Witam ma problem o którym już wcześniej pisaliście czyli zamiast strony startowej google.pl jest wyswietlane www,szybko-szukaj.pl podaje link do mojego loga
czyli nie bardzo sie orientuje co moge teraz zrobic/ co to OTL?
OTL to takie narzędzie do skanowania komputera i usuwania infekcji.
Opis w linku (niżej w poście).
OTL logfile created on: 2009-08-17 22:18:52 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Kasia\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
2,00 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 52,94% Memory free
3,85 Gb Paging File | 3,00 Gb Available in Paging File | 77,78% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20,51 Gb Total Space | 4,54 Gb Free Space | 22,16% Space Free | Partition Type: NTFS
Drive D: | 54,04 Gb Total Space | 21,84 Gb Free Space | 40,42% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PENTIUM
Current User Name: Kasia
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2009-02-05 22:01:25 | 00,018,752 | ---- | M] (ALWIL Software) – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-02-05 22:08:40 | 00,138,680 | ---- | M] (ALWIL Software) – C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2004-08-04 00:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\Explorer.EXE
PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) – C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2009-02-05 22:08:45 | 00,081,000 | ---- | M] (ALWIL Software) – C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-04-10 19:29:08 | 00,037,888 | ---- | M] () – C:\Program Files\Winamp\winampa.exe
PRC - [2006-04-20 01:17:05 | 00,421,888 | ---- | M] (Google Inc.) – C:\Program Files\Picasa2\PicasaMediaDetector.exe
PRC - [2006-08-16 01:12:00 | 00,024,576 | ---- | M] (Creative Technology Ltd.) – C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
PRC - [2006-09-06 19:01:00 | 00,032,768 | R— | M] (Creative Technology Ltd.) – C:\WINDOWS\V0230Mon.exe
PRC - [2009-06-03 10:28:53 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-06-14 20:06:58 | 00,142,336 | ---- | M] () – C:\WINDOWS\System32\issch.exe
PRC - [2007-09-18 16:16:16 | 00,171,464 | ---- | M] (DT Soft Ltd.) – C:\Program Files\DAEMON Tools\daemon.exe
PRC - [2006-09-06 09:42:00 | 00,143,360 | ---- | M] (Creative Technology Ltd.) – C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
PRC - [2009-04-21 14:39:16 | 24,264,488 | R— | M] (Skype Technologies S.A.) – C:\Program Files\Skype\Phone\Skype.exe
PRC - [2008-03-20 12:04:46 | 02,127,296 | ---- | M] (Gadu-Gadu S.A.) – C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2009-08-04 02:06:28 | 02,474,496 | ---- | M] () – C:\Documents and Settings\Kasia\Moje dokumenty\GoD\GoD.exe
PRC - [2009-07-27 16:39:44 | 00,077,824 | ---- | M] () – C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2009-06-03 10:28:53 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2007-06-29 00:43:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) – C:\WINDOWS\System32\nvsvc32.exe
PRC - [2006-11-02 20:40:12 | 00,174,656 | ---- | M] () – C:\WINDOWS\System32\PSIService.exe
PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\System32\wdfmgr.exe
PRC - [2009-02-05 22:08:26 | 00,254,040 | ---- | M] (ALWIL Software) – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-02-05 22:06:04 | 00,352,920 | ---- | M] (ALWIL Software) – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-04-21 14:39:16 | 00,077,360 | R— | M] (Skype Technologies) – C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009-02-22 21:15:14 | 05,668,864 | ---- | M] (http://www.emule-project.net) – C:\Program Files\eMule\emule.exe
PRC - [2009-07-27 17:42:10 | 10,719,848 | ---- | M] (GG Network S.A.) – C:\Program Files\Nowe Gadu-Gadu\gg.exe
PRC - [2004-08-04 00:44:22 | 00,093,184 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-02-19 22:34:12 | 00,140,584 | ---- | M] (AOL LLC.) – c:\program files\winamp toolbar\WinampTbServer.exe
PRC - [2004-08-04 00:44:22 | 00,093,184 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2004-08-04 00:44:22 | 00,093,184 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-06-03 10:28:53 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Java\jre6\bin\java.exe
PRC - [2009-07-31 01:45:28 | 00,908,280 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-08-17 22:16:54 | 00,514,048 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Kasia\Moje dokumenty\Pobieranie\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2009-02-05 22:01:25 | 00,018,752 | ---- | M] (ALWIL Software) – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe – (aswUpdSv [Auto | Running])
SRV - [2009-02-05 22:08:40 | 00,138,680 | ---- | M] (ALWIL Software) – C:\Program Files\Alwil Software\Avast4\ashServ.exe – (avast! Antivirus [Auto | Running])
SRV - [2009-02-05 22:08:26 | 00,254,040 | ---- | M] (ALWIL Software) – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe – (avast! Mail Scanner [On_Demand | Running])
SRV - [2009-02-05 22:06:04 | 00,352,920 | ---- | M] (ALWIL Software) – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe – (avast! Web Scanner [On_Demand | Running])
SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll – (helpsvc [Auto | Running])
SRV - [2004-08-04 02:44:02 | 00,027,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\System32\irmon.dll – (Irmon [Auto | Running])
SRV - [2009-06-03 10:28:53 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Java\jre6\bin\jqs.exe – (JavaQuickStarterService [Auto | Running])
SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) – C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe – (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2007-06-29 00:43:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) – C:\WINDOWS\System32\nvsvc32.exe – (NVSvc [Auto | Running])
SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) – C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE – (odserv [On_Demand | Stopped])
SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) – C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE – (ose [On_Demand | Stopped])
SRV - [2006-11-02 20:40:12 | 00,174,656 | ---- | M] () – C:\WINDOWS\System32\PSIService.exe – (ProtexisLicensing [Auto | Running])
SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\System32\wdfmgr.exe – (UMWdf [Auto | Running])
========== Driver Services (SafeList) ==========
DRV - [2009-02-05 22:05:11 | 00,026,944 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aavmker4.sys – (Aavmker4 [system | Running])
DRV - [2009-02-05 22:07:12 | 00,020,560 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys – (aswFsBlk [Auto | Running])
DRV - [2009-02-05 22:08:10 | 00,094,032 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswmon2.sys – (aswMon2 [Auto | Running])
DRV - [2009-02-05 22:06:10 | 00,023,152 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswRdr.sys – (aswRdr [On_Demand | Running])
DRV - [2009-02-05 22:07:23 | 00,114,768 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswSP.sys – (aswSP [system | Running])
DRV - [2009-02-05 22:06:20 | 00,051,376 | ---- | M] (ALWIL Software) – C:\WINDOWS\System32\drivers\aswTdi.sys – (aswTdi [system | Running])
DRV - [2004-10-21 18:56:08 | 01,275,584 | ---- | M] (C-Media Inc.) – C:\WINDOWS\System32\drivers\cmudax.sys – (cmudax [On_Demand | Running])
DRV - [2005-01-07 17:07:16 | 00,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) – C:\WINDOWS\System32\drivers\HdAudio.sys – (HdAudAddService [On_Demand | Stopped])
DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) – C:\WINDOWS\System32\DRIVERS\HDAudBus.sys – (HDAudBus [On_Demand | Running])
DRV - [2001-08-17 23:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\System32\DRIVERS\irsir.sys – (irsir [On_Demand | Running])
DRV - [2007-06-29 00:43:00 | 06,807,328 | ---- | M] (NVIDIA Corporation) – C:\WINDOWS\System32\DRIVERS\nv4_mini.sys – (nv [On_Demand | Running])
DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) – C:\WINDOWS\System32\DRIVERS\ptilink.sys – (Ptilink [On_Demand | Running])
DRV - [2005-10-26 22:12:48 | 00,020,640 | ---- | M] (Sonic Solutions) – C:\WINDOWS\System32\Drivers\PxHelp20.sys – (PxHelp20 [boot | Running])
DRV - [2004-07-17 11:36:38 | 00,027,440 | ---- | M] () – C:\WINDOWS\System32\DRIVERS\secdrv.sys – (Secdrv [On_Demand | Stopped])
DRV - [2009-05-07 09:14:25 | 00,685,816 | ---- | M] () – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd [boot | Running])
DRV - [2006-03-23 19:00:00 | 00,006,272 | R— | M] (EyePower Games Pte. Ltd.) – C:\WINDOWS\System32\DRIVERS\V0230Vfx.sys – (V0230Vfx [On_Demand | Running])
DRV - [2006-09-28 19:01:00 | 00,500,480 | R— | M] (Creative Technology Ltd.) – C:\WINDOWS\System32\DRIVERS\V0230VID.sys – (V0230VID [On_Demand | Running])
DRV - [2006-11-22 08:01:00 | 00,250,496 | ---- | M] (Marvell) – C:\WINDOWS\System32\DRIVERS\yk51x86.sys – (yukonwxp [On_Demand | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl … r=iesearch
IE - HKU.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl … ar=msnhome
IE - HKU.DEFAULT.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl … r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl … ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-21-1123561945-884357618-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1123561945-884357618-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1123561945-884357618-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.szybko-szukaj.pl
IE - HKU\S-1-5-21-1123561945-884357618-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1123561945-884357618-839522115-1003\S-1-5-21-1123561945-884357618-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
========== FireFox ==========
FF - prefs.js…browser.search.defaultenginename: “Winamp Search”
FF - prefs.js…browser.search.defaulturl: “http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=”
FF - prefs.js…browser.search.selectedEngine: “Google”
FF - prefs.js…browser.search.useDBForOrder: true
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js…extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js…extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.1
FF - prefs.js…extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2
FF - prefs.js…keyword.URL: “http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - prefs.js…browser.startup.homepage: “http://www.szybko-szukaj.pl”
FF - HKLM\software\mozilla\Firefox\Extensions\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-06-03 10:28:54 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\Components: C:\Program Files\Mozilla Firefox\components [2009-08-17 21:49:46 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-08-17 21:49:45 | 00,000,000 | —D | M]
[2009-05-07 12:36:59 | 00,000,000 | —D | M] – C:\Documents and Settings\Kasia\Dane aplikacji\mozilla\Extensions
[2009-05-07 12:36:59 | 00,000,000 | —D | M] – C:\Documents and Settings\Kasia\Dane aplikacji\mozilla\Extensions{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-08-17 14:42:35 | 00,000,000 | —D | M] – C:\Documents and Settings\Kasia\Dane aplikacji\mozilla\Firefox\Profiles\8op9u7ca.default\extensions
[2009-05-07 13:03:22 | 00,000,000 | —D | M] – C:\Documents and Settings\Kasia\Dane aplikacji\mozilla\Firefox\Profiles\8op9u7ca.default\extensions{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009-05-07 13:03:29 | 00,001,196 | ---- | M] () – C:\Documents and Settings\Kasia\Dane aplikacji\Mozilla\FireFox\Profiles\8op9u7ca.default\searchplugins\winamp-search.xml
[2009-08-17 21:49:45 | 00,000,000 | —D | M] – C:\Program Files\mozilla firefox\extensions
[2009-08-17 21:49:45 | 00,000,000 | —D | M] – C:\Program Files\mozilla firefox\extensions{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-06-03 10:29:08 | 00,000,000 | —D | M] – C:\Program Files\mozilla firefox\extensions{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009-07-31 01:45:28 | 00,023,544 | ---- | M] (Mozilla Foundation) – C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-07-31 01:45:28 | 00,137,208 | ---- | M] (Mozilla Foundation) – C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009-06-03 10:28:54 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009-07-31 01:45:28 | 00,065,016 | ---- | M] (mozilla.org) – C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2004-02-05 00:54:00 | 00,013,888 | ---- | M] (Microsoft Corporation) – C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL
[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) – C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009-07-31 00:44:16 | 00,002,767 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-07-31 00:44:16 | 00,001,406 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-07-31 01:45:26 | 00,002,371 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-07-31 00:44:16 | 00,000,917 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-07-31 00:44:16 | 00,000,858 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-07-31 00:44:16 | 00,001,183 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-07-31 00:44:16 | 00,001,683 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Kasia\Dane aplikacji\Nowe Gadu-Gadu_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM…\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1123561945-884357618-839522115-1003…\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM…\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM…\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM…\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM…\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HDAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM…\Run: [issch] C:\WINDOWS\System32\issch.exe ()
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM…\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM…\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM…\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM…\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM…\Run: [V0230Mon.exe] C:\WINDOWS\V0230Mon.exe (Creative Technology Ltd.)
O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-1123561945-884357618-839522115-1003…\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1123561945-884357618-839522115-1003…\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-1123561945-884357618-839522115-1003…\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKU\S-1-5-21-1123561945-884357618-839522115-1003…\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKU\S-1-5-21-1123561945-884357618-839522115-1003…\Run: [GoD] C:\Documents and Settings\Kasia\Moje dokumenty\GoD\GoD.exe ()
O4 - HKU\S-1-5-21-1123561945-884357618-839522115-1003…\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1123561945-884357618-839522115-1003…\Run: [skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-884357618-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-884357618-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-884357618-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1123561945-884357618-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh … wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.228.6.43 89.228.6.83
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-05-07 13:24:04 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]
O33 - MountPoints2{1ea3bdbe-3ad4-11de-a2c3-917d69b7de41}\Shell - “” = AutoRun
O33 - MountPoints2{1ea3bdbf-3ad4-11de-a2c3-917d69b7de41}\Shell\AutoRun\command - “” = G:\USBNB.exe – File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
[3 C:\WINDOWS*.tmp files]
[2009-08-17 22:16:49 | 00,000,000 | —D | C] – C:\Documents and Settings\Kasia\Moje dokumenty\Pobieranie
[2009-08-17 21:49:48 | 00,001,608 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2009-08-17 20:43:06 | 00,000,000 | —D | C] – C:\Documents and Settings\Kasia\Pulpit\backups
[2009-08-17 15:12:38 | 00,401,720 | ---- | C] (Trend Micro Inc.) – C:\Documents and Settings\Kasia\Pulpit\HiJackThis.exe
[2009-08-14 12:04:16 | 00,050,688 | ---- | C] () – C:\Documents and Settings\Kasia\Moje dokumenty\WYŻSZA SZKOŁA EDUKACJI zd.doc
[2009-08-14 09:49:55 | 00,000,162 | -H-- | C] () – C:\Documents and Settings\Kasia\Moje dokumenty~$ŻSZA SZKOŁA EDUKACJI.doc
[2009-08-13 04:03:57 | 00,221,184 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\wmpns.dll
[2009-08-13 03:01:48 | 00,000,000 | —D | C] – C:\WINDOWS\ServicePackFiles
[2009-08-12 22:01:56 | 00,031,744 | ---- | C] () – C:\Documents and Settings\Kasia\Moje dokumenty\WYŻSZA SZKOŁA EDUKACJI.doc
[2009-08-11 22:02:10 | 00,000,495 | ---- | C] () – C:\Documents and Settings\Kasia\Pulpit\GoD.lnk
[2009-08-11 22:02:10 | 00,000,000 | —D | C] – C:\Documents and Settings\Kasia\Moje dokumenty\GoD
[2009-08-11 22:01:40 | 00,971,816 | ---- | C] (DT Software s.c. ) – C:\Documents and Settings\Kasia\Pulpit\GoDSetup195PP0188.exe
[2009-08-11 21:45:51 | 00,142,336 | ---- | C] () – C:\WINDOWS\System32\issch.exe
[2009-08-11 21:45:50 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Media
[2009-08-11 20:07:03 | 00,000,000 | —D | C] – C:\Documents and Settings\Kasia\Moje dokumenty\EA Games
[2009-08-11 20:07:03 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dokumenty\EA Games
[2009-08-11 17:57:04 | 00,049,064 | ---- | C] () – C:\Documents and Settings\Kasia\Pulpit\Welcome.wav
[2009-08-11 17:54:11 | 00,313,388 | ---- | C] () – C:\Documents and Settings\Kasia\Pulpit\Technodostepny.wav
[2009-08-11 17:34:44 | 00,164,352 | ---- | C] () – C:\Documents and Settings\Kasia\Pulpit\CV MAMA.doc
[2009-08-11 14:32:49 | 00,000,000 | R–D | C] – C:\Documents and Settings\Kasia\Pulpit\zdjęcia mamy 1
[2009-08-09 17:36:18 | 00,000,723 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2009-08-09 17:36:18 | 00,000,694 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2009-08-09 17:35:49 | 00,000,000 | —D | C] – C:\Program Files\Nowe Gadu-Gadu
[2009-08-08 10:48:41 | 22,333,112 | ---- | C] () – C:\Documents and Settings\Kasia\Pulpit\nowegg.exe
[2009-08-06 19:29:44 | 00,029,184 | ---- | C] () – C:\Documents and Settings\Kasia\Moje dokumenty\list motywacyjny- recepcjonistka.doc
[2009-08-06 19:09:11 | 00,029,696 | ---- | C] () – C:\Documents and Settings\Kasia\Moje dokumenty\list motywacyjny.doc
[2009-08-06 18:40:31 | 00,030,208 | ---- | C] () – C:\Documents and Settings\Kasia\Pulpit\LIST MOTYWACYJNY.doc
[2009-08-02 01:04:54 | 00,000,988 | ---- | C] () – C:\Documents and Settings\Kasia\Pulpit\Skrót do 0605_113251X.lnk
[2009-07-21 22:53:04 | 00,020,480 | ---- | C] () – C:\Documents and Settings\Kasia\Moje dokumenty\mgr.doc
[2009-07-21 22:31:52 | 00,032,768 | ---- | C] () – C:\Documents and Settings\Kasia\Pulpit\Curriculum Vitae.doc
[2009-07-21 22:30:58 | 00,032,768 | ---- | C] () – C:\Documents and Settings\Kasia\Moje dokumenty\Curriculum Vitae.doc
[2009-07-21 14:44:25 | 21,935,408 | ---- | C] (Apple Inc.) – C:\Documents and Settings\Kasia\Pulpit\QuickTimeInstaller.exe
[2009-07-21 14:26:32 | 00,000,658 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\eMule.lnk
[2009-06-29 10:22:36 | 00,002,516 | -HS- | C] () – C:\WINDOWS\System32\KGyGaAvL.sys
[2009-06-29 10:22:36 | 00,000,088 | RHS- | C] () – C:\WINDOWS\System32\F2C5398324.sys
[2009-06-04 13:31:05 | 00,000,421 | ---- | C] () – C:\WINDOWS\ODBC.INI
[2009-05-07 13:16:22 | 00,000,069 | ---- | C] () – C:\WINDOWS\NeroDigital.ini
[2009-05-07 09:14:24 | 00,685,816 | ---- | C] () – C:\WINDOWS\System32\drivers\sptd.sys
[2009-05-07 09:11:33 | 00,028,672 | ---- | C] () – C:\WINDOWS\System32\cmirmdrv.dll
[2007-06-29 00:43:00 | 01,703,936 | ---- | C] () – C:\WINDOWS\System32\nvwdmcpl.dll
[2007-06-29 00:43:00 | 01,474,560 | ---- | C] () – C:\WINDOWS\System32\nview.dll
[2007-06-29 00:43:00 | 01,019,904 | ---- | C] () – C:\WINDOWS\System32\nvwimg.dll
[2007-06-29 00:43:00 | 00,466,944 | ---- | C] () – C:\WINDOWS\System32\nvshell.dll
[2007-06-29 00:43:00 | 00,286,720 | ---- | C] () – C:\WINDOWS\System32\nvnt4cpl.dll
[2004-07-17 11:36:38 | 00,027,440 | ---- | C] () – C:\WINDOWS\System32\drivers\secdrv.sys
[2004-02-05 00:54:00 | 00,005,679 | ---- | C] () – C:\WINDOWS\System32\OUTLPERF.INI
[2001-07-21 22:16:20 | 00,000,552 | ---- | C] () – C:\WINDOWS\win.ini
[2001-07-21 22:15:52 | 00,000,227 | ---- | C] () – C:\WINDOWS\system.ini
========== Files - Modified Within 30 Days ==========
[1 C:\WINDOWS\System32*.tmp files]
[3 C:\WINDOWS*.tmp files]
[2009-08-17 21:49:48 | 00,001,608 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2009-08-17 15:12:40 | 00,401,720 | ---- | M] (Trend Micro Inc.) – C:\Documents and Settings\Kasia\Pulpit\HiJackThis.exe
[2009-08-17 13:23:33 | 00,000,069 | ---- | M] () – C:\WINDOWS\NeroDigital.ini
[2009-08-17 09:39:42 | 00,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT
[2009-08-17 09:39:36 | 00,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2009-08-16 23:54:38 | 00,826,806 | -H-- | M] () – C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-08-16 11:20:20 | 00,002,206 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl
[2009-08-14 15:27:21 | 00,050,688 | ---- | M] () – C:\Documents and Settings\Kasia\Moje dokumenty\WYŻSZA SZKOŁA EDUKACJI zd.doc
[2009-08-14 09:49:55 | 00,000,162 | -H-- | M] () – C:\Documents and Settings\Kasia\Moje dokumenty~$ŻSZA SZKOŁA EDUKACJI.doc
[2009-08-13 03:06:33 | 00,001,374 | ---- | M] () – C:\WINDOWS\imsins.BAK
[2009-08-12 22:01:59 | 00,031,744 | ---- | M] () – C:\Documents and Settings\Kasia\Moje dokumenty\WYŻSZA SZKOŁA EDUKACJI.doc
[2009-08-12 16:20:51 | 00,032,768 | ---- | M] () – C:\Documents and Settings\Kasia\Moje dokumenty\Curriculum Vitae.doc
[2009-08-11 22:02:10 | 00,000,495 | ---- | M] () – C:\Documents and Settings\Kasia\Pulpit\GoD.lnk
[2009-08-11 22:01:46 | 00,971,816 | ---- | M] (DT Software s.c. ) – C:\Documents and Settings\Kasia\Pulpit\GoDSetup195PP0188.exe
[2009-08-11 17:57:05 | 00,049,064 | ---- | M] () – C:\Documents and Settings\Kasia\Pulpit\Welcome.wav
[2009-08-11 17:54:12 | 00,313,388 | ---- | M] () – C:\Documents and Settings\Kasia\Pulpit\Technodostepny.wav
[2009-08-11 17:34:44 | 00,164,352 | ---- | M] () – C:\Documents and Settings\Kasia\Pulpit\CV MAMA.doc
[2009-08-11 14:40:54 | 00,032,768 | ---- | M] () – C:\Documents and Settings\Kasia\Pulpit\Curriculum Vitae.doc
[2009-08-10 21:12:54 | 00,002,516 | -HS- | M] () – C:\WINDOWS\System32\KGyGaAvL.sys
[2009-08-10 21:12:50 | 00,000,088 | RHS- | M] () – C:\WINDOWS\System32\F2C5398324.sys
[2009-08-09 18:49:16 | 00,029,696 | ---- | M] () – C:\Documents and Settings\Kasia\Moje dokumenty\list motywacyjny.doc
[2009-08-09 17:36:18 | 00,000,723 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2009-08-09 17:36:18 | 00,000,694 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2009-08-08 10:50:16 | 22,333,112 | ---- | M] () – C:\Documents and Settings\Kasia\Pulpit\nowegg.exe
[2009-08-06 19:29:45 | 00,029,184 | ---- | M] () – C:\Documents and Settings\Kasia\Moje dokumenty\list motywacyjny- recepcjonistka.doc
[2009-08-06 19:08:50 | 00,030,208 | ---- | M] () – C:\Documents and Settings\Kasia\Pulpit\LIST MOTYWACYJNY.doc
[2009-08-05 11:08:09 | 00,205,312 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\System32\mswebdvd.dll
[2009-08-05 11:08:09 | 00,205,312 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009-08-03 14:19:05 | 00,020,480 | ---- | M] () – C:\Documents and Settings\Kasia\Moje dokumenty\mgr.doc
[2009-08-02 01:04:54 | 00,000,988 | ---- | M] () – C:\Documents and Settings\Kasia\Pulpit\Skrót do 0605_113251X.lnk
[2009-07-30 02:49:14 | 24,281,536 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\System32\MRT.exe
[2009-07-28 00:43:24 | 00,128,512 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2009-07-27 21:54:00 | 00,002,267 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2009-07-21 21:00:40 | 00,073,928 | ---- | M] () – C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-07-21 19:34:23 | 00,277,352 | ---- | M] () – C:\WINDOWS\System32\FNTCACHE.DAT
[2009-07-21 14:50:23 | 21,935,408 | ---- | M] (Apple Inc.) – C:\Documents and Settings\Kasia\Pulpit\QuickTimeInstaller.exe
[2009-07-21 14:26:32 | 00,000,658 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\eMule.lnk
========== LOP Check ==========
[2009-07-11 12:36:57 | 00,000,000 | RH-D | M] – C:\Documents and Settings\All Users\Dane aplikacji
[2009-07-11 12:36:57 | 00,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Corel
[2009-05-07 13:23:00 | 00,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\muvee Technologies
[2009-08-13 03:44:27 | 00,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-05-07 02:15:57 | 00,000,000 | RH-D | M] – C:\Documents and Settings\Default User\Dane aplikacji
[2009-07-11 12:37:13 | 00,000,000 | RH-D | M] – C:\Documents and Settings\Kasia\Dane aplikacji
[2009-08-02 18:13:29 | 00,000,000 | —D | M] – C:\Documents and Settings\Kasia\Dane aplikacji\Corel
[2009-06-03 19:55:10 | 00,000,000 | —D | M] – C:\Documents and Settings\Kasia\Dane aplikacji\Gadu-Gadu
[2009-08-09 18:55:31 | 00,000,000 | —D | M] – C:\Documents and Settings\Kasia\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-12 23:56:18 | 00,000,000 | —D | M] – C:\Documents and Settings\Kasia\Dane aplikacji\OpenFM
[2009-05-07 08:55:40 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Dane aplikacji
[2009-05-07 08:53:57 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Dane aplikacji
[2001-07-21 22:17:50 | 00,000,065 | RH-- | M] () – C:\WINDOWS\Tasks\desktop.ini
[2009-08-17 09:39:42 | 00,000,006 | -H-- | M] () – C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
OTL Extras logfile created on: 2009-08-17 22:18:52 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Kasia\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
2,00 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 52,94% Memory free
3,85 Gb Paging File | 3,00 Gb Available in Paging File | 77,78% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20,51 Gb Total Space | 4,54 Gb Free Space | 22,16% Space Free | Partition Type: NTFS
Drive D: | 54,04 Gb Total Space | 21,84 Gb Free Space | 40,42% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PENTIUM
Current User Name: Kasia
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes]
.html [@ = htmlfile] – C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1123561945-884357618-839522115-1003\SOFTWARE\Classes]
.html [@ = FirefoxHTML] – C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“FirstRunDisabled” = 1
“AntiVirusDisableNotify” = 0
“FirewallDisableNotify” = 0
“UpdatesDisableNotify” = 0
“AntiVirusOverride” = 0
“FirewallOverride” = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
“8461:TCP” = 8461:TCP:*:Enabled:GoD High Port
“8462:TCP” = 8462:TCP:*:Enabled:GoD Low Port
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
“C:\Program Files\Microsoft Office\Office12\GROOVE.EXE” = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove – (Microsoft Corporation)
“C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE” = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote – (Microsoft Corporation)
“C:\Program Files\Nowe Gadu-Gadu\gg.exe” = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Disabled:Nowe Gadu-Gadu – (GG Network S.A.)
“C:\WINDOWS\system32\dpvsetup.exe” = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test – (Microsoft Corporation)
“C:\Program Files\eMule\emule.exe” = C:\Program Files\eMule\emule.exe:*:Disabled:eMule – (http://www.emule-project.net)
“C:\Program Files\Skype\Phone\Skype.exe” = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype – (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}” = Skype™ 4.0
“{26A24AE4-039D-4CA4-87B4-2F83216013FF}” = Java 6 Update 13
“{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}” = WebFldrs XP
“{7299052b-02a4-4627-81f2-1818da5d550d}” = Microsoft Visual C++ 2005 Redistributable
“{76B78008-3832-42FD-AE55-C8F946ED3C7E}” = muvee autoProducer 4.1
“{90110415-6000-11D3-8CFE-0150048383C9}” = Microsoft Office Professional Edition 2003
“{90120000-0010-0415-0000-0000000FF1CE}” = Microsoft Software Update for Web Folders (Polish) 12
“{90120000-0015-0415-0000-0000000FF1CE}” = Microsoft Office Access MUI (Polish) 2007
“{90120000-0016-0415-0000-0000000FF1CE}” = Microsoft Office Excel MUI (Polish) 2007
“{90120000-0018-0415-0000-0000000FF1CE}” = Microsoft Office PowerPoint MUI (Polish) 2007
“{90120000-0019-0415-0000-0000000FF1CE}” = Microsoft Office Publisher MUI (Polish) 2007
“{90120000-001A-0415-0000-0000000FF1CE}” = Microsoft Office Outlook MUI (Polish) 2007
“{90120000-001B-0415-0000-0000000FF1CE}” = Microsoft Office Word MUI (Polish) 2007
“{90120000-001F-0407-0000-0000000FF1CE}” = Microsoft Office Proof (German) 2007
“{90120000-001F-0409-0000-0000000FF1CE}” = Microsoft Office Proof (English) 2007
“{90120000-001F-0415-0000-0000000FF1CE}” = Microsoft Office Proof (Polish) 2007
“{90120000-002C-0415-0000-0000000FF1CE}” = Microsoft Office Proofing (Polish) 2007
“{90120000-0030-0000-0000-0000000FF1CE}” = Microsoft Office Enterprise 2007
“{90120000-0044-0415-0000-0000000FF1CE}” = Microsoft Office InfoPath MUI (Polish) 2007
“{90120000-006E-0415-0000-0000000FF1CE}” = Microsoft Office Shared MUI (Polish) 2007
“{90120000-00A1-0415-0000-0000000FF1CE}” = Microsoft Office OneNote MUI (Polish) 2007
“{90120000-00BA-0415-0000-0000000FF1CE}” = Microsoft Office Groove MUI (Polish) 2007
“{AC76BA86-7AD7-1045-7B44-A91000000001}” = Adobe Reader 9.1.2 - Polish
“{C950420B-4182-49EA-850A-A6A2ABF06C6B}” = Marvell Miniport Driver
“Adobe Flash Player ActiveX” = Adobe Flash Player 10 ActiveX
“Adobe Flash Player Plugin” = Adobe Flash Player 10 Plugin
“Advanced Video FX Engine” = Advanced Video FX Engine
“ALLPlayer_is1” = ALLPlayer V3.X
“avast!” = avast! Antivirus
“C-Media Audio Driver” = C-Media High Definition Audio Driver
“Creative Live! Cam Center” = Creative Live! Cam Center
“Creative Live! Cam Manager” = Creative Live! Cam Manager
“Creative Live! Cam Video IM Pro User’s Guide English” = Creative Live! Cam Video IM Pro User’s Guide (English)
“Creative Photo Calendar” = Creative Photo Calendar
“Creative Photo Manager” = Creative Photo Manager
“Creative Software AutoUpdate” = Creative Software AutoUpdate
“Creative VF0230” = Creative Live! Cam Video IM Pro Driver (1.01.03.0928)
“CZATeriaKam” = CZATeriaKam 2.5.04
“eMule” = eMule
“ENTERPRISE” = Microsoft Office Enterprise 2007
“Gadu-Gadu” = Gadu-Gadu 7.7
“GoD_is1” = GoD 1.95
“HijackThis” = HijackThis 2.0.2
“Mozilla Firefox (3.5.2)” = Mozilla Firefox (3.5.2)
“Nero - Burning Rom!UninstallKey” = Nero 6 Ultra Edition
“Nowe Gadu-Gadu” = Nowe Gadu-Gadu
“NVIDIA Drivers” = NVIDIA Drivers
“Picasa2” = Picasa 2
“SysInfo” = Creative System Information
“Winamp” = Winamp
“Winamp Toolbar” = Winamp Toolbar
“Windows Media Format Runtime” = Windows Media Format Runtime
“WinRAR archiver” = Archiwizator WinRAR
========== Last 10 Event Log Errors ==========
[Application Events]
Error - 2009-08-14 05:21:53 | Computer Name = PENTIUM | Source = Microsoft Office 11 | ID = 1000
Description =
Error - 2009-08-14 05:22:24 | Computer Name = PENTIUM | Source = Microsoft Office 11 | ID = 1000
Description =
Error - 2009-08-14 05:22:53 | Computer Name = PENTIUM | Source = Microsoft Office 11 | ID = 1000
Description =
Error - 2009-08-14 05:23:36 | Computer Name = PENTIUM | Source = Microsoft Office 11 | ID = 1000
Description =
Error - 2009-08-14 06:00:01 | Computer Name = PENTIUM | Source = Microsoft Office 11 | ID = 1000
Description =
Error - 2009-08-14 06:01:16 | Computer Name = PENTIUM | Source = Microsoft Office 11 | ID = 1000
Description =
Error - 2009-08-14 06:02:48 | Computer Name = PENTIUM | Source = Microsoft Office 11 | ID = 1000
Description =
Error - 2009-08-14 06:02:56 | Computer Name = PENTIUM | Source = Microsoft Office 11 | ID = 1000
Description =
Error - 2009-08-14 09:26:53 | Computer Name = PENTIUM | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca GoD.exe, wersja 0.0.0.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2009-08-14 09:28:03 | Computer Name = PENTIUM | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.0.3498, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
[System Events]
Error - 2009-07-24 20:28:41 | Computer Name = PENTIUM | Source = Windows Update Agent | ID = 20
Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować
następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Internet Explorer
8 dla systemu Windows XP.
Logi wklejasz na wklej.org lub wklej.to, a w poście dajesz link.
W Custom Scans/Fixes w OTL wklej:
Run Fix. Restart.
Potem log z usuwania oraz nowy OTL.txt
czyli wpisuje w custom scans/fixes to wysłane przez Ciebie robie run fix i co dalej? Nie rozumiem bo jestem troche laikiem jesli chodzi o takie rzeczy:)
Kopiujesz to co zacytowałem, wklejasz w białe okienko na dole OTL-a i klikasz przycisk Run Fix.
Program zrobi wszystko i ewentualnie poprosi o restart. 
ok to tak zrobilam po restarcie,natomiast jak chce wkleic nowy scan po restarcie to pokazuje mi ze mam za duzo znakow w wiadomosci
– Dodane 18.08.2009 (Wt) 12:03 –
to jest http://wklej.org/id/136510 ze sanowania po restarcie
– Dodane 18.08.2009 (Wt) 12:34 –
czyli pewnie robie cos zle, wiec nikt mi nie pomoze? nadal nie wiem czy robie cos nie tak?
OTL w oknie Custom Scans-Fixes wklej następujący skrypt:
Kliknij w Run Fix. Zatwierdź restart komputera.
potem nowy skan i pokaż log
tylko ze ja do OTL wklejam w puste okno to co mam od ciebie i wciskam run fix to nagle ginie mi wszstko z pulpitu tzn wszystkie ikony i jest w OTL info na gorze ze brak odpowiedzi i nic sie dalej z tym nie dzieje… wiec nie wiem co jest nie tak?
Spróbuj na razie tego skryptu:
niestety ale dalej jest to samo jak w puste okno wpisuje te dane ktore podales. znasz jeszcze jeis inny sposob, moze jakis inny program niz OTL?
Tego opornego dziada się trzeba pozbyć z niższego poziomu.
Pobierz The Avenger i uruchom.
Wklej w niego ten tekst:
Execute i zgadzasz się na restart.
Po restarcie kasujesz plik C:\Avenger\backup.zip i dajesz tutaj do sprawdzenia raport C:\avenger.txt
po wykonaniu czynnosci zaproponowanych przez Ciebie raport z Avengera jest następujący
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Dodatek Service Pack 2)
Wed Aug 19 14:53:04 2009
14:52:59: Error: Invalid syntax in command:
“HKEY_LOCAL_MACHINE|Software\Microsoft\Windows\CurrentVersion\Run | issch”
Skipping line. (Registry value deletion mode)
//////////////////////////////////////////
Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File “C:\WINDOWS\system32\issch.exe” deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Blokada usunięta.
Jeszcze otwórz Notatnik i wklej:
Plik zapisz jako typ wszystkie pliki pod nazwą plik.reg -> uruchom powstały plik, potwierdź chęć dodania do rejestru.
W OTL kliknij CleanUp.
Wyczyść rejestr i dysk CCleaner.
Usuń zbędniki z autostartu.
Wykonaj pełny skan DR WEB CureIt.
Gdy będą wirusy pokaż raport.
Nie rozumem zdania. Jak mam zapisać plik jako wszystkie pliki? Czy mam otworzyć zupelnie nowy notatnik i tam wkleic wyslane przez Ciebie i zapisac go tylko pod nazwa plik.reg?. A jak dodac do rejestru? mnie jek krowie na granicy trzeba pisac. Ale pewnie bede miec pytania jeszcze co do dalszej czesci ale to potem:) tylko sie nie gniewaj za moja ciemnote:P
Otwórz Notatnik i wklej to co wyżej napisałem.
W oknie dialogowym zapisu pliku wybierasz:
- [*:1n8vz2ja] Nazwa pliku: plik.reg
Zapisujesz w dostępnym miejscu, klikasz na powstały plik (będzie to taki z zieloną, rozsypująca się kostką rubika) i potwierdzasz komunikat o wprowadzeniu pliku do rejestru.
w ccleaner jest komunikat po wybraniu opcji uruchom cleaner ze ten proces usunie mi calkowicie pliki z mojego systemy… czyli jak mam to rozumiec? chodzi o te zbedne?
tak