inez Opublikowano 10 Lipca 2010 Zgłoś Udostępnij Opublikowano 10 Lipca 2010 Witam, jest to mój pierwszy post, więc jeśli coś bedzie nie tak proszę o zwrócenie uwagi. Regulamin przeczytałam. Ale do rzeczy. Na laptopie DELL Vostro 1710 Procesor Intel Core 2 Duo 2Ghz; 2 GB RAM; mam zainstalowany Windows Vista Home, z tego co pamietam 32Bitowy. Po wlaczeniu komputera system zawiesza sie na ekranie do zalogowania uzytkownika albo chwile po zalogowaniu, gdy klikne myszą ekran robi się zamglony. Ostatnimi czasy nic nie instalowałam. Jednak mam program Tor i od kilku dni wyskakiwala informacja, ze jego wersja jest przestarzala lub niepolecana. Dwa tygodnie temu skanowałam caly system AVG oraz Super AntySpyware. Programy znalazly zlosliwe oprogramowanie, niestety nie jestem w stanie zalaczyc zadnych raportow ze skanowania, ani dokladnej specyfikacji, gdyz nie moge sie zalogować. Zrobiłam naprawe systemu, zasugerowaną po restarcie, nic nie pomogło. Tryb awaryjny objawia zatrzymuje sie na ladowaniu plików konkretnie: \Windows\system32\drivers\crcdisk.sys Jesli chodzi o Biosa, logi itp. jestem totalnym laikiem, nic nigdzie nie zmianiałam. Bylabym bardzo wdzieczna za pomoc i z gory przepraszam, jezeli post jest nie do konca poprawnie napisany, Pozdrawiam Odnośnik do komentarza
Landuss Opublikowano 10 Lipca 2010 Zgłoś Udostępnij Opublikowano 10 Lipca 2010 Logi musimy otrzymać aby sprawdzić co jest w tym systemie. Jest na to inna metoda. Wypal płytkę OTLPE i wykonaj z jej poziomu wymagane logi. Odnośnik do komentarza
inez Opublikowano 11 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 11 Lipca 2010 Zalaczam plik odt.txt OTL logfile created on: 7/11/2010 5:57:36 PM - Run OTLPE by OldTimer - Version 3.1.39.0 Folder = X:\Programs\OTLPE Windows Vista Home Basic Service Pack 2 (Version = 6.0.6002) - Type = System Internet Explorer (Version = 7.0.6002.18005) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 287.97 Gb Total Space | 115.82 Gb Free Space | 40.22% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 6.11 Gb Free Space | 61.12% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive X: | 280.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO Current User Name: SYSTEM Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard Using ControlSet: ControlSet001 ========== Win32 Services (SafeList) ========== SRV - [2010/03/11 15:54:11 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc) SRV - [2010/03/11 15:54:09 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2009/10/29 04:22:50 | 030,603,640 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2009/09/25 22:28:22 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009/09/24 21:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008/08/27 04:39:42 | 000,071,512 | ---- | M] (O2Micro International) [Auto] -- C:\Windows\System32\drivers\o2flash.exe -- (O2FLASH) SRV - [2008/02/22 01:14:18 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters) SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/06/15 10:55:00 | 000,300,544 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2007/05/31 11:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007/05/31 11:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2006/11/07 13:26:52 | 000,127,488 | ---- | M] (CSR, plc) [Auto] -- C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe -- (BthFilterHelper) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | System] -- C:\Windows\System32\drivers\gaopdxwtxwtvim.sys -- (gaopdxserv.sys) DRV - [2010/06/02 10:40:30 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX) DRV - [2010/06/02 10:40:30 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010/04/10 11:54:10 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2010/03/11 15:54:37 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86) DRV - [2009/08/07 13:27:21 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2009/05/12 09:53:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand] -- C:\Windows\System32\drivers\FlashUsb.sys -- (FlashUSB) DRV - [2009/04/11 00:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009/03/27 16:01:20 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV) DRV - [2009/02/17 06:43:30 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) DRV - [2008/08/27 04:39:52 | 000,043,608 | ---- | M] (O2Micro ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\o2sd.sys -- (O2SDRDR) DRV - [2008/08/27 04:39:46 | 000,051,288 | ---- | M] (O2Micro ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR) DRV - [2008/08/15 03:03:40 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008/07/28 12:19:28 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus) DRV - [2008/07/17 01:32:12 | 000,235,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\OEM13Vid.sys -- (OEM13Vid) DRV - [2008/07/17 01:32:10 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\OEM13Vfx.sys -- (OEM13Vfx) DRV - [2008/07/03 08:28:42 | 001,207,288 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX) DRV - [2008/07/03 08:28:02 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY) DRV - [2008/06/20 02:37:00 | 000,200,112 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008/03/18 09:59:36 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor) DRV - [2008/02/22 04:20:48 | 000,106,496 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008/02/22 01:24:52 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2008/02/22 01:14:22 | 002,054,872 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/01/20 22:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/20 22:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/20 22:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/20 22:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/20 22:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/20 22:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/20 22:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/20 22:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Sterownik połączenia sieciowego Intel® DRV - [2008/01/20 22:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/20 22:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/20 22:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/20 22:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/20 22:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/20 22:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/20 22:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/20 22:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/20 22:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/20 22:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/20 22:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/20 22:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/20 22:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/20 22:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/20 22:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/20 22:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/20 22:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/20 22:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007/05/05 13:51:10 | 000,013,824 | ---- | M] (CSR, plc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\BthFilt.sys -- (BTHFILT) DRV - [2007/05/05 13:51:10 | 000,012,800 | ---- | M] (CSR, plc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp) DRV - [2006/12/22 15:05:34 | 000,449,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb) DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2005/10/16 02:00:00 | 000,012,928 | ---- | M] (Bo Brantén) [Kernel | System] -- C:\Windows\System32\drivers\filedisk.sys -- (FileDisk) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Agnieszka_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=pl&l=pl&s=pad IE - HKU\Agnieszka_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = google.pl IE - HKU\Agnieszka_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\Agnieszka_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Hania.Agnieszka-PC_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=pl&l=pl&s=pad IE - HKU\Hania.Agnieszka-PC_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default.aspx?c=pl&l=pl&s=pad IE - HKU\Hania.Agnieszka-PC_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\Hania.Agnieszka-PC_ON_C\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKU\Hania.Agnieszka-PC_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\Hania.Agnieszka-PC_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/01 13:38:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/01 13:38:29 | 000,000,000 | ---D | M] [2010/06/02 13:19:33 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Mozilla\Extensions [2010/07/04 11:03:42 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Mozilla\Firefox\Profiles\ndq29pun.default\extensions [2010/06/03 10:45:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Agnieszka\AppData\Roaming\Mozilla\Firefox\Profiles\ndq29pun.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/06/02 13:18:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009/12/04 09:49:13 | 000,111,104 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\components\nppl3260.dll [2009/12/04 09:49:13 | 000,005,120 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpverplug.dll [2006/07/31 11:07:16 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll [2010/04/01 13:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010/04/01 13:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010/04/01 13:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010/04/01 13:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010/04/01 13:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010/04/01 13:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: ::1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKU\Agnieszka_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKU\Hania.Agnieszka-PC_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.) O4 - HKU\Agnieszka_ON_C..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\Agnieszka_ON_C..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - HKU\Agnieszka_ON_C..\Run: [Twoje TVN24] File not found O4 - HKU\Agnieszka_ON_C..\Run: [Vidalia] C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe () O4 - HKU\Hania.Agnieszka-PC_ON_C..\Run: [Twoje TVN24] C:\Program Files\Pasek TVN24\tvn-ustawienia.exe File not found O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\Hania.Agnieszka-PC_ON_C..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\5.0_(Windows;_U;_Windows_NT_6.0;_en-US)_AppleWebKit\533.4_(KHTML,_like_Gecko)_Chrome\5.0.375.99_Safari\533.4 - File not found O4 - Startup: C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\USDownloader — skrót.lnk = C:\Users\Agnieszka\Desktop\USDownloader135\USDownloader.exe (Tiger grp (www.dimonius.ru)) O4 - Startup: C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\USDownloader.exe.manifest () O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.24,85.255.112.235 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop WallPaper: C:\Windows\FrameShow Wallpaper.BMP O24 - Desktop BackupWallPaper: C:\Windows\FrameShow Wallpaper.BMP O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{36cb2b8a-c16c-11dd-ab49-002170b3567e}\Shell - "" = AutoRun O33 - MountPoints2\{36cb2b8a-c16c-11dd-ab49-002170b3567e}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/07/11 09:30:10 | 000,000,000 | -HSD | C] -- C:\found.004 [2010/07/10 12:47:23 | 000,000,000 | -HSD | C] -- C:\found.003 [2010/07/09 16:04:42 | 000,000,000 | -HSD | C] -- C:\found.002 [2010/07/09 15:38:32 | 000,000,000 | -HSD | C] -- C:\found.001 [2010/07/07 13:10:26 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Roaming\Vidalia [2010/06/23 12:58:54 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010/06/23 12:58:54 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010/06/23 12:58:54 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010/06/23 06:48:00 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010/06/23 06:48:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010/06/22 14:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2010/06/22 14:17:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2010/06/22 14:16:58 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010/06/22 14:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010/06/22 14:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2010/06/22 14:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2010/06/22 14:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8 [2010/06/22 14:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2010/06/22 13:45:36 | 717,729,752 | ---- | C] (Microsoft Corporation) -- C:\Users\Agnieszka\Desktop\ProfessionalPlus.exe [2010/06/21 12:25:52 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Roaming\Flircik [2010/06/21 12:25:51 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Roaming\AutoUpdate [2010/06/21 12:25:48 | 000,000,000 | ---D | C] -- C:\Program Files\Onet ========== Files - Modified Within 30 Days ========== [2010/07/11 09:33:18 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/07/11 09:33:18 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/07/11 09:33:18 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/07/11 09:33:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/07/10 13:32:07 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A6BEAA12-DC8A-4E23-9EF3-1A0E932E31E5}.job [2010/07/10 09:19:18 | 000,000,000 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\Tempvi3944.html [2010/07/10 09:19:18 | 000,000,000 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\Tempat3944.html [2010/07/09 13:34:24 | 000,002,432 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\TempwA4036.html [2010/07/09 13:34:24 | 000,002,089 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\TempeA4036.html [2010/07/09 13:28:35 | 000,002,432 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\TempVM1372.html [2010/07/09 13:28:35 | 000,002,089 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\TempFs1372.html [2010/07/08 16:50:56 | 000,002,432 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\TempQw3256.html [2010/07/08 16:50:56 | 000,002,089 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\TempqU3256.html [2010/07/07 16:02:59 | 000,002,432 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\TempeF2448.html [2010/07/07 16:02:59 | 000,002,089 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\TempGz2448.html [2010/07/07 16:02:51 | 002,696,143 | -H-- | M] () -- C:\Users\Agnieszka\AppData\Local\IconCache.db [2010/07/07 14:07:28 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/07/07 14:07:28 | 000,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010/07/07 14:07:28 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/07/07 14:07:28 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010/07/07 14:07:28 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/07/07 14:04:28 | 000,137,728 | ---- | M] () -- C:\Users\Agnieszka\Desktop\pytania[1].doc [2010/07/07 14:03:22 | 000,920,064 | ---- | M] () -- C:\Users\Agnieszka\Desktop\MARKETING.doc [2010/07/07 13:59:59 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3961302634-3636888386-4244122120-1001UA.job [2010/07/07 13:47:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3961302634-3636888386-4244122120-1000UA.job [2010/07/07 10:32:27 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/07/07 09:29:06 | 061,711,836 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2010/07/07 09:27:09 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AF1DA70D-F52D-40EE-B124-3883F1E4D88A}.job [2010/07/06 15:19:26 | 000,002,432 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\TemptT2124.html [2010/07/06 15:19:26 | 000,002,089 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\TempVS2124.html [2010/07/06 14:44:54 | 000,154,112 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/07/04 16:00:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3961302634-3636888386-4244122120-1001Core.job [2010/07/04 12:47:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3961302634-3636888386-4244122120-1000Core.job [2010/07/03 15:56:29 | 000,002,108 | ---- | M] () -- C:\Users\Agnieszka\Desktop\Google Chrome.lnk [2010/07/03 15:56:29 | 000,002,070 | ---- | M] () -- C:\Users\Agnieszka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2010/07/03 04:26:41 | 002,403,070 | -H-- | M] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\IconCache.db [2010/06/26 15:58:17 | 000,002,571 | ---- | M] () -- C:\Users\Agnieszka\Desktop\Microsoft Excel 2010 (Beta).lnk [2010/06/26 14:40:52 | 001,020,654 | ---- | M] () -- C:\Users\Agnieszka\Desktop\DSCN0584.JPG [2010/06/26 14:39:46 | 001,003,643 | ---- | M] () -- C:\Users\Agnieszka\Desktop\DSCN0583.JPG [2010/06/26 14:39:28 | 000,871,943 | ---- | M] () -- C:\Users\Agnieszka\Desktop\DSCN0582.JPG [2010/06/25 16:47:38 | 000,002,432 | ---- | M] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempwd4852.html [2010/06/25 16:47:38 | 000,002,089 | ---- | M] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempMV4852.html [2010/06/23 06:35:45 | 000,106,960 | ---- | M] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\GDIPFONTCACHEV1.DAT [2010/06/22 14:41:28 | 000,002,613 | ---- | M] () -- C:\Users\Agnieszka\Desktop\Microsoft Word 2010 (Beta).lnk [2010/06/22 14:39:20 | 000,106,960 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\GDIPFONTCACHEV1.DAT [2010/06/22 14:38:48 | 000,396,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/06/22 14:31:43 | 000,000,275 | ---- | M] () -- C:\Windows\win.ini [2010/06/21 04:38:46 | 717,729,752 | ---- | M] (Microsoft Corporation) -- C:\Users\Agnieszka\Desktop\ProfessionalPlus.exe [2010/06/13 09:40:08 | 000,002,432 | ---- | M] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempmY4008.html [2010/06/13 09:40:08 | 000,002,089 | ---- | M] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempdh4008.html [2010/06/12 08:46:48 | 000,002,432 | ---- | M] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempzQ6044.html [2010/06/12 08:46:48 | 000,002,089 | ---- | M] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempER6044.html ========== Files Created - No Company Name ========== [2010/07/10 09:19:18 | 000,000,000 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\Tempvi3944.html [2010/07/10 09:19:18 | 000,000,000 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\Tempat3944.html [2010/07/09 13:34:24 | 000,002,432 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\TempwA4036.html [2010/07/09 13:34:24 | 000,002,089 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\TempeA4036.html [2010/07/09 13:28:35 | 000,002,432 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\TempVM1372.html [2010/07/09 13:28:35 | 000,002,089 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\TempFs1372.html [2010/07/08 12:29:39 | 000,002,432 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\TempQw3256.html [2010/07/08 12:29:39 | 000,002,089 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\TempqU3256.html [2010/07/07 14:04:27 | 000,137,728 | ---- | C] () -- C:\Users\Agnieszka\Desktop\pytania[1].doc [2010/07/07 14:03:19 | 000,920,064 | ---- | C] () -- C:\Users\Agnieszka\Desktop\MARKETING.doc [2010/07/07 13:09:37 | 000,002,432 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\TempeF2448.html [2010/07/07 13:09:37 | 000,002,089 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\TempGz2448.html [2010/07/06 14:34:24 | 000,002,432 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\TemptT2124.html [2010/07/06 14:34:24 | 000,002,089 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\TempVS2124.html [2010/06/26 14:37:02 | 001,020,654 | ---- | C] () -- C:\Users\Agnieszka\Desktop\DSCN0584.JPG [2010/06/26 14:37:01 | 001,003,643 | ---- | C] () -- C:\Users\Agnieszka\Desktop\DSCN0583.JPG [2010/06/26 14:37:01 | 000,871,943 | ---- | C] () -- C:\Users\Agnieszka\Desktop\DSCN0582.JPG [2010/06/25 14:54:19 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempwd4852.html [2010/06/25 14:54:19 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempMV4852.html [2010/06/22 14:41:27 | 000,002,571 | ---- | C] () -- C:\Users\Agnieszka\Desktop\Microsoft Excel 2010 (Beta).lnk [2010/06/22 14:41:15 | 000,002,613 | ---- | C] () -- C:\Users\Agnieszka\Desktop\Microsoft Word 2010 (Beta).lnk [2010/06/13 09:09:06 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempmY4008.html [2010/06/13 09:09:06 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempdh4008.html [2010/06/12 07:57:23 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempzQ6044.html [2010/06/12 07:57:23 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempER6044.html [2010/05/29 07:47:59 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempRj4944.html [2010/05/29 07:47:59 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempVk4944.html [2010/05/07 14:21:01 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempxP5848.html [2010/05/07 14:21:01 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempKX5848.html [2010/05/02 10:29:34 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempfF6140.html [2010/05/02 10:29:34 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempuA6140.html [2010/05/02 04:52:30 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempfo1852.html [2010/05/02 04:52:30 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempNb1852.html [2010/05/01 15:12:17 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempUU5344.html [2010/05/01 15:12:17 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempMP5344.html [2010/05/01 03:48:46 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempSo7464.html [2010/05/01 03:48:46 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempsD7464.html [2010/04/28 07:08:28 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Templl5216.html [2010/04/28 07:08:28 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempvT5216.html [2010/04/28 04:08:25 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempru4324.html [2010/04/28 04:08:25 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TemphJ4324.html [2010/04/24 13:53:56 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempoX3344.html [2010/04/24 13:53:56 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempkR3344.html [2010/04/24 09:50:19 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempCk3556.html [2010/04/24 09:50:19 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempAA3556.html [2010/04/23 13:49:14 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempDM5392.html [2010/04/23 13:49:14 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempwO5392.html [2010/04/17 13:07:05 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempAL4360.html [2010/04/17 13:07:05 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempwx4360.html [2010/04/17 07:39:35 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempwa4308.html [2010/04/17 07:39:35 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempUt4308.html [2010/04/16 13:01:53 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TemppZ4344.html [2010/04/16 13:01:53 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempKX4344.html [2010/04/15 02:54:06 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempHf4624.html [2010/04/15 02:54:06 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempMv4624.html [2010/04/11 10:58:12 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempMA4652.html [2010/04/11 10:58:12 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempBq4652.html [2010/04/10 08:57:31 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempUw1600.html [2010/04/10 08:57:31 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempYy1600.html [2010/04/10 03:20:53 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempiL4668.html [2010/04/10 03:20:53 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempcu4668.html [2010/04/09 09:40:56 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempLa4392.html [2010/04/09 09:40:56 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempjA4392.html [2010/04/06 09:44:47 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempKE3832.html [2010/04/06 09:44:47 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempnm3832.html [2010/04/05 04:09:30 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempgc6140.html [2010/04/05 04:09:30 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempce6140.html [2010/03/20 14:43:56 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempcr5992.html [2010/03/20 14:43:56 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempNl5992.html [2010/03/20 09:35:37 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempudH316.html [2010/03/20 09:35:37 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Temptrb316.html [2010/03/18 06:12:04 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempzD3288.html [2010/03/18 06:12:04 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempcv3288.html [2010/03/07 10:56:10 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempyJ4612.html [2010/03/07 10:56:10 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempLm4612.html [2010/03/07 06:15:54 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempkt5224.html [2010/03/07 06:15:54 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempDT5224.html [2010/03/06 11:28:51 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempBx5148.html [2010/03/06 11:28:51 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempQd5148.html [2010/02/27 08:03:13 | 000,002,432 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\Tempgg5748.html [2010/02/27 08:03:13 | 000,002,089 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\TempmM5748.html [2009/09/25 13:40:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/31 13:14:32 | 000,000,031 | ---- | C] () -- C:\Windows\System32\Days5.ini [2009/03/26 15:20:42 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI [2009/03/14 17:58:16 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2008/12/29 15:33:31 | 000,004,516 | ---- | C] () -- C:\Users\Agnieszka\AppData\Roaming\Cabos.plist [2008/12/13 10:16:09 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008/12/13 10:16:09 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2008/12/05 15:01:02 | 000,014,848 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/11/26 08:10:52 | 000,000,680 | ---- | C] () -- C:\Users\Hania.Agnieszka-PC\AppData\Local\d3d9caps.dat [2008/11/17 15:28:31 | 000,000,042 | ---- | C] () -- C:\Windows\2pic.ini [2008/11/12 16:57:26 | 000,154,112 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/11/12 15:27:16 | 000,007,592 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\d3d9caps.dat [2008/11/05 13:23:31 | 000,055,808 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll [2007/03/29 17:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll [2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/03/08 19:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2004/06/09 16:38:01 | 000,184,320 | ---- | C] () -- C:\Windows\System32\JPeg32.dll [1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL ========== LOP Check ========== [2009/08/08 11:19:33 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Any Video Converter [2010/06/21 12:25:51 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\AutoUpdate [2010/06/14 14:12:22 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\BESTplayer [2008/12/29 15:33:30 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Cabos [2010/04/10 12:39:14 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\DAEMON Tools Lite [2010/06/21 12:25:52 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Flircik [2008/12/05 16:02:26 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Gadu-Gadu [2009/12/22 16:30:30 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Gadu-Gadu 10 [2008/11/26 12:35:18 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Image Zone Express [2008/12/26 06:07:40 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\IrfanView [2009/05/05 13:12:14 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\mojosoft [2009/06/20 11:44:11 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Nokia [2010/01/08 16:13:10 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Nokia Multimedia Player [2009/09/17 15:16:25 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Nowe Gadu-Gadu [2010/03/14 16:34:18 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\OpenFM [2009/03/24 16:44:06 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\OpenOffice.org [2010/02/20 14:33:05 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Opera [2010/04/27 14:45:51 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\PC Suite [2008/11/25 15:19:18 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Player [2009/01/26 15:08:47 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\PlayFirst [2008/11/21 17:19:11 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\Printer Info Cache [2008/12/06 14:55:38 | 000,000,000 | ---D | M] -- C:\Users\Agnieszka\AppData\Roaming\tmp [2010/02/21 14:54:31 | 000,000,000 | ---D | M] -- C:\Users\Hania.Agnieszka-PC\AppData\Roaming\BESTplayer [2009/01/05 14:43:32 | 000,000,000 | ---D | M] -- C:\Users\Hania.Agnieszka-PC\AppData\Roaming\Gadu-Gadu [2009/12/06 14:15:19 | 000,000,000 | ---D | M] -- C:\Users\Hania.Agnieszka-PC\AppData\Roaming\Gadu-Gadu 10 [2009/10/20 12:42:46 | 000,000,000 | ---D | M] -- C:\Users\Hania.Agnieszka-PC\AppData\Roaming\IrfanView [2009/08/08 13:41:46 | 000,000,000 | ---D | M] -- C:\Users\Hania.Agnieszka-PC\AppData\Roaming\MagicBall3 [2008/11/27 06:44:12 | 000,000,000 | ---D | M] -- C:\Users\Hania.Agnieszka-PC\AppData\Roaming\Nowe Gadu-Gadu [2009/10/15 11:17:52 | 000,000,000 | ---D | M] -- C:\Users\Hania.Agnieszka-PC\AppData\Roaming\OpenFM [2009/03/29 08:52:44 | 000,000,000 | ---D | M] -- C:\Users\Hania.Agnieszka-PC\AppData\Roaming\OpenOffice.org [2010/02/20 14:54:23 | 000,000,000 | ---D | M] -- C:\Users\Hania.Agnieszka-PC\AppData\Roaming\Opera [2008/11/28 10:14:15 | 000,000,000 | ---D | M] -- C:\Users\Hania.Agnieszka-PC\AppData\Roaming\PC Suite [2010/07/07 10:32:29 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/07/10 13:32:07 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A6BEAA12-DC8A-4E23-9EF3-1A0E932E31E5}.job [2010/07/07 09:27:09 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AF1DA70D-F52D-40EE-B124-3883F1E4D88A}.job ========== Purity Check ========== < End of report > Odnośnik do komentarza
Landuss Opublikowano 12 Lipca 2010 Zgłoś Udostępnij Opublikowano 12 Lipca 2010 Są ślady rootkita: DRV - File not found [Kernel | System] -- C:\Windows\System32\drivers\gaopdxwtxwtvim.sys -- (gaopdxserv.sys) Możliwe, że w tym problem. Postępuj zgodnie ze wskazówkami poniżej. 1. Skonstruuj skrypt tekstowy, który zostanie załadowany w OTLPE. Otwórz Notatnik i wklej w nim: :OTL IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\Hania.Agnieszka-PC_ON_C\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKU\Hania.Agnieszka-PC_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKU\Agnieszka_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKU\Hania.Agnieszka-PC_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKU\Agnieszka_ON_C..\Run: [Twoje TVN24] File not found O4 - HKU\Hania.Agnieszka-PC_ON_C..\Run: [Twoje TVN24] C:\Program Files\Pasek TVN24\tvn-ustawienia.exe File not found O4 - HKU\Hania.Agnieszka-PC_ON_C..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\5.0_(Windows;_U;_Windows_NT_6.0;_en-US)_AppleWebKit\533.4_(KHTML,_like_Gecko)_Chrome\5.0.375.99_Safari\533.4 - File not found :Files C:\Users\Agnieszka\AppData\Local\Temp*.html C:\Windows\System32\drivers\gaopdxwtxwtvim.sys :Services gaopdxserv.sys :Commands [emptyflash] [emptytemp] Plik zapisz pod nazwą FIX.TXT 2. Plik FIX.TXT umieść na pendrive lub innym urządzeniu przenośnym, które może być podpięte do komputera. 3. Podpinasz urządzenie przenośne startujesz z płyty OTLPE. 4. Uruchamiasz z Pulpitu program OTLPE zgodnie ze wskazówkami montując rejestr. Klikasz w Wykonaj skrypt (Run Fix). Zostanie zgłoszony komunikat o braku skryptu i wtedy wskazujesz plik o nazwie FIX.TXT. OTLPE wykona zadanie i poda log, który zachowasz bo będziesz go prezentował. 5. Wykonujesz restart komputera. Jeśli całe zadanie się uda, system Windows zastartuje prawidłowo. 6. Wytwarzasz z poziomu systemu już normalny log z OTL + Gmer. Dołączasz także log z OTLPE powstały z czyszczenia. Odnośnik do komentarza
inez Opublikowano 12 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 12 Lipca 2010 Jestes cudotwórcą! System załadował się normalnie. Załaczam pliki. Dziekuje bardzo! OTL.Txt OTL2.Txt Odnośnik do komentarza
Landuss Opublikowano 12 Lipca 2010 Zgłoś Udostępnij Opublikowano 12 Lipca 2010 Tu nadal jest rootkit według OTL. Skoro system działa prosze użyć teraz narzędzia ComboFix i wkleić wynikowy log. Wklej też log z GMER na okoliczność właśnie rootkitów. Odnośnik do komentarza
inez Opublikowano 14 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 14 Lipca 2010 Zalaczam pliki. W tej chwili co chwile wyskakuje mi bluescreen. Ale skanowanie udalo sie dokonczyc. log.txt gmer.txt Odnośnik do komentarza
Landuss Opublikowano 14 Lipca 2010 Zgłoś Udostępnij Opublikowano 14 Lipca 2010 Bluescreen to może był z powodu Gmera. Według loga ComboFix skasował sterownik rootkita i więcej nie widzę tu nic szkodliwego. Odinstaluj ComboFix poprzez wejście w W Start > w polu szukania wpisz Uruchom i wywołaj polecenie "c:\users\Agnieszka\Desktop\ComboFix.exe" /uninstall Podsumuj czy system normalnie się uruchamia i czy jest jeszcze jakiś problem. Odnośnik do komentarza
inez Opublikowano 15 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 15 Lipca 2010 Powyzsza komenda nie działa. W momencie jej zatwierdzenia pulpit znika na chwile a potem sie normalnie pojawia. Czy jest jakis inny sposób odinstalowania combofix i gmera? Odnośnik do komentarza
Landuss Opublikowano 15 Lipca 2010 Zgłoś Udostępnij Opublikowano 15 Lipca 2010 Alternatywnie dla usunięcia ComboFix możesz skorzystać z OTC. Odnośnik do komentarza
inez Opublikowano 17 Lipca 2010 Autor Zgłoś Udostępnij Opublikowano 17 Lipca 2010 Po usunięciu powyzszych programów system działa stabilnie, nie zawiesza się, nie wyłącza, nie pojawia się niebieski ekran. Serdecznie dziękuje. Odnośnik do komentarza
Rekomendowane odpowiedzi