Witam wszystkich.
Przegrałem sobie dzisiaj pliki ze starego komputera którego się pozbywam na nowy i wygląda na to, że akurat te trefne. Podobnie jak na starym komputerze nie dziala mi funkcja otwierania dysków poprzez kliknięcie myszki, nie mogę również używac funkcji “Pokaż ukryte pliki i foldery”. W ogóle czuje, że strasznie zasyfiłem sobie dysk a chciałbym to wyjątkowy inaczej rozwiązac niz tradycyjnie “format C”.
Log z HiJackThis
Dziekuję z góry za pomoc.
Klasyczna infekcja roznosząca się poprzez pendrive jak i dyski lokalne.
W GMER nic nie zmieniamy -> wciskamy Szukaj (skan potrwa kilkadziesiąt minut) -> po skanie Kopiuj.
Usuń infekcje z pendrive lub kart pamięci za pomocą Flash Disinfector lub tych narzędzi.
Lub format.
Pobierz The Avenger i uruchom.
Wklej w niego ten tekst:
Execute i zgadzasz się na restart.
Po restarcie kasujesz plik C:\Avenger\backup.zip i dajesz tutaj do sprawdzenia raport C:\avenger.txt
W Custom Scans/Fixes w OTL wklej:
:Processes
Explorer.EXE
AhnRpta.exe
algsrvs.exe
:OTL
O4 - HKLM..\Run: [IMJPMIG8.2] C:\WINDOWS\System32\msime82.exe (Microsoft Corp.)
O4 - HKU\S-1-5-21-527237240-839522115-1801674531-1003..\Run: [cdoosoft] C:\Documents and Settings\Admin\Ustawienia lokalne\Temp\herss.exe ()
O4 - HKU\S-1-5-21-527237240-839522115-1801674531-1003..\Run: [MsServer] C:\WINDOWS\System32\msfun80.exe (Microsoft Corp.)
O4 - HKU\S-1-5-21-527237240-839522115-1801674531-1003..\Run: [wsctf.exe] File not found
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O32 - AutoRun File - [2009-09-17 21:19:11 | 00,000,129 | -HS- | M] () - C:\autorun.inf -- [NTFS]
O32 - AutoRun File - [2009-09-17 21:19:11 | 00,000,129 | -HS- | M] () - D:\autorun.inf -- [NTFS]
O32 - AutoRun File - [2009-09-17 21:19:08 | 00,000,057 | RHS- | M] () - E:\autorun.inf -- [NTFS]
O33 - MountPoints2\{179ea98e-a375-11de-8eaa-806d6172696f}\Shell\AutoRun\command - "" = H:\qcod.exe -- File not found
O33 - MountPoints2\{179ea98e-a375-11de-8eaa-806d6172696f}\Shell\open\Command - "" = H:\qcod.exe -- File not found
O33 - MountPoints2\{179ea98f-a375-11de-8eaa-806d6172696f}\Shell\AutoRun\command - "" = I:\qcod.exe -- File not found
O33 - MountPoints2\{179ea98f-a375-11de-8eaa-806d6172696f}\Shell\open\Command - "" = I:\qcod.exe -- File not found
O33 - MountPoints2\{a71f0bce-74ad-11de-80f6-0030055e840d}\Shell\AutoRun\command - "" = H:\icxpa.cmd -- File not found
O33 - MountPoints2\{a71f0bce-74ad-11de-80f6-0030055e840d}\Shell\open\Command - "" = H:\icxpa.cmd -- File not found
O33 - MountPoints2\{d4edc0cb-77ac-11de-8103-0030055e840d}\Shell\Auto\command - "" = G:\fun.xls.exe -- File not found
O33 - MountPoints2\{d4edc0cc-77ac-11de-8103-0030055e840d}\Shell\Auto\command - "" = G:\fun.xls.exe -- File not found
O33 - MountPoints2\{f5ba8d28-6a45-11de-a0f1-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{f5ba8d28-6a45-11de-a0f1-806d6172696f}\Shell\AutoRun\command - "" = F:\Run.exe -- File not found
O33 - MountPoints2\{f5ba8d29-6a45-11de-a0f1-806d6172696f}\Shell\Auto\command - "" = C:\fun.xls.exe -- [2009-07-22 06:28:17 | 00,049,152 | -HS- | M] (Microsoft Corp.)
O33 - MountPoints2\{f5ba8d2a-6a45-11de-a0f1-806d6172696f}\Shell\Auto\command - "" = D:\fun.xls.exe -- [2009-07-22 06:28:22 | 00,049,152 | -HS- | M] (Microsoft Corp.)
O33 - MountPoints2\{f5ba8d2b-6a45-11de-a0f1-806d6172696f}\Shell\Auto\command - "" = E:\fun.xls.exe -- [2009-07-22 06:28:32 | 00,049,152 | -HS- | M] (Microsoft Corp.)
O33 - MountPoints2\{fd3749f0-8f2f-11de-814d-0030055e840d}\Shell\Auto\command - "" = H:\fun.xls.exe -- File not found
:Files
C:\lhh3v.exe
C:\qcod.exe
C:\o8tf6l.exe
C:\3slhl.exe
C:\86.exe
C:\mjafm.exe
C:\qcoageh.exe
C:\ph.exe
C:\q0.exe
C:\dogyx90.exe
C:\etmt1.bat
C:\10nb.exe
C:\yugu9ups.bat
C:\w3.exe
C:\3c.exe
C:\9cquqs.exe
C:\m.exe
C:\y.bat
C:\cj3k.exe
C:\o9bxu.exe
C:\ewqij.bat
C:\i0yva6.exe
C:\lhh3v.exe
C:\qcod.exe
C:\o8tf6l.exe
C:\3slhl.exe
C:\86.exe
C:\mjafm.exe
C:\qcoageh.exe
C:\ph.exe
C:\q0.exe
C:\dogyx90.exe
C:\etmt1.bat
C:\10nb.exe
C:\yugu9ups.bat
C:\w3.exe
C:\3c.exe
C:\9cquqs.exe
C:\m.exe
C:\y.bat
C:\cj3k.exe
C:\o9bxu.exe
C:\ewqij.bat
C:\i0yva6.exe
C:\g8k.exe
C:\kgji.exe
D:\lhh3v.exe
D:\qcod.exe
D:\o8tf6l.exe
D:\3slhl.exe
D:\86.exe
D:\mjafm.exe
D:\qcoageh.exe
D:\ph.exe
D:\q0.exe
D:\dogyx90.exe
D:\etmt1.bat
D:\10nb.exe
D:\yugu9ups.bat
D:\w3.exe
D:\3c.exe
D:\9cquqs.exe
D:\m.exe
D:\y.bat
D:\cj3k.exe
D:\o9bxu.exe
D:\ewqij.bat
D:\i0yva6.exe
D:\lhh3v.exe
D:\qcod.exe
D:\o8tf6l.exe
D:\3slhl.exe
D:\86.exe
D:\mjafm.exe
D:\qcoageh.exe
D:\ph.exe
D:\q0.exe
D:\dogyx90.exe
D:\etmt1.bat
D:\10nb.exe
D:\yugu9ups.bat
D:\w3.exe
D:\3c.exe
D:\9cquqs.exe
D:\m.exe
D:\y.bat
D:\cj3k.exe
D:\o9bxu.exe
D:\ewqij.bat
D:\i0yva6.exe
D:\g8k.exe
D:\kgji.exe
E:\lhh3v.exe
E:\qcod.exe
E:\o8tf6l.exe
E:\3slhl.exe
E:\86.exe
E:\mjafm.exe
E:\qcoageh.exe
E:\ph.exe
E:\q0.exe
E:\dogyx90.exe
E:\etmt1.bat
E:\10nb.exe
E:\yugu9ups.bat
E:\w3.exe
E:\3c.exe
E:\9cquqs.exe
E:\m.exe
E:\y.bat
E:\cj3k.exe
E:\o9bxu.exe
E:\ewqij.bat
E:\i0yva6.exe
E:\lhh3v.exe
E:\qcod.exe
E:\o8tf6l.exe
E:\3slhl.exe
E:\86.exe
E:\mjafm.exe
E:\qcoageh.exe
E:\ph.exe
E:\q0.exe
E:\dogyx90.exe
E:\etmt1.bat
E:\10nb.exe
E:\yugu9ups.bat
E:\w3.exe
E:\3c.exe
E:\9cquqs.exe
E:\m.exe
E:\y.bat
E:\cj3k.exe
E:\o9bxu.exe
E:\ewqij.bat
E:\i0yva6.exe
E:\g8k.exe
E:\kgji.exe
:Commands
[emptytemp]
[start explorer]
Run Fix. Restart, jeśli będzie potrzebny.
Potem log z usuwania oraz nowy OTL.txt
Avenger po restarcie:
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\WINDOWS\system32\EXPLORER.EXE" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.[/quote]
[b]OTL po restarcie[/b] :
[quote]All processes killed
========== PROCESSES ==========
No active process named Explorer.EXE was found!
No active process named AhnRpta.exe was found!
No active process named algsrvs.exe was found!
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IMJPMIG8.2 deleted successfully.
C:\WINDOWS\System32\msime82.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-527237240-839522115-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run\\cdoosoft deleted successfully.
C:\Documents and Settings\Admin\Ustawienia lokalne\Temp\herss.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-527237240-839522115-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run\\MsServer deleted successfully.
C:\WINDOWS\System32\msfun80.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-527237240-839522115-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run\\wsctf.exe deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
C:\autorun.inf moved successfully.
D:\autorun.inf moved successfully.
E:\autorun.inf moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{179ea98e-a375-11de-8eaa-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{179ea98e-a375-11de-8eaa-806d6172696f}\ not found.
File H:\qcod.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{179ea98e-a375-11de-8eaa-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{179ea98e-a375-11de-8eaa-806d6172696f}\ not found.
File H:\qcod.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{179ea98f-a375-11de-8eaa-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{179ea98f-a375-11de-8eaa-806d6172696f}\ not found.
File I:\qcod.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{179ea98f-a375-11de-8eaa-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{179ea98f-a375-11de-8eaa-806d6172696f}\ not found.
File I:\qcod.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a71f0bce-74ad-11de-80f6-0030055e840d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a71f0bce-74ad-11de-80f6-0030055e840d}\ not found.
File H:\icxpa.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a71f0bce-74ad-11de-80f6-0030055e840d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a71f0bce-74ad-11de-80f6-0030055e840d}\ not found.
File H:\icxpa.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4edc0cb-77ac-11de-8103-0030055e840d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d4edc0cb-77ac-11de-8103-0030055e840d}\ not found.
File G:\fun.xls.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4edc0cc-77ac-11de-8103-0030055e840d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d4edc0cc-77ac-11de-8103-0030055e840d}\ not found.
File G:\fun.xls.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f5ba8d28-6a45-11de-a0f1-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f5ba8d28-6a45-11de-a0f1-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f5ba8d28-6a45-11de-a0f1-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f5ba8d28-6a45-11de-a0f1-806d6172696f}\ not found.
File F:\Run.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f5ba8d29-6a45-11de-a0f1-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f5ba8d29-6a45-11de-a0f1-806d6172696f}\ not found.
C:\fun.xls.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f5ba8d2a-6a45-11de-a0f1-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f5ba8d2a-6a45-11de-a0f1-806d6172696f}\ not found.
D:\fun.xls.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f5ba8d2b-6a45-11de-a0f1-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f5ba8d2b-6a45-11de-a0f1-806d6172696f}\ not found.
E:\fun.xls.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd3749f0-8f2f-11de-814d-0030055e840d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd3749f0-8f2f-11de-814d-0030055e840d}\ not found.
File H:\fun.xls.exe not found.
========== FILES ==========
C:\lhh3v.exe moved successfully.
C:\qcod.exe moved successfully.
C:\o8tf6l.exe moved successfully.
C:\3slhl.exe moved successfully.
C:\86.exe moved successfully.
C:\mjafm.exe moved successfully.
C:\qcoageh.exe moved successfully.
C:\ph.exe moved successfully.
C:\q0.exe moved successfully.
C:\dogyx90.exe moved successfully.
C:\etmt1.bat moved successfully.
C:\10nb.exe moved successfully.
C:\yugu9ups.bat moved successfully.
C:\w3.exe moved successfully.
C:\3c.exe moved successfully.
C:\9cquqs.exe moved successfully.
C:\m.exe moved successfully.
C:\y.bat moved successfully.
C:\cj3k.exe moved successfully.
C:\o9bxu.exe moved successfully.
C:\ewqij.bat moved successfully.
C:\i0yva6.exe moved successfully.
File\Folder C:\lhh3v.exe not found.
File\Folder C:\qcod.exe not found.
File\Folder C:\o8tf6l.exe not found.
File\Folder C:\3slhl.exe not found.
File\Folder C:\86.exe not found.
File\Folder C:\mjafm.exe not found.
File\Folder C:\qcoageh.exe not found.
File\Folder C:\ph.exe not found.
File\Folder C:\q0.exe not found.
File\Folder C:\dogyx90.exe not found.
File\Folder C:\etmt1.bat not found.
File\Folder C:\10nb.exe not found.
File\Folder C:\yugu9ups.bat not found.
File\Folder C:\w3.exe not found.
File\Folder C:\3c.exe not found.
File\Folder C:\9cquqs.exe not found.
File\Folder C:\m.exe not found.
File\Folder C:\y.bat not found.
File\Folder C:\cj3k.exe not found.
File\Folder C:\o9bxu.exe not found.
File\Folder C:\ewqij.bat not found.
File\Folder C:\i0yva6.exe not found.
C:\g8k.exe moved successfully.
C:\kgji.exe moved successfully.
D:\lhh3v.exe moved successfully.
D:\qcod.exe moved successfully.
D:\o8tf6l.exe moved successfully.
D:\3slhl.exe moved successfully.
D:\86.exe moved successfully.
D:\mjafm.exe moved successfully.
D:\qcoageh.exe moved successfully.
D:\ph.exe moved successfully.
D:\q0.exe moved successfully.
D:\dogyx90.exe moved successfully.
D:\etmt1.bat moved successfully.
D:\10nb.exe moved successfully.
D:\yugu9ups.bat moved successfully.
D:\w3.exe moved successfully.
D:\3c.exe moved successfully.
D:\9cquqs.exe moved successfully.
D:\m.exe moved successfully.
D:\y.bat moved successfully.
D:\cj3k.exe moved successfully.
D:\o9bxu.exe moved successfully.
D:\ewqij.bat moved successfully.
D:\i0yva6.exe moved successfully.
File\Folder D:\lhh3v.exe not found.
File\Folder D:\qcod.exe not found.
File\Folder D:\o8tf6l.exe not found.
File\Folder D:\3slhl.exe not found.
File\Folder D:\86.exe not found.
File\Folder D:\mjafm.exe not found.
File\Folder D:\qcoageh.exe not found.
File\Folder D:\ph.exe not found.
File\Folder D:\q0.exe not found.
File\Folder D:\dogyx90.exe not found.
File\Folder D:\etmt1.bat not found.
File\Folder D:\10nb.exe not found.
File\Folder D:\yugu9ups.bat not found.
File\Folder D:\w3.exe not found.
File\Folder D:\3c.exe not found.
File\Folder D:\9cquqs.exe not found.
File\Folder D:\m.exe not found.
File\Folder D:\y.bat not found.
File\Folder D:\cj3k.exe not found.
File\Folder D:\o9bxu.exe not found.
File\Folder D:\ewqij.bat not found.
File\Folder D:\i0yva6.exe not found.
D:\g8k.exe moved successfully.
D:\kgji.exe moved successfully.
E:\lhh3v.exe moved successfully.
E:\qcod.exe moved successfully.
E:\o8tf6l.exe moved successfully.
E:\3slhl.exe moved successfully.
E:\86.exe moved successfully.
E:\mjafm.exe moved successfully.
E:\qcoageh.exe moved successfully.
E:\ph.exe moved successfully.
E:\q0.exe moved successfully.
E:\dogyx90.exe moved successfully.
E:\etmt1.bat moved successfully.
E:\10nb.exe moved successfully.
E:\yugu9ups.bat moved successfully.
E:\w3.exe moved successfully.
E:\3c.exe moved successfully.
E:\9cquqs.exe moved successfully.
E:\m.exe moved successfully.
E:\y.bat moved successfully.
E:\cj3k.exe moved successfully.
E:\o9bxu.exe moved successfully.
E:\ewqij.bat moved successfully.
E:\i0yva6.exe moved successfully.
File\Folder E:\lhh3v.exe not found.
File\Folder E:\qcod.exe not found.
File\Folder E:\o8tf6l.exe not found.
File\Folder E:\3slhl.exe not found.
File\Folder E:\86.exe not found.
File\Folder E:\mjafm.exe not found.
File\Folder E:\qcoageh.exe not found.
File\Folder E:\ph.exe not found.
File\Folder E:\q0.exe not found.
File\Folder E:\dogyx90.exe not found.
File\Folder E:\etmt1.bat not found.
File\Folder E:\10nb.exe not found.
File\Folder E:\yugu9ups.bat not found.
File\Folder E:\w3.exe not found.
File\Folder E:\3c.exe not found.
File\Folder E:\9cquqs.exe not found.
File\Folder E:\m.exe not found.
File\Folder E:\y.bat not found.
File\Folder E:\cj3k.exe not found.
File\Folder E:\o9bxu.exe not found.
File\Folder E:\ewqij.bat not found.
File\Folder E:\i0yva6.exe not found.
E:\g8k.exe moved successfully.
E:\kgji.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Admin
->Temp folder emptied: 211542501 bytes
->Temporary Internet Files folder emptied: 39438612 bytes
->Java cache emptied: 25665310 bytes
->FireFox cache emptied: 107598094 bytes
->Opera cache emptied: 4185825 bytes
User: Administrator
->Temp folder emptied: 37813245 bytes
->Temporary Internet Files folder emptied: 33948 bytes
->Opera cache emptied: 154410 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2352022 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
Windows Temp folder emptied: 1542382 bytes
RecycleBin emptied: 90416 bytes
Total Files Cleaned = 410,57 mb
OTL by OldTimer - Version 3.0.14.0 log created on 09172009_225417
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
nowy OTL.txt:
OTL logfile created on: 2009-09-17 22:58:49 - Run 2
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Admin\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 4,38 Gb Free Space | 22,41% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 94,46 Gb Free Space | 64,49% Space Free | Partition Type: NTFS
Drive E: | 132,07 Gb Total Space | 105,79 Gb Free Space | 80,10% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: XX
Current User Name: Admin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2008-06-24 15:58:41 | 00,557,056 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008-06-24 15:58:41 | 00,557,056 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\EXPLORER.EXE
PRC - [2008-04-14 22:51:32 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AhnRpta.exe
PRC - [2008-04-14 22:51:32 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
PRC - [2009-01-17 16:48:08 | 05,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files\Tlen.pl\tlen.exe
PRC - [2009-04-21 14:39:16 | 24,264,488 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009-06-25 15:12:42 | 01,414,144 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009-08-31 18:07:34 | 11,391,592 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe
PRC - [2009-04-21 14:39:16 | 00,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2008-07-03 19:13:02 | 00,262,144 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2007-06-14 20:57:42 | 00,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
PRC - [2009-07-06 17:33:02 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2009-06-02 10:10:08 | 00,637,952 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009-08-31 16:56:26 | 00,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2008-04-14 22:51:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
PRC - [2009-05-28 13:45:00 | 00,132,096 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009-03-30 10:11:14 | 00,120,320 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009-09-11 09:22:33 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-09-17 21:17:26 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Moje dokumenty\Pobieranie\OTL.exe
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-06-24 15:58:41 | 00,557,056 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2008-07-03 19:13:02 | 00,262,144 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService [Auto | Running])
SRV - [2007-06-14 20:57:42 | 00,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen [Auto | Running])
SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009-07-06 17:33:02 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009-06-02 10:10:08 | 00,637,952 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Running])
SRV - [2007-05-28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running])
SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2008-07-03 19:13:04 | 00,012,416 | ---- | M] (ASUSTeK Computer Inc.) -- C:\WINDOWS\System32\drivers\asusgsb.sys -- (asusgsb [On_Demand | Running])
DRV - [2008-07-03 19:13:02 | 00,011,136 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\System32\drivers\atkkbnt.sys -- (asuskbnt [System | Running])
DRV - [2007-01-29 17:12:52 | 00,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\System32\DRIVERS\AsusVRC.sys -- (ASUSVRC [On_Demand | Running])
DRV - [2008-06-24 16:52:46 | 03,229,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2008-05-20 13:53:36 | 00,093,696 | R--- | M] (ATI Research Inc.) -- C:\WINDOWS\System32\drivers\AtiHdmi.sys -- (AtiHdmiService [On_Demand | Running])
DRV - [2006-02-20 03:17:40 | 00,033,408 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv [System | Running])
DRV - [2009-07-06 18:00:58 | 00,015,600 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys -- (gdrv [On_Demand | Stopped])
DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007-07-18 13:26:04 | 04,547,584 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009-02-09 08:37:46 | 00,017,664 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped])
DRV - [2009-02-09 08:37:46 | 00,022,016 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped])
DRV - [2009-03-19 14:48:18 | 00,136,704 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu [On_Demand | Stopped])
DRV - [2006-10-18 16:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata [Boot | Running])
DRV - [2006-11-27 16:33:50 | 00,058,368 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2006-11-27 16:33:54 | 00,019,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2008-08-26 10:26:12 | 00,018,816 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])
DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2009-08-08 22:01:43 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2009-02-09 08:37:48 | 00,007,808 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped])
DRV - [2008-04-14 00:15:38 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbser.sys -- (usbser [On_Demand | Stopped])
DRV - [2009-02-09 08:37:56 | 00,007,808 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt [On_Demand | Stopped])
DRV - [2008-07-03 19:13:04 | 00,010,752 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\System32\Drivers\Video3D32.sys -- (Video3D [On_Demand | Running])
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {eaf8a4ef-d221-45ca-9deb-d0934b45fa34}:1.3.0.3
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-07-06 17:33:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-07-14 19:07:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-11 09:22:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-11 09:22:36 | 00,000,000 | ---D | M]
[2009-07-06 17:38:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\mozilla\Extensions
[2009-07-06 17:38:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-09-17 11:30:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\mozilla\Firefox\Profiles\n4eage3a.default\extensions
[2009-07-11 17:46:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\mozilla\Firefox\Profiles\n4eage3a.default\extensions\{eaf8a4ef-d221-45ca-9deb-d0934b45fa34}
[2009-09-17 21:13:34 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-09-11 09:22:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-07-08 20:42:26 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009-09-11 09:22:32 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-09-11 09:22:32 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009-09-11 09:22:33 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009-01-28 20:46:54 | 00,307,200 | ---- | M] (ESKA) -- C:\Program Files\mozilla firefox\plugins\npOggX.dll
[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2008-09-10 21:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2008-09-10 21:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009-06-24 14:27:26 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-06-24 14:27:26 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-06-24 14:27:26 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-06-24 14:27:26 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-06-24 14:27:26 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-06-24 14:27:26 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-06-24 14:27:26 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [EXPLORER.EXE] C:\WINDOWS\EXPLORER.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.)
O4 - HKCU..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.139.8.7 88.156.63.9 88.156.96.61
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\EXPLORER.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {BB4C402F-882A-4526-8C08-51278EA437C1} - C:\WINDOWS\System32\e8main1.dll ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-07-06 16:15:30 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [NTFS]
O33 - MountPoints2\{8a295b7e-7ec8-11de-8119-0030055e840d}\Shell\Auto\command - "" = H:\fun.xls.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2009-09-17 22:54:17 | 00,000,000 | ---D | C] -- C:\_OTL
[2009-09-17 22:48:27 | 00,000,000 | ---D | C] -- C:\Avenger
[2009-09-17 20:34:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Ahead
[2009-09-17 20:31:10 | 00,001,239 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2009-09-17 20:31:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2009-09-17 20:29:32 | 00,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2009-09-17 20:29:32 | 00,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2009-09-17 20:29:32 | 00,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2009-09-17 20:28:54 | 00,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2009-09-17 20:28:47 | 00,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2009-09-17 20:28:44 | 00,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2009-09-17 20:28:39 | 00,000,000 | ---D | C] -- C:\Program Files\Ahead
[2009-09-17 14:09:56 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\AhnRpta.exe
[2009-09-17 14:02:25 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\HijackThis.lnk
[2009-09-17 14:02:25 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009-09-16 16:57:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\karta_rejestracyjna_indywidualny
[2009-09-16 16:57:12 | 00,101,389 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\karta_rejestracyjna_indywidualny.zip
[2009-09-16 13:54:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\eSkiMoS R2
[2009-09-15 20:00:28 | 00,111,713 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\DSCN0891.JPG
[2009-09-07 22:15:38 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2009-09-07 11:21:47 | 00,081,962 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\adam.JPG
[2009-09-05 18:10:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\NK
[2009-09-04 18:01:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\Rejestracja
[2009-09-04 17:37:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\Oferta
[2009-09-01 17:31:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\cache
[2009-09-01 17:30:51 | 00,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2009-09-01 17:30:51 | 00,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2009-09-01 17:30:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Nowe Gadu-Gadu
[2009-09-01 17:30:10 | 00,000,000 | ---D | C] -- C:\Program Files\Nowe Gadu-Gadu
[2009-08-31 19:30:00 | 00,112,442 | RHS- | C] () -- C:\mt2.exe
[2009-08-31 00:32:37 | 00,112,679 | RHS- | C] () -- C:\pkkwng.exe
[2009-08-30 17:10:44 | 00,114,321 | RHS- | C] () -- C:\cfrdbyrp.bat
[2009-08-30 16:39:34 | 00,113,919 | RHS- | C] () -- C:\xbvv0.exe
[2009-08-29 18:42:44 | 00,112,225 | RHS- | C] () -- C:\b.bat
[2009-08-29 14:54:40 | 00,016,312 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\a7d10a6e3606cb2c35838a51418a35e0,14,1.jpg
[2009-08-29 13:47:27 | 27,267,689 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\best techno trance hands up czeriec 2009 by djmaryoo.mp3
[2009-08-29 13:46:36 | 41,871,183 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\party set vol 17. mixed by dj #matix# (mix 2009).mp3
[2009-08-29 13:46:09 | 24,368,723 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\the promotion of new music by beczqs may 2009.mp3
[2009-08-28 19:17:08 | 00,030,227 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\index.php.htm
[2009-08-28 19:17:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\index.php_pliki
[2009-08-28 18:30:09 | 00,114,758 | RHS- | C] () -- C:\t8s2x.exe
[2009-08-26 21:47:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009-08-26 18:26:20 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009-08-25 18:24:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\Ulotki
[2009-08-25 18:24:21 | 00,328,312 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Ulotki.rar
[2009-08-25 17:55:45 | 00,113,233 | RHS- | C] () -- C:\hx.exe
[2009-08-25 13:19:19 | 00,001,838 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2009-08-25 13:19:17 | 00,000,000 | ---D | C] -- C:\Program Files\Asprate
[2009-08-25 13:18:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\ipr
[2009-08-25 13:17:59 | 00,186,219 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\ipr.rar
[2009-08-25 13:12:44 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\ipchanger
[2009-08-24 21:51:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Panasonic
[2009-08-24 21:45:02 | 00,001,612 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\HD Writer.lnk
[2009-08-24 21:44:58 | 00,145,504 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
[2009-08-24 21:44:58 | 00,059,488 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\System32\GenSvcInst.exe
[2009-08-24 21:44:58 | 00,049,152 | ---- | C] (BHA) -- C:\WINDOWS\System32\setupsvc.dll
[2009-08-24 21:44:58 | 00,033,408 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys
[2009-08-24 21:44:58 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\BHARegister.dll
[2009-08-24 21:44:21 | 00,000,000 | ---D | C] -- C:\Program Files\Panasonic
[2009-08-24 19:11:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\Mercedesem_po_sukces
[2009-08-24 19:11:16 | 01,120,949 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Mercedesem_po_sukces.zip
[2009-08-24 12:35:59 | 00,001,607 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Counter Strike 1.6 Non Steam.lnk
[2009-08-24 12:35:59 | 00,001,587 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Dedicated Server.lnk
[2009-08-23 11:29:04 | 00,014,105 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\22.html
[2009-08-23 11:25:58 | 00,014,199 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\III.html
[2009-08-23 11:21:36 | 00,011,999 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\index.html
[2009-08-22 20:14:00 | 03,465,330 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\24. eddy wata - my dream (extended mix).mp3
[2009-08-22 20:10:37 | 05,275,094 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\eddy wata - my dream (extended mix).mp3
[2009-08-22 12:33:36 | 00,000,041 | ---- | C] () -- C:\pmp_usb.ini
[2009-08-22 11:40:15 | 00,004,877 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\nowe.m3u
[2009-08-08 22:12:12 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-08 22:01:43 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-07-20 08:44:56 | 00,115,200 | ---- | C] () -- C:\WINDOWS\System32\nmdfgds0.dll
[2009-07-20 06:15:08 | 00,115,200 | RHS- | C] () -- C:\WINDOWS\System32\nmdfgds1.dll
[2009-07-11 09:37:56 | 00,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009-07-06 17:56:18 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-07-06 17:56:18 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-07-06 17:56:18 | 00,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2009-07-06 17:56:18 | 00,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2009-07-06 17:56:18 | 00,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2009-07-06 17:56:18 | 00,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2009-07-06 17:56:18 | 00,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2009-07-06 17:56:18 | 00,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2009-07-06 17:56:18 | 00,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2009-07-06 17:56:18 | 00,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2009-07-06 17:56:17 | 00,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2009-07-06 17:48:48 | 00,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009-07-06 17:21:23 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008-04-14 22:51:18 | 00,078,848 | ---- | C] () -- C:\WINDOWS\System32\e8main0.dll
[2008-04-14 22:51:18 | 00,061,592 | ---- | C] () -- C:\WINDOWS\System32\e8main1.dll
[2004-10-11 11:19:00 | 00,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL
[2001-07-22 00:16:20 | 00,000,507 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-22 00:15:52 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2009-09-17 22:55:26 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-09-17 22:55:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-09-17 20:31:10 | 00,001,239 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2009-09-17 15:22:36 | 00,001,065 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2009-09-17 14:02:25 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\HijackThis.lnk
[2009-09-17 12:32:45 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-17 12:32:45 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-09-16 16:57:12 | 00,101,389 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\karta_rejestracyjna_indywidualny.zip
[2009-09-15 20:01:46 | 00,111,713 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\DSCN0891.JPG
[2009-09-15 10:53:33 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-09-07 22:15:38 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2009-09-07 11:21:47 | 00,081,962 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\adam.JPG
[2009-09-06 21:39:30 | 06,901,728 | -H-- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-09-01 17:30:51 | 00,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2009-09-01 17:30:51 | 00,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2009-08-31 19:29:34 | 00,112,442 | RHS- | M] () -- C:\mt2.exe
[2009-08-31 00:32:11 | 00,112,679 | RHS- | M] () -- C:\pkkwng.exe
[2009-08-30 17:10:18 | 00,114,321 | RHS- | M] () -- C:\cfrdbyrp.bat
[2009-08-30 16:39:08 | 00,113,919 | RHS- | M] () -- C:\xbvv0.exe
[2009-08-30 00:57:13 | 00,112,225 | RHS- | M] () -- C:\b.bat
[2009-08-29 14:54:40 | 00,016,312 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\a7d10a6e3606cb2c35838a51418a35e0,14,1.jpg
[2009-08-29 14:20:18 | 41,871,183 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\party set vol 17. mixed by dj #matix# (mix 2009).mp3
[2009-08-29 14:10:13 | 27,267,689 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\best techno trance hands up czeriec 2009 by djmaryoo.mp3
[2009-08-29 14:06:28 | 24,368,723 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\the promotion of new music by beczqs may 2009.mp3
[2009-08-29 09:26:30 | 00,114,758 | RHS- | M] () -- C:\t8s2x.exe
[2009-08-28 19:17:08 | 00,030,227 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\index.php.htm
[2009-08-27 16:28:26 | 00,000,041 | ---- | M] () -- C:\pmp_usb.ini
[2009-08-26 21:48:20 | 00,113,233 | RHS- | M] () -- C:\hx.exe
[2009-08-25 18:24:21 | 00,328,312 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Ulotki.rar
[2009-08-25 13:19:19 | 00,001,838 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2009-08-25 13:18:10 | 00,186,219 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\ipr.rar
[2009-08-25 13:12:44 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\ipchanger
[2009-08-24 21:45:02 | 00,001,612 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\HD Writer.lnk
[2009-08-24 19:11:22 | 01,120,949 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Mercedesem_po_sukces.zip
[2009-08-24 12:35:59 | 00,001,607 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Counter Strike 1.6 Non Steam.lnk
[2009-08-24 12:35:59 | 00,001,587 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Dedicated Server.lnk
[2009-08-23 11:29:04 | 00,014,105 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\22.html
[2009-08-23 11:25:58 | 00,014,199 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\III.html
[2009-08-23 11:21:36 | 00,011,999 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\index.html
[2009-08-22 20:16:50 | 03,465,330 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\24. eddy wata - my dream (extended mix).mp3
[2009-08-22 20:14:58 | 05,275,094 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\eddy wata - my dream (extended mix).mp3
[2009-08-22 11:40:15 | 00,004,877 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\nowe.m3u
[2009-08-20 09:40:26 | 00,106,264 | RHS- | M] () -- C:\lcw.exe
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 293 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B
< End of report >Wszelkie logi wklejaj na wklej.org lub wklej.to, a w poście dajesz tylko link do wklejki.
Wykonaj pełny skan Malwarebytes’ Anti-Malware - znalezione obiekty usuń.
Pokaż raport z usuwania.
Wyłącz i włącz Przywracanie Systemu na wszystkich dyskach. Instrukcja XP.
W OTL kliknij CleanUp.
Wyczyść rejestr i dysk CCleaner.
Usuń zbędniki z autostartu.
W CCleanerze: zakładka Narzędzia -> Autostart -> usuń wpis EXPLORER.EXE
w tym cleanerze problemy w rejestrze naprawilem a dyski jak mam tam wyczyscic ? W zakładce Cleaner mam pozaznaczane wszystko przy “Internet Explorer” “Windows Explorer” i “System” mam nacisnac Uruchom Cleaner? Wyskakuje mi komunikat, ze usunie wszystkie pliki z mojego systemu. Co zrobic?
Oczywiście mu chodzi tylko o te zbędne pliki.
Przy “System” możesz odznaczyć Skróty na pulpicie i Skróty w Menu Start, bo te rzeczy raczej są potrzebne…
w Clenerze/narzedziach/autostarcie nie mam wpisu EXPLORER.EXE
Po starcie systemu nie otwierają Ci się “Moje Dokumenty”?
Jeśli nie, to dobrze.
Nie otwierają się. Dzieki za wszystko 