Hallada
(Vitoden)
12 Listopad 2012 14:39
#1
Witam szanownych internautów.
Problem wygląda następująco…dzisiejszego dnia, ni z gruchy ni z pietruchy, zablokowało mi bardzo istotny folder na jednej z partycji. Mam na nim zainstalowaną znaczną ilość programów których nie mogę uruchomić, i pomimo prób majstrowania z zabezpieczeniami, wyłączaniem antywirusa i paru innych prostych metod nie udało mi się go odblokować. Oto jak wygląda sprawa:
http://i46.tinypic.com/2py5o9y.jpg
http://i48.tinypic.com/35ityfs.jpg
http://i50.tinypic.com/2h5txlh.jpg
Przywracanie systemu ani ComboFix nie rozwiązały problemu. Ktoś ma pomysł, co z tym zrobić?
Log z CF:
ComboFix 12-11-12.02 - Nidhogg 2012-11-12 15:03:09.1.2 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1250.48.1033.18.4095.3097 [GMT 1:00] Uruchomiony z: e:\firefox\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\SUS\SUS.exe c:\windows\SysWow64\URTTemp c:\windows\SysWow64\URTTemp\regtlib.exe . . ((((((((((((((((((((((((( Pliki utworzone od 2012-10-12 do 2012-11-12 ))))))))))))))))))))))))))))))) . . 2012-11-12 14:06 . 2012-11-12 14:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-12 14:02 . 2012-11-12 14:02 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates{F9BE2876-EE1E-4506-85B2-C0768C31F4AF}\offreg.dll 2012-11-11 12:03 . 2012-11-11 12:03 -------- d-----w- c:\program files (x86)\NVIDIA Corporation 2012-11-11 12:03 . 2012-11-11 12:03 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-11-10 14:14 . 2012-11-10 14:14 -------- d-----w- c:\program files (x86)\Gameforge 2012-11-09 16:45 . 2012-11-09 16:45 -------- d-----w- c:\program files (x86)\Microsoft XNA 2012-11-09 16:42 . 2012-11-09 16:42 -------- d-----w- c:\program files (x86)\Paradox Interactive 2012-11-09 00:17 . 2012-11-09 12:26 -------- d-----w- c:\windows\system32\appmgmt 2012-11-09 00:15 . 2012-11-09 00:15 -------- d-----w- c:\programdata\ASign 2012-11-09 00:06 . 2012-11-09 00:17 -------- d-----w- c:\program files (x86)\ALL-TiME 2012-11-05 08:24 . 2004-03-29 15:23 90112 ----a-w- c:\windows\unvise32.exe 2012-11-05 08:24 . 2012-11-05 08:24 -------- d-----w- c:\program files (x86)\LooksBuilderSE 2012-11-05 08:23 . 2012-11-05 08:23 -------- d-----w- c:\program files (x86)\Avid 2012-11-05 08:19 . 2012-11-05 08:19 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle 2012-11-05 08:13 . 2012-11-05 08:13 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging 2012-11-05 08:13 . 2012-11-05 08:13 -------- d-----w- c:\program files (x86)\Pinnacle 2012-11-05 08:06 . 2008-03-05 14:56 4910088 ----a-w- c:\windows\system32\D3DX9_37.dll 2012-11-05 08:04 . 2012-11-05 08:04 -------- d-----w- c:\programdata\Pinnacle 2012-11-04 11:03 . 2012-11-12 13:59 -------- d-----w- c:\program files (x86)\Microsoft 2012-11-04 11:02 . 2012-11-04 11:02 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-11-04 11:02 . 2012-11-12 13:59 -------- d-----w- c:\program files (x86)\Bing Bar Installer 2012-11-04 11:02 . 2012-11-04 11:30 -------- d-----w- c:\programdata\HP Photo Creations 2012-11-04 11:02 . 2012-11-04 11:02 -------- d-----w- c:\program files (x86)\HP Photo Creations 2012-11-04 11:02 . 2012-11-04 11:04 -------- d-----w- c:\programdata\HP 2012-11-04 11:02 . 2012-11-04 11:02 -------- d-----w- c:\program files (x86)\HP 2012-11-04 11:01 . 2012-11-04 11:01 -------- d-----w- c:\program files\HP 2012-11-03 20:14 . 2012-11-12 14:06 -------- d-----w- c:\programdata\SUS 2012-11-03 20:04 . 2012-11-03 20:04 -------- d-----w- c:\programdata\AKLogData64 2012-11-03 20:02 . 2012-11-03 20:04 -------- d-----w- c:\program files (x86)\KAward64 2012-11-03 20:02 . 2009-05-13 18:35 50688 ----a-w- c:\windows\SysWow64\wbhelp2.dll 2012-11-03 20:02 . 2009-05-13 18:35 28160 ----a-w- c:\windows\SysWow64\anim.dll 2012-11-03 20:02 . 2009-05-13 18:35 258352 ----a-w- c:\windows\SysWow64\unicows.dll 2012-11-03 20:02 . 2009-05-13 18:35 1706800 ----a-w- c:\windows\SysWow64\gdiplus.dll 2012-11-03 18:18 . 2012-11-03 18:18 -------- d-----w- c:\program files (x86)\Movie Maker 2.6 2012-11-01 05:35 . 2012-11-01 05:35 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2012-10-31 17:58 . 2012-10-31 17:58 -------- d-sh–w- c:\windows\SysWow64\dtmcfg 2012-10-31 17:58 . 2012-10-31 17:58 -------- d-sh–w- c:\programdata\dtmcfg 2012-10-29 11:46 . 2008-07-31 09:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll 2012-10-29 11:46 . 2008-07-31 09:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll 2012-10-29 11:46 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll 2012-10-29 11:46 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll 2012-10-29 11:46 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll 2012-10-29 11:45 . 2012-11-10 14:16 -------- d–h--w- c:\program files (x86)\InstallShield Installation Information 2012-10-25 07:47 . 2012-11-12 13:52 -------- d-----w- c:\programdata\PMB Files 2012-10-25 07:47 . 2012-10-25 07:47 -------- d-----w- c:\program files (x86)\Pando Networks 2012-10-24 17:55 . 2012-10-24 17:42 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll 2012-10-24 17:40 . 2012-10-25 07:50 -------- d-----w- c:\programdata\HappyCloud 2012-10-24 13:16 . 2012-10-24 13:16 -------- d-----w- c:\programdata\RELOADED 2012-10-24 03:46 . 2012-10-23 17:55 -------- d-----w- c:\windows\Panther 2012-10-24 02:46 . 2009-11-25 19:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll 2012-10-24 02:46 . 2009-11-25 19:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll 2012-10-24 02:46 . 2009-11-25 19:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll 2012-10-24 02:46 . 2009-11-25 19:47 48960 ----a-w- c:\windows\system32\netfxperf.dll 2012-10-24 02:46 . 2009-11-25 19:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe 2012-10-24 02:46 . 2009-11-25 19:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2012-10-24 02:46 . 2009-11-25 19:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2012-10-24 02:46 . 2009-11-25 19:47 1942856 ----a-w- c:\windows\system32\dfshim.dll 2012-10-24 02:46 . 2009-11-25 19:47 444752 ----a-w- c:\windows\system32\mscoree.dll 2012-10-24 02:46 . 2009-11-25 19:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2012-10-23 19:51 . 2012-10-23 19:51 -------- d-----w- c:\program files (x86)\mIRC 2012-10-23 19:42 . 2012-10-23 19:42 -------- d-----w- c:\programdata\ashampoo 2012-10-23 19:37 . 2012-10-23 19:37 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-10-23 19:37 . 2012-10-23 19:36 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-10-23 19:37 . 2012-10-23 19:36 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-10-23 19:37 . 2012-10-23 19:36 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-10-23 19:36 . 2012-10-23 19:36 -------- d-----w- c:\program files (x86)\Java 2012-10-23 19:34 . 2012-10-23 19:34 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-23 19:34 . 2012-10-23 19:34 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-23 19:27 . 2012-10-24 02:18 -------- d-----w- c:\program files (x86)\v9Soft 2012-10-23 19:22 . 2012-10-23 19:22 834544 ----a-w- c:\windows\system32\drivers\sptd.sys 2012-10-23 19:21 . 2012-10-23 19:21 -------- d-----w- c:\programdata\DAEMON Tools Lite 2012-10-23 19:00 . 2012-10-23 19:00 -------- d-----w- c:\program files (x86)\Conduit 2012-10-23 18:59 . 2012-10-23 18:59 -------- d-----w- c:\programdata\ATI 2012-10-23 18:58 . 2012-10-23 18:58 -------- d-----w- c:\program files\Common Files\ATI Technologies 2012-10-23 18:58 . 2009-11-18 10:30 123408 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys 2012-10-23 18:57 . 2010-01-13 14:04 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll 2012-10-23 18:57 . 2012-10-23 18:57 -------- d-----w- c:\program files\ATI 2012-10-23 18:57 . 2012-10-23 18:57 -------- d-----w- c:\program files (x86)\ATI Technologies 2012-10-23 18:56 . 2012-10-23 18:59 -------- d-----w- c:\program files\ATI Technologies 2012-10-23 18:38 . 2012-10-23 19:30 -------- d-----w- c:\program files (x86)\KeePass Password Safe 2 2012-10-23 18:37 . 2012-10-23 18:37 -------- d-----w- c:\windows\SysWow64\XPSViewer 2012-10-23 18:37 . 2012-10-23 18:37 -------- d-----w- c:\windows\SysWow64\drivers\pl-PL 2012-10-23 18:37 . 2012-10-23 18:37 -------- d-----w- c:\windows\SysWow64\wbem\pl-PL 2012-10-23 18:37 . 2012-10-23 18:37 -------- d-----w- c:\windows\SysWow64\pl 2012-10-23 18:37 . 2012-10-23 18:37 -------- d-----w- c:\windows\pl-PL 2012-10-23 18:37 . 2012-10-23 18:37 -------- d-----w- c:\windows\system32\drivers\UMDF\pl-PL 2012-10-23 18:37 . 2012-10-23 18:37 -------- d-----w- c:\windows\system32\drivers\pl-PL 2012-10-23 18:37 . 2012-10-23 18:37 -------- d-----w- c:\windows\system32\wbem\pl-PL 2012-10-23 18:37 . 2012-10-23 18:37 -------- d-----w- c:\windows\system32\pl 2012-10-23 18:33 . 2009-07-13 16:48 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\pl-PL\LXKPTPRC.DLL.mui 2012-10-23 18:32 . 2012-10-17 00:31 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates{F9BE2876-EE1E-4506-85B2-C0768C31F4AF}\mpengine.dll 2012-10-23 18:32 . 2012-05-31 10:25 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-10-23 18:28 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-10-23 18:28 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-10-23 18:28 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-10-23 18:28 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-10-23 18:28 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-10-23 18:28 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-10-23 18:17 . 2012-10-23 18:17 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2012-10-23 18:14 . 2012-10-23 18:14 0 ----a-w- c:\windows\ativpsrm.bin 2012-10-23 18:12 . 2012-10-23 18:12 -------- d-----w- c:\windows\SysWow64\Macromed 2012-10-23 18:12 . 2012-10-23 18:12 -------- d-----w- c:\windows\system32\Macromed 2012-10-23 18:09 . 2012-11-12 13:59 -------- d-sh–w- c:\windows\Installer 2012-10-23 18:08 . 2010-04-06 23:05 26112 ----a-w- c:\windows\system32\atitmp64.dll 2012-10-23 18:08 . 2010-01-13 13:56 424448 ----a-w- c:\windows\SysWow64\aticfx32.dll 2012-10-23 18:08 . 2010-01-13 13:55 468480 ----a-w- c:\windows\system32\aticfx64.dll 2012-10-23 18:08 . 2010-01-13 13:51 3688960 ----a-w- c:\windows\system32\atidxx64.dll 2012-10-23 18:08 . 2010-01-13 13:10 35840 ----a-w- c:\windows\system32\atiuxp64.dll 2012-10-23 18:08 . 2010-01-13 13:10 28160 ----a-w- c:\windows\system32\atiu9p64.dll 2012-10-23 18:07 . 2009-05-11 22:35 118784 ----a-w- c:\windows\system32\atibtmon.exe 2012-10-23 18:07 . 2010-01-13 13:31 55296 ----a-w- c:\windows\system32\coinst.dll 2012-10-23 18:07 . 2012-10-23 18:07 -------- d-----w- c:\windows\SysWow64\RTCOM 2012-10-23 18:07 . 2012-10-23 18:07 -------- d-----w- c:\program files\Realtek 2012-10-23 18:05 . 2010-11-30 19:02 412264 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2012-10-23 18:05 . 2010-11-30 19:02 74272 ----a-w- c:\windows\system32\RtNicProp64.dll 2012-10-23 18:05 . 2010-11-30 19:02 107552 ----a-w- c:\windows\system32\RTNUninst64.dll 2012-10-23 18:00 . 2012-10-23 18:00 -------- d-----w- c:\windows\SysWow64\Wat 2012-10-23 18:00 . 2012-10-23 18:00 -------- d-----w- c:\windows\system32\Wat 2012-10-23 18:00 . 2011-10-21 00:06 6664704 ----a-r- c:\windows\REMOVEWAT.EXE 2012-10-23 17:56 . 2012-11-12 13:53 -------- d-----w- c:\users\Nidhogg 2012-10-23 17:54 . 2012-10-23 17:54 -------- d-----w- C:\Recovery . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-23 18:01 . 2009-07-13 23:52 14848 ----a-w- c:\windows\system32\slwga.dll 2012-10-23 18:01 . 2009-07-13 23:36 13824 ----a-w- c:\windows\SysWow64\slwga.dll 2012-10-23 18:01 . 2009-07-13 23:56 419840 ----a-w- c:\windows\system32\systemcpl.dll 2012-10-23 18:01 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll 2012-10-23 18:01 . 2009-07-13 23:24 833024 ----a-w- c:\windows\SysWow64\user32.dll . . ------- Sigcheck ------- Note: Unsigned files aren’t necessarily malware. . [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] … c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [-] 2012-10-23 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] … c:\windows\system32\user32.dll . [-] 2012-10-23 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] … c:\windows\SysWOW64\user32.dll [7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] … c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] “{7473b6bd-4691-4744-a82b-7854eb3d70b6}”= “c:\program files (x86)\uTorrentControl_v2\prxtbuTor.dll” [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid{7473b6bd-4691-4744-a82b-7854eb3d70b6}] . [HKEY_LOCAL_MACHINE\Wow6432Node~\Browser Helper Objects{7473b6bd-4691-4744-a82b-7854eb3d70b6}] 2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\uTorrentControl_v2\prxtbuTor.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] “{7473b6bd-4691-4744-a82b-7854eb3d70b6}”= “c:\program files (x86)\uTorrentControl_v2\prxtbuTor.dll” [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid{7473b6bd-4691-4744-a82b-7854eb3d70b6}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “DAEMON Tools Lite”=“d:\deamon\DAEMON Tools Lite\DTLite.exe” [2010-04-01 357696] “MzRamBooster”=“d:\mzram\MzRamBooster.exe” [2009-05-15 194560] “Pando Media Booster”=“c:\program files (x86)\Pando Networks\Media Booster\PMB.exe” [2012-10-25 3093624] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] “StartCCC”=“c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” [2010-01-13 98304] “SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe” [2012-07-03 252848] “dtmcfg”=“e:\gry\dtmcfg\dtmcfg.exe” [2010-05-31 1304576] “Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2012-09-23 926896] “HP Software Update”=“c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe” [2010-06-09 49208] “WinampAgent”=“d:\winamp\winampa.exe” [2012-06-28 74752] . c:\users\Nidhogg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ GamersFirst LIVE!.lnk - c:\users\Nidhogg\AppData\Local\GamersFirst\LIVE!\Live.exe [2012-10-29 2852504] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “ConsentPromptBehaviorAdmin”= 5 (0x5) “ConsentPromptBehaviorUser”= 3 (0x3) “EnableUIADesktopToggle”= 0 (0x0) “PromptOnSecureDesktop”= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] “aux1”=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216] R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-23 1255736] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-10-23 834544] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-01-13 202752] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264] . . — Inne Usługi/Sterowniki w Pamięci — . *NewlyCreated* - WS2IFSL . Zawartość folderu ‘Zaplanowane zadania’ . 2012-11-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-23 19:34] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “RtHDVCpl”=“c:\program files\Realtek\Audio\HDA\RAVCpl64.exe” [2011-02-24 11780712] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mStart Page = about:blank mDefault_Page_URL = about:blank TCP: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 FF - ProfilePath - c:\users\Nidhogg\AppData\Roaming\Mozilla\Firefox\Profiles\c8kbv2nv.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - google.com FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as … ource=2&q= FF - ExtSQL: 2012-10-23 20:21; mytube@ashishmishra.in; c:\users\Nidhogg\AppData\Roaming\Mozilla\Firefox\Profiles\c8kbv2nv.default\extensions\mytube@ashishmishra.in.xpi FF - ExtSQL: 2012-10-23 20:34; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Nidhogg\AppData\Roaming\Mozilla\Firefox\Profiles\c8kbv2nv.default\extensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - ExtSQL: 2012-10-23 21:00; {7473b6bd-4691-4744-a82b-7854eb3d70b6}; c:\users\Nidhogg\AppData\Roaming\Mozilla\Firefox\Profiles\c8kbv2nv.default\extensions{7473b6bd-4691-4744-a82b-7854eb3d70b6} FF - ExtSQL: 2012-11-04 12:03; {27182e60-b5f3-411c-b545-b44205977502}; c:\program files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension FF - ExtSQL: 2012-11-04 12:03; {3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}; c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension . - - - - USUNIĘTO PUSTE WPISY - - - - . Wow6432Node-HKCU-Run-SUS Start - c:\programdata\SUS\SUS.exe Wow6432Node-HKLM-Run- - (no file) . . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied : (Full) (Everyone) . Czas ukończenia: 2012-11-12 15:08:02 ComboFix-quarantined-files.txt 2012-11-12 14:08 . Przed: 42 894 000 128 bajtów wolnych Po: 43 335 000 064 bajtów wolnych . - - End Of File - - 831B17298C1A56F4BDB1B698AB64E188
Bogdan_G
(Bogdan_G)
12 Listopad 2012 14:55
#2
Może wystarczyłoby w trybie awaryjnym otworzyć? Próbowałeś odblokować unlockerem? Wyraźnie pisze o procesie, który trzyma i blokuje folder. Może wystarczyłoby znaleźć w procesach ten, odpowiedzialny za taki stan.
Hallada
(Vitoden)
12 Listopad 2012 15:02
#3
http://i50.tinypic.com/k1cu4m.jpg
Dwa bez opisu nie mają wpływu, po zakończeniu dalej jest zablokowany. Trzeci z kolei po zamknięciu resetuje system :x A działanie w trybie awaryjnym nie ratuje sytuacji.
Co do tego unlockera…mógłbym prosić o małą podpowiedź?
– Dodane 12.11.2012 (Pn) 16:09 –
Dobra, udało się przy pomocy Unlockera. Dzięki za pomoc