x-kom hosting

Problem z alt+ctrl+del

michal1992pawlak
utworzono
utworzono

Witam mam problem, a mianowicie coś się stało ostatnio z moim kompe, kiedy wciskam kombinacje alt+ctrl+del to wyskakuje "Menadżer zadań został wyłączony przez administratora", nie mogę nawet wejść w uruchom -> regedit i pisze "Edycja rejestru została wyłączona przez administratora sieci".
Czy da się to jakoś naprawić ? :)

asmodeuszz
komentarz
komentarz

Wrzuć logi z OTL, gdyż najpewniej jest to infekcja.

szaki
komentarz
komentarz

Cyprian ma rację.
Spróbuj:
start->uruchom->wpisać gpedit.msc i usługach odnaleźć Szablony administracyjne->>SYstem-> Opcje klawiszy CTRL+ALT+DEL -> Usunąć Menedżera zadań-> ustawić na wyłączone Zastosuj->OK

michal1992pawlak
komentarz
komentarz

[log]OTL logfile created on: 2010-03-23 19:49:46 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Dom\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

894,00 Mb Total Physical Memory | 400,00 Mb Available Physical Memory | 45,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 21,82 Gb Free Space | 55,85% Space Free | Partition Type: NTFS
Drive D: | 35,46 Gb Total Space | 22,87 Gb Free Space | 64,49% Space Free | Partition Type: NTFS
Drive E: | 1,57 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 696,96 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
I: Drive not present or media not loaded

Computer Name: DOM-680297A355A
Current User Name: Dom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-03-23 19:48:36 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
PRC - [2009-02-06 14:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009-02-06 14:23:12 | 002,021,400 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2008-10-28 17:45:02 | 000,098,816 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-12-06 13:53:30 | 000,819,200 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\neostradatp.exe
PRC - [2005-11-22 11:54:18 | 000,249,856 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\ComComp.exe
PRC - [2005-08-05 08:15:04 | 000,061,440 | ---- | M] (Vimicro) -- C:\WINDOWS\VM305_STI.EXE
PRC - [2005-05-17 18:48:32 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004-11-02 14:31:20 | 000,069,632 | ---- | M] (France Telecom R&D) -- C:\Program Files\neostrada tp\Toaster.exe
PRC - [2004-10-27 10:30:44 | 000,032,768 | ---- | M] () -- C:\Program Files\neostrada tp\Inactivity.exe
PRC - [2004-10-27 10:07:06 | 000,069,632 | ---- | M] () -- C:\Program Files\neostrada tp\PollingModule.exe
PRC - [2004-10-21 07:50:52 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\AlertModule\AlertModule.exe
PRC - [2004-10-05 16:00:12 | 000,061,440 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\TaskBarIcon.exe
PRC - [2004-08-23 13:49:56 | 000,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\system32\FTRTSVC.exe
PRC - [2004-08-23 13:49:56 | 000,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\Watch.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-03-23 19:48:36 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
MOD - [2004-10-26 08:49:34 | 000,028,672 | ---- | M] () -- C:\Program Files\neostrada tp\Inactivity.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-02-06 14:27:06 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-02-06 14:23:36 | 000,727,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2004-08-23 13:49:56 | 000,040,960 | ---- | M] (France Telecom) [Auto | Running] -- C:\WINDOWS\system32\FTRTSVC.exe -- (FTRTSVC)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-02-09 15:11:17 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009-02-06 14:24:22 | 000,056,280 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2009-02-06 14:24:22 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009-02-06 14:24:18 | 000,130,952 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2009-02-06 14:23:18 | 000,106,208 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009-02-06 14:19:52 | 000,113,448 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2006-09-19 11:03:28 | 000,116,992 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e4usbaw.sys -- (e4usbaw)
DRV - [2006-09-15 11:07:54 | 000,064,000 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e4ldr.sys -- (IKANLOADER2) General Purpose USB Driver (e4ldr.sys)
DRV - [2005-11-30 05:50:14 | 000,392,316 | R--- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM305.sys -- (ZSMC0305)
DRV - [2005-08-11 15:04:54 | 000,463,168 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005-06-22 22:14:22 | 001,198,592 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005-06-04 05:50:40 | 000,162,176 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005-05-18 17:50:30 | 002,319,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-01-14 17:22:54 | 000,005,504 | ---- | M] (EnE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EKBfltr.sys -- (EKBfltr)
DRV - [2004-10-11 12:24:52 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1085031214-1958367476-1801674531-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
IE - HKU\S-1-5-21-1085031214-1958367476-1801674531-1005\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\neostrada tp\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1085031214-1958367476-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/ig?hl=pl&source=iglk"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.2

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-16 16:29:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-13 13:29:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-03-23 18:37:26 | 000,000,000 | ---D | M]

[2009-11-07 15:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Extensions
[2010-03-23 18:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\ce3hhhhd.default\extensions
[2010-03-19 18:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\ce3hhhhd.default\extensions\personas@christopher.beard
[2010-03-23 18:00:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-03-13 13:29:34 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-03-13 13:29:34 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-03-13 13:29:34 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-03-13 13:29:34 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-03-13 13:29:34 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-03-13 13:29:34 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE (Vimicro)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe File not found
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\neostrada tp\Watch.exe (France Télécom R&D)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1085031214-1958367476-1801674531-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-21-1085031214-1958367476-1801674531-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-1085031214-1958367476-1801674531-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-07 14:39:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006-09-09 16:06:22 | 000,000,000 | R--D | M] - H:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2006-09-09 16:01:57 | 000,704,512 | R--- | M] (Electronic Arts Inc.) - H:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006-09-09 08:13:17 | 000,634,880 | R--- | M] (Electronic Arts Inc.) - H:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2006-09-09 16:05:49 | 000,000,146 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{629d6fec-d106-11de-bce0-4d6564696130}\Shell\AutoRun\command - "" = F:\s1.exe -- File not found
O33 - MountPoints2\{629d6fec-d106-11de-bce0-4d6564696130}\Shell\open\Command - "" = F:\s1.exe -- File not found
O33 - MountPoints2\{629d6fed-d106-11de-bce0-4d6564696130}\Shell\AutoplAy\COmMand - "" = G:\ivwfxw.cmd -- File not found
O33 - MountPoints2\{629d6fed-d106-11de-bce0-4d6564696130}\Shell\AutoRun\command - "" = G:\ivwfxw.cmd -- File not found
O33 - MountPoints2\{629d6fed-d106-11de-bce0-4d6564696130}\Shell\ExpLOrE\coMMand - "" = G:\ivwfxw.cmd -- File not found
O33 - MountPoints2\{629d6fed-d106-11de-bce0-4d6564696130}\Shell\OpeN\CommAND - "" = G:\ivwfxw.cmd -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2006-09-09 16:01:57 | 000,704,512 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-11-07 14:38:32 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found




[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-03-23 19:48:25 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
[2010-03-23 19:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
[2010-03-23 18:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Dane aplikacji\ESET
[2010-03-23 18:49:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\ESET
[2010-03-23 18:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010-03-23 18:37:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-03-20 19:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Dane aplikacji\VSO
[2010-03-20 19:30:29 | 000,000,000 | ---D | C] -- C:\Program Files\VSO
[2010-03-20 19:08:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\zawody
[2010-03-14 18:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-03-14 18:51:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010-03-14 11:20:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010-03-14 11:20:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2010-03-14 11:20:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010-03-14 11:12:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010-03-14 11:00:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010-03-14 11:00:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010-03-06 16:19:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Dane aplikacji\ipla
[2010-03-06 16:19:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-03-06 16:19:13 | 000,000,000 | ---D | C] -- C:\Program Files\ipla
[2010-03-06 16:19:05 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2010-03-06 16:19:05 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71.dll
[2010-03-06 16:17:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-03-06 16:17:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Dane aplikacji\Gadu-Gadu 10
[2010-03-06 16:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2010-02-21 09:55:01 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-02-21 09:55:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-02-21 09:55:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-02-20 10:56:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\TS2W_asnyBiznes
[2010-02-09 15:44:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\EA Games
[2010-02-09 15:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Dane aplikacji\DAEMON Tools Pro
[2010-02-09 15:24:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems
[2010-02-09 15:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO
[2010-02-09 15:24:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Moje dokumenty\My ISO Files
[2010-02-09 15:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\The Sims 2 Pets
[2010-02-09 15:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-02-09 15:14:10 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2010-02-09 15:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-02-09 15:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Dane aplikacji\DAEMON Tools Lite
[2010-02-09 15:09:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\Mini Image
[2010-02-09 15:05:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Moje dokumenty\EA Games
[2010-02-09 13:45:13 | 000,442,368 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2010-02-06 18:58:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground
[2010-02-06 18:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX
[2010-02-06 18:51:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\Nowy folder
[2010-02-06 18:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Moje dokumenty\FIFA 07
[2009-11-07 14:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-11-07 14:39:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-11-07 14:39:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-03-23 19:48:36 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
[2010-03-23 19:00:35 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D23AD607-BDE1-46D0-B0D3-333F261151BD}.job
[2010-03-23 18:51:30 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-03-23 18:51:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-03-23 18:50:14 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Dom\NTUSER.DAT
[2010-03-23 18:50:14 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Dom\ntuser.ini
[2010-03-23 18:29:50 | 035,367,140 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\ESET_Smart_Security_32bit_Fix_and_Keys.rar
[2010-03-23 17:14:26 | 000,000,267 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-03-23 17:11:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-03-22 14:21:17 | 000,946,448 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-03-22 14:21:17 | 000,436,560 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-03-22 14:21:17 | 000,380,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-03-22 14:21:17 | 000,067,496 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-03-22 14:21:17 | 000,053,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-03-21 18:03:21 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-03-15 18:57:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-03-14 18:52:43 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010-03-14 18:50:33 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-03-14 11:11:41 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-03-12 19:14:49 | 003,392,990 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\kalwi & remi - find you.mp31267894818_[mp3.teledyski.info].mp3
[2010-03-07 12:00:28 | 003,365,405 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\david guetta feat. kid cudi - memories.mp31267895118_[mp3.teledyski.info].mp3
[2010-03-07 11:57:02 | 004,065,487 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\jay-z - young forever (featuring mr hudson).mp31267895419_[mp3.teledyski.info].mp3
[2010-03-07 11:49:09 | 003,732,373 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\kazachstar - fristajlooo (village rmx).mp31267898111_[mp3.teledyski.info].mp3
[2010-03-06 16:19:29 | 000,012,328 | ---- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-03-06 16:19:05 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2010-03-06 16:19:05 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71.dll
[2010-03-05 07:55:09 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-02-20 11:10:32 | 000,000,849 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Skrót do Sims2EP3.lnk
[2010-02-19 21:55:54 | 005,334,314 | -H-- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-19 17:03:01 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Skrót do Sims2EP4.lnk
[2010-02-09 15:11:17 | 000,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-02-09 15:06:26 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Sims 2.lnk
[2010-02-06 18:57:25 | 000,000,878 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Need For Speed Underground.lnk
[2010-02-05 11:44:04 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 07.lnk
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-03-23 18:30:32 | 035,511,296 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\ESET Smart Security 4 32bit.msi
[2010-03-23 18:30:28 | 000,728,405 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Eset Fix.exe
[2010-03-23 18:23:41 | 035,367,140 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\ESET_Smart_Security_32bit_Fix_and_Keys.rar
[2010-03-23 17:13:58 | 654,542,848 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\DESPERADO FULL DIVX.avi
[2010-03-06 18:45:00 | 003,732,373 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\kazachstar - fristajlooo (village rmx).mp31267898111_[mp3.teledyski.info].mp3
[2010-03-06 18:02:40 | 003,365,405 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\david guetta feat. kid cudi - memories.mp31267895118_[mp3.teledyski.info].mp3
[2010-03-06 18:00:06 | 004,065,487 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\jay-z - young forever (featuring mr hudson).mp31267895419_[mp3.teledyski.info].mp3
[2010-03-06 17:57:40 | 003,392,990 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\kalwi & remi - find you.mp31267894818_[mp3.teledyski.info].mp3
[2010-02-20 11:10:33 | 000,000,849 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Skrót do Sims2EP3.lnk
[2010-02-19 17:03:03 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Skrót do Sims2EP4.lnk
[2010-02-09 15:11:16 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-02-09 15:06:26 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Sims 2.lnk
[2010-02-06 18:57:25 | 000,000,878 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Need For Speed Underground.lnk
[2010-02-06 18:49:22 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-05 11:44:04 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 07.lnk
[2009-11-28 21:26:37 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-07 15:34:56 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-11-07 15:34:56 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-11-07 15:34:51 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-11-07 15:34:51 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-11-07 15:34:51 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-11-07 15:34:50 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-11-07 15:34:50 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-11-07 15:19:00 | 000,000,168 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2009-11-07 15:19:00 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2009-11-07 15:18:54 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2009-11-07 15:18:54 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
[2009-11-07 14:58:47 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2009-11-07 14:58:44 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009-11-07 14:44:28 | 000,000,996 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004-01-14 08:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-02-09 15:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-03-23 18:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-03-06 16:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-03-06 16:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-02-06 18:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground
[2010-03-19 18:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-02-09 15:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\DAEMON Tools Lite
[2010-02-09 15:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\DAEMON Tools Pro
[2010-03-23 18:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\ESET
[2010-03-06 16:17:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Gadu-Gadu 10
[2010-03-06 16:19:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\ipla
[2009-11-07 15:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Nowe Gadu-Gadu
[2009-11-15 12:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\OpenFM
[2009-11-07 15:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Opera
[2010-03-20 19:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\VSO
[2010-03-23 19:00:35 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D23AD607-BDE1-46D0-B0D3-333F261151BD}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-11-07 14:39:42 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-11-07 14:24:57 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2004-08-04 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009-11-07 14:39:42 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-11-07 15:02:47 | 000,001,404 | ---- | M] () -- C:\FSC-DeskUpdate.txt
[2009-11-07 14:39:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-11-07 14:39:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-03-14 11:11:41 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-03-23 18:51:21 | 1409,286,144 | -HS- | M] () -- C:\pagefile.sys
[2009-12-04 19:42:28 | 000,000,000 | ---- | M] () -- C:\TP13B5CE.$$$
[1 C:\*.tmp files -> C:\*.tmp -> ]


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2010-03-14 11:00:23 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2010-03-14 11:00:23 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2010-03-14 11:00:23 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\sp3.cab:agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010-03-14 11:00:23 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010-03-14 11:00:23 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2010-03-14 11:00:23 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\sp3.cab:atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010-03-14 11:00:23 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010-03-14 11:00:23 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2010-03-14 11:00:23 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\sp3.cab:cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-04 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-04 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 13:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >[/log]

[quote]start->uruchom->wpisać gpedit.msc i usługach odnaleźć Szablony administracyjne->>SYstem-> Opcje klawiszy CTRL+ALT+DEL -> Usunąć Menedżera zadań-> ustawić na wyłączone Zastosuj->OK[/quote] jak wpisze gpedit.msc to w uruchom to wyskakuje "System Windows nie może odnaleźć pliku "gpedit.msc" i tam dalej jeszcze pisze żebym sie upewnił czy dobrze wpisałem i spróbował ponownie...


[color="#FF0000"]// Przenoszę do działu Bezpieczeństwo
// Cyprian[/color]

Psycholandia
komentarz
komentarz

Daj loga z Combofixa: http://www.forumpc.pl/index.php?showtopic=153621

  • Dobra wypowiedź 1
michal1992pawlak
komentarz
komentarz

[log]ComboFix 10-03-23.04 - Dom 2010-03-24 13:21:30.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.894.412 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Dom\Pulpit\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Zapora osobista *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ABP470N5
-------\Service_abp470n5


((((((((((((((((((((((((( Pliki utworzone od 2010-02-24 do 2010-03-24 )))))))))))))))))))))))))))))))
.

2010-03-23 18:00 . 2010-03-23 18:00 -------- d-----w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
2010-03-23 17:50 . 2010-03-23 17:50 -------- d-----w- c:\documents and settings\Dom\Dane aplikacji\ESET
2010-03-23 17:49 . 2010-03-23 17:49 -------- d-----w- c:\documents and settings\Dom\Ustawienia lokalne\Dane aplikacji\ESET
2010-03-23 17:37 . 2010-03-23 17:37 -------- d-----w- c:\program files\ESET
2010-03-23 17:37 . 2010-03-23 17:37 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ESET
2010-03-20 18:31 . 2010-03-20 18:32 -------- d-----w- c:\documents and settings\Dom\Dane aplikacji\VSO
2010-03-20 18:30 . 2010-03-20 18:30 -------- d-----w- c:\program files\VSO
2010-03-14 17:51 . 2010-03-14 17:51 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-03-14 10:20 . 2010-03-14 10:20 -------- d-----w- c:\windows\l2schemas
2010-03-14 10:20 . 2010-03-14 10:20 -------- d-----w- c:\windows\system32\pl
2010-03-14 10:20 . 2010-03-14 10:20 -------- d-----w- c:\windows\system32\bits
2010-03-14 10:00 . 2010-03-14 10:00 -------- d-----w- c:\windows\EHome
2010-03-06 15:19 . 2010-03-06 15:19 12328 ----a-w- c:\documents and settings\Dom\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2010-03-06 15:19 . 2010-03-06 15:19 -------- d-----w- c:\documents and settings\Dom\Dane aplikacji\ipla
2010-03-06 15:19 . 2010-03-06 15:19 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ipla
2010-03-06 15:19 . 2010-03-23 18:17 -------- d-----w- c:\program files\ipla
2010-03-06 15:19 . 2010-03-06 15:19 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-03-06 15:19 . 2010-03-06 15:19 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-03-06 15:17 . 2010-03-06 15:17 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10
2010-03-06 15:17 . 2010-03-06 15:17 -------- d-----w- c:\documents and settings\Dom\Dane aplikacji\Gadu-Gadu 10
2010-03-06 15:16 . 2010-03-23 18:17 -------- d-----w- c:\program files\Gadu-Gadu 10

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-24 12:30 . 2009-11-07 15:11 -------- d-----w- c:\documents and settings\Dom\Dane aplikacji\Skype
2010-03-24 12:28 . 2009-11-07 14:17 -------- d-----w- c:\program files\neostrada tp
2010-03-24 07:54 . 2009-11-07 15:25 -------- d-----w- c:\documents and settings\Dom\Dane aplikacji\skypePM
2010-03-23 18:21 . 2009-11-07 14:31 -------- d-----w- c:\program files\Nowe Gadu-Gadu
2010-03-22 13:21 . 2004-08-04 12:00 67496 ----a-w- c:\windows\system32\perfc015.dat
2010-03-22 13:21 . 2004-08-04 12:00 436560 ----a-w- c:\windows\system32\perfh015.dat
2010-03-19 17:24 . 2009-11-15 11:06 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OpenFM
2010-03-14 10:24 . 2009-11-07 13:38 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-21 08:54 . 2009-11-07 13:43 -------- d-----w- c:\program files\Java
2010-02-21 08:52 . 2010-02-21 08:52 152576 ----a-w- c:\documents and settings\Dom\Dane aplikacji\Sun\Java\jre1.6.0_17\lzma.dll
2010-02-21 08:52 . 2009-11-24 17:05 79488 ----a-w- c:\documents and settings\Dom\Dane aplikacji\Sun\Java\jre1.6.0_17\gtapi.dll
2010-02-09 14:42 . 2010-02-09 14:42 -------- d-----w- c:\documents and settings\Dom\Dane aplikacji\DAEMON Tools Pro
2010-02-09 14:24 . 2010-02-09 14:24 -------- d-----w- c:\program files\Common Files\EZB Systems
2010-02-09 14:24 . 2010-02-09 14:24 -------- d-----w- c:\program files\UltraISO
2010-02-09 14:15 . 2010-02-09 14:11 -------- d-----w- c:\documents and settings\Dom\Dane aplikacji\DAEMON Tools Lite
2010-02-09 14:14 . 2010-02-09 14:14 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite
2010-02-09 14:14 . 2010-02-09 14:14 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-02-09 14:14 . 2010-02-09 14:14 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-02-09 14:11 . 2010-02-09 14:11 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-06 17:58 . 2010-02-06 17:58 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NFS Underground
2010-02-06 17:57 . 2010-02-06 17:57 -------- d-----w- c:\program files\Common Files\DirectX
2010-01-20 12:05 . 2010-01-20 12:05 42088 ----a-w- c:\documents and settings\Dom\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll
2010-01-20 12:03 . 2010-01-20 12:03 11776 ----a-w- c:\documents and settings\Dom\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll
2009-12-31 16:50 . 2004-08-04 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-22 344064]
"SoundMan"="SOUNDMAN.EXE" [2005-05-17 77824]
"WOOWATCH"="c:\progra~1\NEOSTR~1\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="c:\progra~1\NEOSTR~1\GestMaj.exe" [2004-10-14 32768]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"BigDog305"="c:\windows\VM305_STI.EXE" [2005-08-05 61440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Dom\\Pulpit\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Valve\\hl.exe"=
"d:\\Program Files\\EA GAMES\\Need For Speed Underground\\Speed.exe"=
"c:\\Documents and Settings\\Dom\\Pulpit\\Skróty\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Gadu-Gadu 10\\gg.exe"=
"c:\\Documents and Settings\\Dom\\Pulpit\\Counter-Strike 1.6\\hlds.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\PROGRA~1\\NEOSTR~1\\Inactivity.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-02-09 721904]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-02-06 106208]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-11-07 116992]
R3 EKBfltr;ENE Keyboard Controller;c:\windows\system32\drivers\EKBfltr.sys [2009-11-07 5504]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-11-07 64000]
S3 ZSMC0305;VIMICRO USB PC Camera V;c:\windows\system32\drivers\usbVM305.sys [2009-11-25 392316]
.
Zawartość folderu 'Zaplanowane zadania'

2010-03-24 c:\windows\Tasks\User_Feed_Synchronization-{D23AD607-BDE1-46D0-B0D3-333F261151BD}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.neostrada.pl
IE: { - c:\program files\Messenger\msmsgs.exe
TCP: {3257B4B1-A071-4185-9892-30D10BB6F8D4} = 194.204.159.1 194.204.152.34
FF - ProfilePath - c:\documents and settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\ce3hhhhd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ig?hl=pl&source=iglk
FF - plugin: c:\documents and settings\Dom\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll

---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - USUNIĘTO PUSTE WPISY - - - -

AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-24 13:28
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
BigDog305 = c:\windows\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)???????????????????0?????????@??????????????

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spdp.sys >>UNKNOWN [0x84B8F938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7536f28
\Driver\ACPI -> ACPI.sys @ 0xf728fcb8
\Driver\atapi -> atapi.sys @ 0xf722cb40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579022
ParseProcedure -> ntkrnlpa.exe @ 0x80577c84
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579022
ParseProcedure -> ntkrnlpa.exe @ 0x80577c84
NDIS: Atheros AR5005G Wireless Network Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf7136bd4
PacketIndicateHandler -> NDIS.sys @ 0xf7124a0d
SendHandler -> NDIS.sys @ 0xf7138b40
user & kernel MBR OK

**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(1072)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2312)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\FTRTSVC.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\SOUNDMAN.EXE
c:\progra~1\NEOSTR~1\TaskBarIcon.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Czas ukończenia: 2010-03-24 13:35:10 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2010-03-24 12:35

Przed: 25 882 324 992 bajtów wolnych
Po: 26 483 339 264 bajtów wolnych

WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - C32D1F0FD35DBF3C7921679953202AB8
[/log]

Psycholandia
komentarz
komentarz

Pobierz: http://www.freedrweb.pl/livecd.php nagraj na płytę, reset kompa, podczas uruchamiania wciskaj F11, odpali się program i wykona skanowanie. Wszystko co znajdzie usuń.

  • Dobra wypowiedź 1
michal1992pawlak
komentarz
komentarz

po combofixie już wszystko jest ok menadzer się włącza i uruchom tez chodzi :)

Psycholandia
komentarz
komentarz

Uruchom OTL i kliknij CleanUP. Posprząta po skanerach.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.