:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\NETPLUS
[2010-05-28 16:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Criterion Games
[2010-05-25 18:50:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Side 9 Screensaver dir
[2010-05-23 17:09:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\SecuROM
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010-06-18 23:46:00 | 000,001,164 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-308236825-725345543-500UA.job
[2010-06-18 23:01:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010-06-18 19:46:02 | 000,001,112 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-308236825-725345543-500Core.job
[2010-06-18 17:07:56 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\KMPlayer.lnk
[2010-06-18 16:59:48 | 009,961,472 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010-06-18 13:47:41 | 061,169,358 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010-06-18 13:45:22 | 000,000,389 | ---- | M] () -- C:\WINDOWS\lgfwup.ini
[2010-06-18 13:45:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-18 13:44:51 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-06-18 13:44:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-06-18 01:20:13 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010-06-18 01:20:07 | 000,000,226 | ---- | M] () -- C:\WINDOWS\AWS.ini
[2010-06-17 00:04:25 | 000,028,351 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Karabin i karabinek Arisaka.docx
[2010-06-17 00:03:27 | 001,193,179 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\militaria.pptx
[2010-06-15 23:21:59 | 000,731,648 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\budowa kompa.ppt
[2010-06-15 23:04:05 | 001,840,303 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Bhutan angielski.pptx
[2010-06-15 22:22:22 | 000,621,261 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\budowa kompa.pptx
[2010-06-15 20:14:08 | 014,519,141 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Bhutanese Music - Tshe Ngyen Gi Lethro.flv
[2010-06-15 19:38:27 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-06-15 19:17:25 | 000,014,123 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\CURRICULUM VITAE - ciocia.docx
[2010-06-03 13:12:22 | 000,000,669 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\TmNations.lnk
[2010-05-30 16:51:40 | 000,000,395 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\YouChoob.xml
[2010-05-30 16:51:40 | 000,000,320 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\YouChoob-Stats.xml
[2010-05-30 14:46:28 | 000,454,043 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P210510_12.360002.JPG
[2010-05-30 14:46:12 | 000,289,817 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.140003.JPG
[2010-05-30 14:46:02 | 000,339,761 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.140004.JPG
[2010-05-30 14:45:50 | 000,320,787 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.140005.JPG
[2010-05-30 14:45:38 | 000,290,104 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.150001.JPG
[2010-05-30 14:45:28 | 000,243,658 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.140006.JPG
[2010-05-30 14:45:18 | 000,327,087 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.150002.JPG
[2010-05-30 14:45:06 | 000,264,863 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.150003.JPG
[2010-05-30 14:44:56 | 000,287,327 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_23.160001.JPG
[2010-05-30 14:44:46 | 000,198,593 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P230510_11.050001.JPG
[2010-05-30 14:44:38 | 000,333,086 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P230510_11.080001.JPG
[2010-05-30 14:44:24 | 000,342,231 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P230510_11.090001.JPG
[2010-05-30 14:44:10 | 000,426,483 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P230510_14.510001.JPG
[2010-05-30 14:43:56 | 000,427,524 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P230510_14.520001.JPG
[2010-05-30 14:43:40 | 000,302,401 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P230510_21.350001.JPG
[2010-05-30 14:43:28 | 000,250,435 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P270510_09.530001.JPG
[2010-05-30 14:43:18 | 000,254,035 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P270510_09.530002.JPG
[2010-05-30 14:43:06 | 000,291,075 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P270510_13.060001.JPG
[2010-05-30 14:42:54 | 000,390,174 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P270510_13.060002.JPG
[2010-05-29 19:33:21 | 000,379,044 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\angielski butan.pptx
[2010-05-28 22:09:30 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Gadu-Gadu 10.lnk
[2010-05-28 16:17:55 | 000,001,545 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Burnout(TM) Paradise The Ultimate Box.lnk
[2010-05-27 19:15:50 | 007,797,884 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\WOK Marcin Wyzynski.pptx
[2010-05-20 21:43:50 | 000,382,971 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.300001.JPG
[2010-05-20 21:43:36 | 000,347,638 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.300002.JPG
[2010-05-20 21:43:20 | 000,416,269 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.300003.JPG
[2010-05-20 21:43:04 | 000,289,816 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.310001.JPG
[2010-05-20 21:42:52 | 000,282,492 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.310002.JPG
[2010-05-20 21:42:40 | 000,288,014 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.310003.JPG
[2010-05-20 21:42:28 | 000,270,683 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.310004.JPG
[2010-05-20 21:42:16 | 000,288,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.310005.JPG
[2010-05-20 21:42:02 | 000,209,387 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.310006.JPG
[2010-05-20 14:24:41 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\Administrator\mswlcomm32.ini
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010-06-18 17:08:14 | 000,000,250 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010-06-17 00:04:25 | 000,028,351 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Karabin i karabinek Arisaka.docx
[2010-06-17 00:03:26 | 001,193,179 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\militaria.pptx
[2010-06-15 23:21:56 | 000,731,648 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\budowa kompa.ppt
[2010-06-15 23:04:04 | 001,840,303 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Bhutan angielski.pptx
[2010-06-15 22:22:21 | 000,621,261 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\budowa kompa.pptx
[2010-06-15 20:09:20 | 014,519,141 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Bhutanese Music - Tshe Ngyen Gi Lethro.flv
[2010-06-15 19:38:27 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-06-15 19:17:25 | 000,014,123 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\CURRICULUM VITAE - ciocia.docx
[2010-06-03 13:12:22 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\TmNations.lnk
[2010-05-31 20:33:29 | 002,946,834 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Obraz 274.jpg
[2010-05-30 14:51:07 | 000,289,817 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.140003.JPG
[2010-05-30 14:51:03 | 000,290,104 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.150001.JPG
[2010-05-30 14:51:02 | 000,339,761 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.140004.JPG
[2010-05-30 14:51:02 | 000,320,787 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.140005.JPG
[2010-05-30 14:51:02 | 000,243,658 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.140006.JPG
[2010-05-30 14:50:48 | 000,390,174 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P270510_13.060002.JPG
[2010-05-30 14:50:47 | 000,291,075 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P270510_13.060001.JPG
[2010-05-30 14:50:47 | 000,254,035 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P270510_09.530002.JPG
[2010-05-30 14:50:47 | 000,250,435 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P270510_09.530001.JPG
[2010-05-30 14:50:46 | 000,427,524 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P230510_14.520001.JPG
[2010-05-30 14:50:46 | 000,426,483 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P230510_14.510001.JPG
[2010-05-30 14:50:46 | 000,302,401 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P230510_21.350001.JPG
[2010-05-30 14:50:45 | 000,342,231 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P230510_11.090001.JPG
[2010-05-30 14:50:45 | 000,333,086 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P230510_11.080001.JPG
[2010-05-30 14:50:45 | 000,198,593 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P230510_11.050001.JPG
[2010-05-30 14:50:44 | 000,327,087 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.150002.JPG
[2010-05-30 14:50:44 | 000,287,327 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_23.160001.JPG
[2010-05-30 14:50:44 | 000,264,863 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P220510_21.150003.JPG
[2010-05-30 14:48:33 | 000,454,043 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P210510_12.360002.JPG
[2010-05-29 19:33:21 | 000,379,044 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\angielski butan.pptx
[2010-05-28 16:17:55 | 000,001,545 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Burnout(TM) Paradise The Ultimate Box.lnk
[2010-05-27 19:15:27 | 007,797,884 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\WOK Marcin Wyzynski.pptx
[2010-05-20 22:14:02 | 000,288,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.310005.JPG
[2010-05-20 22:14:02 | 000,270,683 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.310004.JPG
[2010-05-20 22:14:02 | 000,209,387 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.310006.JPG
[2010-05-20 22:14:01 | 000,288,014 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.310003.JPG
[2010-05-20 22:14:01 | 000,282,492 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.310002.JPG
[2010-05-20 22:14:00 | 000,416,269 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.300003.JPG
[2010-05-20 22:14:00 | 000,382,971 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.300001.JPG
[2010-05-20 22:14:00 | 000,347,638 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.300002.JPG
[2010-05-20 22:14:00 | 000,289,816 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\P200510_19.310001.JPG
[2010-04-05 12:42:02 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-11-24 23:41:42 | 000,000,120 | ---- | C] () -- C:\WINDOWS\disney.ini
[2009-11-11 21:44:24 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-11-10 22:43:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\VMPipe.dll
[2009-11-10 22:43:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\RunSetup.dll
[2009-10-29 22:22:23 | 000,010,108 | ---- | C] () -- C:\WINDOWS\hpdj3500.ini
[2009-09-26 03:10:05 | 000,000,226 | ---- | C] () -- C:\WINDOWS\AWS.ini
[2009-09-09 22:27:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-09-09 21:24:51 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2009-09-09 19:57:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-09-05 12:13:23 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-09-05 12:05:12 | 000,000,389 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2009-06-19 21:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[1997-06-14 03:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[color=#E56717]========== LOP Check ==========[/color]
[2009-09-07 20:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\AnvSoft
[2010-04-04 01:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Atari
[2009-11-22 01:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools
[2010-03-21 01:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite
[2010-03-27 17:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Pro
[2009-10-12 21:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Desktopicon
[2010-03-26 16:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\fizzy
[2010-01-29 01:05:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Flock
[2010-05-18 21:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10
[2010-02-28 15:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ipla
[2010-03-09 17:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IrfanView
[2010-04-05 00:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Lionhead Studios
[2010-05-11 14:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\NCH Swift Sound
[2009-09-09 22:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nokia
[2009-12-24 17:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nokia Multimedia Player
[2009-11-23 18:24:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu
[2009-10-17 22:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM
[2010-01-16 15:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2009-09-09 22:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PC Suite
[2009-12-27 16:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Red Alert 3
[2009-10-12 19:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Thinstall
[2009-12-12 22:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Touchstone
[2010-03-21 01:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Ubisoft
[2010-04-07 19:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ViGlance
[2010-04-07 19:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ViSplore
[2010-04-07 19:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ViStart
[2009-12-27 00:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2DBoy
[2010-04-18 20:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar
[2010-04-04 23:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BioWare
[2010-03-18 22:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-03-27 17:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Pro
[2010-06-03 12:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-02-25 16:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2009-09-09 21:54:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-02-25 17:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-04-03 18:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2010-05-11 14:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound
[2010-03-20 23:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-19 23:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-01-06 19:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PopCap Games
[2009-12-09 18:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\QuestService
[2010-05-06 19:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2010-03-21 01:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2010-02-08 19:09:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{BD3B18D5-71F9-496D-96D1-6FF9D99F2130}
[2010-05-08 16:27:01 | 000,000,314 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnSevenDays.job
[2010-05-08 16:27:01 | 000,000,320 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnSevenDaysInit.job
[2010-05-11 16:27:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job
[2010-05-18 16:27:03 | 000,000,310 | ---- | M] () -- C:\WINDOWS\Tasks\expressripShakeIcon.job
[2010-05-08 16:27:00 | 000,000,300 | ---- | M] () -- C:\WINDOWS\Tasks\mixpadSevenDaysInit.job
[2010-05-18 16:27:03 | 000,000,294 | ---- | M] () -- C:\WINDOWS\Tasks\mixpadShakeIcon.job
[2010-06-18 23:01:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-09-30 21:38:27 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2004-08-04 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-06-17 00:01:19 | 000,011,276 | ---- | M] () -- C:\hpfr3500.log
[2009-09-05 10:05:46 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-09-05 10:05:46 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-04 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-04-01 14:22:11 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-06-18 13:44:41 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004-08-04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004-08-04 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004-08-04 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-04 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-04 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008-04-14 19:21:45 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\userinit.exe
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\userinit.exe
[2004-08-04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=BD768099B4C44AA631728CB74EB54396 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >
-- [b]Dodane 19.06.2010 (So) 0:10[/b] --
tak xp.
skopiuj do nowego tekstowego>zapisz jako>zmień rozszerzenia na . reg i zapisz.2x kliknij potwierdź dodanie do rejestru
zrobiłem jak opisałeś i to samo. nic sie nie zmieniło 
wyloguj się i zaloguj/albo restart może to nic nie dać bo w logach masz trochę syfu(ja się za to nie biorę)
Tu zrobiłem HijackThis’em :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:24:39, on 2010-06-19
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Pulpit\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.theprizeday.com/today.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://wyborcza.pl/0,0.html?p=028
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://download.gigabyte.com.tw/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
R3 - URLSearchHook: (no name) - *{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1800\CPAIEAddOn.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll
O2 - BHO: TCP - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1610\TCPIE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\3.1.0.1840\wso.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM…\Run: [GEST] m‘|\ü
O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM…\Run: [LGODDFU] “C:\Program Files\lg_fwupdate\fwupdate.exe” blrun
O4 - HKLM…\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [startCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun
O4 - HKLM…\Run: [speedTouch USB Diagnostics] “C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon
O4 - HKLM…\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM…\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM…\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM…\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM…\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe”
O4 - HKLM…\Run: [LanguageShortcut] “C:\Program Files\CyberLink\PowerDVD\Language\Language.exe”
O4 - HKLM…\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM…\Run: [wlcomm32] C:\WINDOWS\wlcomm32.exe
O4 - HKLM…\Run: [GrooveMonitor] “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”
O4 - HKLM…\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM…\Run: [PrzyspieszKomputer] C:\Program Files\Przyspiesz Komputer\przyspieszkomputer.exe
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU…\Run: [ALLUpdate] “C:\Program Files\ALLPlayer\ALLUpdate.exe” “sleep”
O4 - HKCU…\Run: [AlcoholAutomount] “C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe” /automount
O4 - HKCU…\Run: [Google Update] “C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe” /c
O4 - HKCU…\Run: [DAEMON Tools Pro Agent] “C:\Program Files\DAEMON Tools Pro\DTProAgent.exe”
O4 - HKCU…\Run: [RGSC] G:\GRYYYYYY\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip…{FEF40F9D-107D-4CB2-A39E-436F27D41070}: NameServer = 62.233.233.233 87.204.204.204
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice129.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
–
End of file - 11952 bytes
– Dodane 19.06.2010 (So) 4:06 –
Tu mam jeszcze wynik skanu z ComboFix’a
Nie wiem czy dobrze zrobiłeś używając ComboFixa,bo ten program używa się tylko pod nadzorem kogoś kto wie kiedy go użyć.Nie rób nic poczekaj aż ktoś sprawdź logi.
Zasady wklejania logów na forum
FIX:
Po tym wszystkim wykonaj skan jeszcze raz programem AVG oraz Malwarebytes AntiMalware. Po przeskanowaniu komputera wrzuć jeszcze raz nowy log z OTL’a, ponieważ HijackThis nie wykrywa wszystkich wirusów (ty wrzuciłeś loga z wersji 2.0.2, a najnowsza to 2.0.4). Opis masz tutaj jak wykonać log.
szymon189 ,
To jest przecież Google Chrome z otwartymi sześcioma kartami. Zresztą HJT nie fiksuje procesów.
Co w tym złego? Przecież to tylko witryna Gigabyte’a oraz Gazety Wyborczej i domyślna strona startowa IE + nazwa folderu Łącza.
Poprawne DNS-y Netii. HJT pokazuje to wejście jeśli są one ustawiane na sztywno.
kajdzis , pokaż logi z narzędzi OTL + GMER.
Z OTL pokazujesz dwa wynikowe logi OTL.txt + Extras.txt
Przed uruchomieniem powyższych narzędzi odinstaluj (jeśli posiadasz) wszelkie programy tworzące wirtualne napędy (Daemon Tools, Alcohol itp.) oraz usuń instalowany przez nie sterownik SPTD narzędziem SPTDInst z opcji Uninstall (jeśli będzie zszarzałe, to OK).
Zawartość logów wklejasz na wklej.org lub wklej.to, a w poście dajesz link.