Prośba o sprawdzenie Logów

Wszystko co dotyczy bezpieczeństwa systemów oraz walki z malware, w szczególności analiza logów
Pablo9976

Użytkownik
Posty: 3
Rejestracja: 12 sty 2014, 14:21

Prośba o sprawdzenie Logów

Post12 sty 2014, 15:19

Strasznie mi wolno chodzi komp - strony ostatnio strasznie wolną chodzą oraz wyskakuje parę błędów z wtyczek.
Oto LOGI:
OTL.TXT Dostępne tylko dla zarejestrowanych użytkowników

Oraz
Extras.TXT Dostępne tylko dla zarejestrowanych użytkowników


Z góry dzięki za pomoc.
Na górę
filutka78

Użytkownik
Posty: 1485
Rejestracja: 28 sty 2009, 17:40

Prośba o sprawdzenie Logów

Post12 sty 2014, 15:56

1) Użyj >Dostępne tylko dla zarejestrowanych użytkowników (aby pobrać kliknij na dużą zieloną strzałkę po prawej).
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Pokaż raport z niego C:\AdwCleaner\AdwCleaner.txt

2)
O4 - Startup: C:\Users\All Users\Adobe [2013-11-18 20:43:16 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Application Data [2009-07-14 05:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\AVAST Software [2013-11-15 16:42:55 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\DAEMON Tools Lite [2013-11-15 16:14:35 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Dane aplikacji [2013-11-15 14:45:03 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Desktop [2009-07-14 05:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Documents [2009-07-14 05:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Dokumenty [2013-11-15 14:45:03 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Favorites [2009-07-14 05:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Menu Start [2013-11-15 14:45:03 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Microsoft [2014-01-08 16:50:35 | 000,000,000 | --SD | M]
O4 - Startup: C:\Users\All Users\Microsoft Help [2013-11-15 16:26:14 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Mozilla [2013-11-15 15:30:59 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\NVIDIA [2014-01-12 12:43:52 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\NVIDIA Corporation [2013-11-16 11:20:51 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Pulpit [2013-11-15 14:45:03 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\rvlkl [2014-01-10 14:36:53 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Start Menu [2009-07-14 05:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Szablony [2013-11-15 14:45:03 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Templates [2009-07-14 05:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Ulubione [2013-11-15 14:45:03 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\AppData [2009-07-14 03:37:05 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Default\Application Data [2009-07-14 05:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Cookies [2009-07-14 05:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Dane aplikacji [2013-11-15 14:45:03 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Desktop [2009-07-14 03:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Documents [2013-11-15 14:45:03 | 000,000,000 | R--D | M]

Z tym raczej sobie nie poradzę, ale spróbować można.
Do >Dostępne tylko dla zarejestrowanych użytkowników wklej:
:reg
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

Naciśnij Look i pokaż raport.

3) Zrób nowy log z OTL.

F.
Na górę
Pablo9976

Użytkownik
Posty: 3
Rejestracja: 12 sty 2014, 14:21

Prośba o sprawdzenie Logów

Post12 sty 2014, 21:15

AdwCleaner.txt

# AdwCleaner v3.017 - Log utworzony 12/01/2014 o 20:49:37
# Aktualizacja 12/01/2014 przez Xplode
# System operacyjny : Windows 7 Ultimate (32 bits)
# Użytkownik : pawel - PAWEL-KOMPUTER
# Ścieżka : C:\Users\pawel\Downloads\adwcleaner.exe
# Opcja : Usuń

***** [ Usługi ] *****


***** [ Pliki / Foldery ] *****

Folder Usunięto : C:\ProgramData\rvlkl
Folder Usunięto : C:\Program Files\Mobogenie
Folder Usunięto : C:\Program Files\SimilarSites
Folder Usunięto : C:\Users\pawel\AppData\Local\FilesFrog Update Checker
Folder Usunięto : C:\Users\pawel\AppData\Local\genienext
Folder Usunięto : C:\Users\pawel\AppData\Local\lollipop
Folder Usunięto : C:\Users\pawel\AppData\Local\Mobogenie
Folder Usunięto : C:\Users\pawel\AppData\Roaming\newnext.me
Folder Usunięto : C:\Users\pawel\AppData\Roaming\SimilarSites
Folder Usunięto : C:\Users\pawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Usunięto : C:\Users\pawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Usunięto : C:\Users\pawel\Documents\Mobogenie
Plik Usunięto : C:\Users\pawel\Desktop\Mobogenie.lnk

***** [ Skróty ] *****


***** [ Rejestr ] *****

Klucz Usunięto : HKCU\Software\Classes\Applications\lollipop.exe
Wartość Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [livesupport]
Wartość Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\LiveSupport_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\LiveSupport_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klucz Usunięto : HKCU\Software\InstallCore
Klucz Usunięto : HKCU\Software\lollipop
Klucz Usunięto : HKCU\Software\Somoto
Klucz Usunięto : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Klucz Usunięto : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Klucz Usunięto : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klucz Usunięto : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie

***** [ Przeglądarki internetowe ] *****

-\\ Internet Explorer v8.0.7600.16385


-\\ Mozilla Firefox v26.0 (pl)

[ Plik : C:\Users\pawel\AppData\Roaming\Mozilla\Firefox\Profiles\iyc2kbtm.Firefox 1\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ Plik : C:\Users\pawel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3560 octets] - [12/01/2014 20:41:52]
AdwCleaner[S0].txt - [3428 octets] - [12/01/2014 20:49:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3488 octets] ##########

-- 12 sty 2014, 20:58 --

System Look

SystemLook 30.07.11 by jpshortstuff
Log created at 20:58 on 12/01/2014 by pawel
Administrator - Elevation successful

========== reg ==========

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"!Do not use this registry key"="Use the SHGetFolderPath or SHGetKnownFolderPath function instead"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"AppData"="%USERPROFILE%\AppData\Roaming"
"Cache"="%USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files"
"Cookies"="%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Cookies"
"Desktop"="%USERPROFILE%\Desktop"
"Favorites"="%USERPROFILE%\Favorites"
"History"="%USERPROFILE%\AppData\Local\Microsoft\Windows\History"
"Local AppData"="%USERPROFILE%\AppData\Local"
"My Music"="%USERPROFILE%\Music"
"My Pictures"="%USERPROFILE%\Pictures"
"My Video"="%USERPROFILE%\Videos"
"NetHood"="%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts"
"Personal"="%USERPROFILE%\Documents"
"Programs"="%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs"
"Recent"="%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent"
"SendTo"="%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo"
"Startup"="%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"
"Start Menu"="%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu"
"Templates"="%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates"
"{374DE290-123F-4565-9164-39C4925E467B}"="%USERPROFILE%\Downloads"
"PrintHood"="%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Desktop"="C:\Users\Public\Desktop"
"Common Start Menu"="C:\ProgramData\Microsoft\Windows\Start Menu"
"CommonVideo"="C:\Users\Public\Videos"
"CommonPictures"="C:\Users\Public\Pictures"
"Common Programs"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs"
"CommonMusic"="C:\Users\Public\Music"
"Common Administrative Tools"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"
"Common Startup"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"
"Common Documents"="C:\Users\Public\Documents"
"OEM Links"="C:\ProgramData\OEM Links"
"Common Templates"="C:\ProgramData\Microsoft\Windows\Templates"
"Common AppData"="C:\ProgramData"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Common Desktop"="%PUBLIC%\Desktop"
"Common Documents"="%PUBLIC%\Documents"
"CommonPictures"="%PUBLIC%\Pictures"
"CommonMusic"="%PUBLIC%\Music"
"CommonVideo"="%PUBLIC%\Videos"
"{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"="%PUBLIC%\Downloads"
"Common Start Menu"="%ProgramData%\Microsoft\Windows\Start Menu"
"Common Programs"="%ProgramData%\Microsoft\Windows\Start Menu\Programs"
"Common Startup"="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup"
"Common AppData"="%ProgramData%"
"Common Templates"="%ProgramData%\Microsoft\Windows\Templates"


-= EOF =-

-- 12 sty 2014, 21:15 --

OTL.TXT
OTL logfile created on: 2014-01-12 20:59:42 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pawel\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 65,26% Memory free
6,00 Gb Paging File | 4,84 Gb Available in Paging File | 80,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,30 Gb Total Space | 4,74 Gb Free Space | 16,19% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 32,24 Gb Free Space | 66,04% Space Free | Partition Type: NTFS
Drive E: | 70,70 Gb Total Space | 36,76 Gb Free Space | 52,00% Space Free | Partition Type: NTFS
Drive F: | 3,89 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 1,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PAWEL-KOMPUTER | User Name: pawel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014-01-12 14:36:31 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2014-01-12 14:17:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pawel\Downloads\OTL.exe
PRC - [2014-01-10 22:44:45 | 000,097,056 | ---- | M] () -- C:\Program Files\Jump Flip\bin\utilJumpFlip.exe
PRC - [2014-01-10 20:11:30 | 000,097,056 | ---- | M] () -- C:\Program Files\Jump Flip\updateJumpFlip.exe
PRC - [2013-12-20 16:45:34 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-11-28 20:57:56 | 001,142,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\pawel\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013-11-15 16:43:46 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-11-15 16:43:46 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-11-15 16:36:37 | 000,008,192 | ---- | M] () -- C:\Windows\System32\srvany.exe
PRC - [2013-11-15 16:36:36 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2013-09-05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-12-29 11:26:54 | 001,260,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-12-29 09:26:22 | 001,822,136 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012-12-29 09:26:22 | 000,873,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012-12-29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009-07-14 02:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-07-14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2008-06-13 15:26:54 | 002,498,560 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe


========== Modules (No Company Name) ==========

MOD - [2014-01-12 14:36:28 | 016,242,056 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013-12-20 16:45:33 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-11-15 16:43:47 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2010-01-30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008-06-13 15:26:54 | 002,498,560 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe


========== Services (SafeList) ==========

SRV - [2014-01-12 14:36:32 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-01-10 22:44:45 | 000,097,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Jump Flip\bin\utilJumpFlip.exe -- (Util Jump Flip)
SRV - [2014-01-10 20:11:30 | 000,097,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Jump Flip\updateJumpFlip.exe -- (Update Jump Flip)
SRV - [2013-12-20 16:45:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-11-15 16:43:46 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013-11-15 16:36:37 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\System32\srvany.exe -- (KMService)
SRV - [2013-09-05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-12-29 11:26:54 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-12-29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2013-11-15 16:43:48 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013-11-15 16:43:48 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013-11-15 16:43:48 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013-11-15 16:43:48 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013-11-15 16:43:48 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013-11-15 16:43:48 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013-11-15 16:43:48 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013-11-15 16:43:48 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013-11-15 16:10:23 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-12-29 11:26:54 | 008,904,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2007-12-28 14:58:30 | 000,289,280 | ---- | M] (NETGEAR Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wg111v3.sys -- (RTL8187B)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&FORM=IE8SRC

IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\pawel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-15 16:43:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013-11-16 09:33:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-12-20 16:45:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Dokumenty Google = \Users\pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = \Users\pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = \Users\pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = \Users\pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = \Users\pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0\
CHR - Extension: Google Wallet = \Users\pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = \Users\pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Jump Flip) - {6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} - C:\Program Files\Jump Flip\JumpFlipBHO.dll (Jump Flip)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ChomikBox] C:\Program Files\ChomikBox\chomikbox.exe ( )
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Users\pawel\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F7FC26D-4A16-464B-95BC-E423BA30F93C}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010-05-14 02:29:28 | 000,000,175 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{084f7f4c-6af8-11e3-a044-0016e68f911f}\Shell - "" = AutoRun
O33 - MountPoints2\{084f7f4c-6af8-11e3-a044-0016e68f911f}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O33 - MountPoints2\{f0a6462e-4dfd-11e3-8153-0016e68f911f}\Shell - "" = AutoRun
O33 - MountPoints2\{f0a6462e-4dfd-11e3-8153-0016e68f911f}\Shell\AutoRun\command - "" = H:\setup.exe -- [2010-05-14 02:29:28 | 000,464,248 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{f0a6462e-4dfd-11e3-8153-0016e68f911f}\Shell\configure\command - "" = H:\setup.exe -- [2010-05-14 02:29:28 | 000,464,248 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{f0a6462e-4dfd-11e3-8153-0016e68f911f}\Shell\install\command - "" = H:\setup.exe -- [2010-05-14 02:29:28 | 000,464,248 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup.exe -- [2010-05-14 02:29:28 | 000,464,248 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\H\Shell\configure\command - "" = H:\setup.exe -- [2010-05-14 02:29:28 | 000,464,248 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\H\Shell\install\command - "" = H:\setup.exe -- [2010-05-14 02:29:28 | 000,464,248 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014-01-12 20:41:48 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-12 20:41:48 | 000,000,000 | ---D | C] -- \AdwCleaner
[2014-01-09 15:48:28 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2014-01-09 15:48:22 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2014-01-09 14:23:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014-01-09 13:45:33 | 000,000,000 | ---D | C] -- C:\Users\pawel\UltraStar
[2014-01-08 18:17:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2014-01-08 18:17:10 | 000,000,000 | ---D | C] -- C:\Program Files\Jump Flip
[2014-01-08 16:49:09 | 000,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\escimgd.dll
[2014-01-08 16:49:09 | 000,029,696 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\escwiad.dll
[2014-01-08 16:49:09 | 000,022,016 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\esccmd.dll
[2014-01-08 16:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
[2014-01-08 16:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2014-01-08 16:48:43 | 000,000,000 | ---D | C] -- C:\EPSON
[2014-01-08 16:48:43 | 000,000,000 | ---D | C] -- \EPSON
[2014-01-06 14:46:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2014-01-01 17:23:15 | 000,000,000 | ---D | C] -- C:\Users\pawel\.android
[2014-01-01 17:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2014-01-01 17:21:40 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013-12-31 23:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraStar Deluxe
[2013-12-31 23:01:38 | 000,000,000 | ---D | C] -- C:\Program Files\UltraStar Deluxe
[2013-12-31 21:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013-12-31 21:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013-12-31 20:51:53 | 000,000,000 | ---D | C] -- C:\Users\pawel\.gstreamer-0.10
[2013-12-31 20:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl
[2013-12-31 20:51:32 | 000,000,000 | ---D | C] -- C:\Program Files\ChomikBox
[2013-12-31 16:45:10 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2013-12-31 16:45:09 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2013-12-31 16:45:09 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2013-12-31 16:45:09 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2013-12-31 16:45:09 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2013-12-31 16:45:09 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2013-12-31 16:45:08 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2013-12-31 16:45:08 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2013-12-31 16:45:08 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2013-12-31 16:45:07 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2013-12-31 16:45:06 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2013-12-31 16:45:06 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2013-12-31 16:45:06 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2013-12-31 16:45:06 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2013-12-31 16:45:06 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2013-12-31 16:45:05 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2013-12-31 16:45:05 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2013-12-31 16:45:05 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2013-12-31 16:45:05 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2013-12-31 16:45:04 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2013-12-31 16:45:04 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2013-12-31 16:45:04 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2013-12-31 16:45:04 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2013-12-31 16:45:04 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2013-12-31 16:45:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2013-12-31 16:45:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2013-12-31 16:45:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2013-12-31 16:45:03 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2013-12-31 16:45:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2013-12-31 16:45:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2013-12-31 16:45:02 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2013-12-31 16:45:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2013-12-31 16:45:02 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2013-12-31 16:45:01 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2013-12-31 16:45:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2013-12-31 16:45:01 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2013-12-31 16:45:00 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2013-12-31 16:45:00 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2013-12-31 16:45:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2013-12-31 16:45:00 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2013-12-31 16:44:59 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2013-12-31 16:44:59 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2013-12-31 16:44:59 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2013-12-31 16:44:58 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2013-12-31 16:44:58 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2013-12-31 16:44:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2013-12-31 16:44:57 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2013-12-31 16:44:57 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2013-12-31 16:44:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2013-12-31 16:44:57 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2013-12-31 16:44:56 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2013-12-31 16:44:56 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2013-12-31 16:44:56 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2013-12-31 16:44:56 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2013-12-31 16:44:56 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2013-12-31 16:44:55 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2013-12-31 16:44:55 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2013-12-31 16:44:54 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2013-12-31 16:44:54 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2013-12-31 16:44:54 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2013-12-31 16:44:54 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2013-12-31 16:44:53 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2013-12-31 16:44:53 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2013-12-31 16:44:53 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2013-12-31 16:44:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2013-12-31 16:44:52 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2013-12-31 16:44:52 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2013-12-31 16:44:52 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2013-12-31 16:44:52 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2013-12-31 16:44:51 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2013-12-31 16:44:51 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2013-12-31 16:44:51 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2013-12-31 16:44:46 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2013-12-31 16:44:46 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2013-12-31 16:44:46 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2013-12-31 16:44:46 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2013-12-31 16:44:45 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2013-12-31 16:44:45 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2013-12-31 16:44:44 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2013-12-31 16:44:44 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2013-12-31 16:44:44 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2013-12-31 16:43:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Techland
[2013-12-31 16:38:48 | 000,000,000 | ---D | C] -- C:\Program Files\Techland
[2013-12-23 20:32:50 | 004,558,848 | ---- | C] (Google Inc.) -- C:\Windows\System32\GPhotos.scr

========== Files - Modified Within 30 Days ==========

[2014-01-12 21:03:53 | 000,687,590 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-01-12 21:03:53 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-01-12 21:03:53 | 000,131,176 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-01-12 21:03:53 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-01-12 21:01:36 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-01-12 21:01:36 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-01-12 20:54:23 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-01-12 20:53:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-01-12 20:53:41 | 2415,566,848 | -HS- | M] () -- C:\hiberfil.sys
[2014-01-12 20:50:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-01-12 20:34:02 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-01-12 14:36:32 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014-01-12 14:36:31 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014-01-09 15:49:50 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\Audacity.lnk
[2014-01-09 15:48:25 | 000,001,091 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2014-01-09 14:23:09 | 000,002,211 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-01-08 18:14:59 | 000,000,568 | ---- | M] () -- C:\Users\Public\Desktop\Play UltraStar Deluxe.lnk
[2014-01-08 16:51:46 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2014-01-04 11:18:15 | 000,001,241 | ---- | M] () -- C:\Users\Public\Desktop\Karaoke Radio Eska vol. 2.lnk
[2014-01-01 17:22:41 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2013-12-31 20:51:38 | 000,000,632 | ---- | M] () -- C:\Users\Public\Desktop\ChomikBox.lnk
[2013-12-31 16:43:22 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\Karaoke Radio Wawa.lnk
[2013-12-23 20:32:50 | 004,558,848 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr

========== Files Created - No Company Name ==========

[2014-01-09 15:49:50 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\Audacity.lnk
[2014-01-09 15:49:49 | 000,000,981 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2014-01-09 15:48:46 | 000,001,091 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2014-01-09 15:48:46 | 000,001,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2014-01-09 14:23:09 | 000,002,211 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-01-09 14:21:36 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-01-09 14:21:34 | 000,001,030 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-01-08 18:19:16 | 000,808,979 | ---- | C] () -- C:\Windows\System32\avcodec-52.84.0.dll
[2014-01-08 18:14:59 | 000,000,568 | ---- | C] () -- C:\Users\Public\Desktop\Play UltraStar Deluxe.lnk
[2014-01-08 16:49:09 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2014-01-04 11:18:15 | 000,001,241 | ---- | C] () -- C:\Users\Public\Desktop\Karaoke Radio Eska vol. 2.lnk
[2014-01-01 17:22:41 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2013-12-31 20:51:38 | 000,000,632 | ---- | C] () -- C:\Users\Public\Desktop\ChomikBox.lnk
[2013-12-31 16:43:22 | 000,001,185 | ---- | C] () -- C:\Users\Public\Desktop\Karaoke Radio Wawa.lnk
[2013-11-15 17:52:43 | 003,180,264 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2013-11-15 17:52:40 | 000,449,481 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013-11-15 16:43:53 | 000,178,304 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013-11-15 16:43:52 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013-11-15 16:37:04 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe
[2013-11-15 16:37:04 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2013-11-15 15:36:23 | 000,217,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013-11-15 14:37:41 | 2415,566,848 | -HS- | C] () -- \hiberfil.sys
[2009-07-14 03:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009-07-14 03:04:04 | 000,000,010 | ---- | C] () -- \config.sys

========== ZeroAccess Check ==========

[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========


========== Purity Check ==========



< End of report >
Na górę
filutka78

Użytkownik
Posty: 1485
Rejestracja: 28 sty 2009, 17:40

Prośba o sprawdzenie Logów

Post12 sty 2014, 21:28

Hmm, w nowym logu OTL nie ma już tych folderów w Autostarcie, i potwierdza tom log z SystemLook.
W jaki sposób to załatwiłeś?

Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:
:OTL
[2014-01-01 17:23:15 | 000,000,000 | ---D | C] -- C:\Users\pawel\.android
SRV - [2014-01-10 22:44:45 | 000,097,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Jump Flip\bin\utilJumpFlip.exe -- (Util Jump Flip)
SRV - [2014-01-10 20:11:30 | 000,097,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Jump Flip\updateJumpFlip.exe -- (Update Jump Flip)
O2 - BHO: (Jump Flip) - {6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} - C:\Program Files\Jump Flip\JumpFlipBHO.dll (Jump Flip)

:Files
C:\Program Files\Jump Flip

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Pokaż raport, który pokaże się po restarcie.

F.
Na górę
Pablo9976

Użytkownik
Posty: 3
Rejestracja: 12 sty 2014, 14:21

Prośba o sprawdzenie Logów

Post12 sty 2014, 22:01

All processes killed
========== OTL ==========
C:\Users\pawel\.android folder moved successfully.
Error: Unable to stop service Util Jump Flip!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Jump Flip deleted successfully.
C:\Program Files\Jump Flip\bin\utilJumpFlip.exe moved successfully.
Error: Unable to stop service Update Jump Flip!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Jump Flip deleted successfully.
C:\Program Files\Jump Flip\updateJumpFlip.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b}\ deleted successfully.
C:\Program Files\Jump Flip\JumpFlipBHO.dll moved successfully.
========== FILES ==========
C:\Program Files\Jump Flip\bin\plugins folder moved successfully.
C:\Program Files\Jump Flip\bin folder moved successfully.
C:\Program Files\Jump Flip folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users
-> No Temporary Internet Files cache folder defined!

User: Default
-> No Temporary Internet Files cache folder defined!

User: Default User
-> No Temporary Internet Files cache folder defined!

User: pawel
-> No Temporary Internet Files cache folder defined!

User: Public
-> No Temporary Internet Files cache folder defined!

User: UpdatusUser
-> No Temporary Internet Files cache folder defined!

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3350290 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01122014_215213

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

-- 12 sty 2014, 21:59 --

All processes killed
========== OTL ==========
C:\Users\pawel\.android folder moved successfully.
Error: Unable to stop service Util Jump Flip!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Jump Flip deleted successfully.
C:\Program Files\Jump Flip\bin\utilJumpFlip.exe moved successfully.
Error: Unable to stop service Update Jump Flip!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Jump Flip deleted successfully.
C:\Program Files\Jump Flip\updateJumpFlip.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b}\ deleted successfully.
C:\Program Files\Jump Flip\JumpFlipBHO.dll moved successfully.
========== FILES ==========
C:\Program Files\Jump Flip\bin\plugins folder moved successfully.
C:\Program Files\Jump Flip\bin folder moved successfully.
C:\Program Files\Jump Flip folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users
-> No Temporary Internet Files cache folder defined!

User: Default
-> No Temporary Internet Files cache folder defined!

User: Default User
-> No Temporary Internet Files cache folder defined!

User: pawel
-> No Temporary Internet Files cache folder defined!

User: Public
-> No Temporary Internet Files cache folder defined!

User: UpdatusUser
-> No Temporary Internet Files cache folder defined!

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3350290 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01122014_215213

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

-- 12 sty 2014, 22:01 --

postępowałem według twojej instrukcji i nie ingerowałem w nic sam takze nie wiem.
Wielkie dzięki za pomoc.
Na górę
filutka78

Użytkownik
Posty: 1485
Rejestracja: 28 sty 2009, 17:40

Prośba o sprawdzenie Logów

Post12 sty 2014, 22:23

W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL)
W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.
SystemLook - usuń ręcznie.

To wszystko.

EDIT:
Dopiero teraz zauważyłam w logu SystemLook, że jeden klucz wcale nie zawiera danych.
więc:
Do Notatnika wklej:

Kod: Zaznacz cały

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"AppData"="C:\\Users\\pawel\\AppData\\Roaming"
"Local AppData"="C:\\Users\\pawel\\AppData\\Local"
"My Video"="C:\\Users\\pawel\\Videos"
"{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"="C:\\Users\\pawel\\AppData\\Roaming\\Microsoft\\Windows\\Libraries"
"My Pictures"="C:\\Users\\pawel\\Pictures"
"Desktop"="C:\\Users\\pawel\\Desktop"
"History"="C:\\Users\\pawel\\AppData\\Local\\Microsoft\\Windows\\History"
"NetHood"="C:\\Users\\pawel\\AppData\\Roaming\\Microsoft\\Windows\\Network Shortcuts"
"{56784854-C6CB-462B-8169-88E350ACB882}"="C:\\Users\\pawel\\Contacts"
"Cookies"="C:\\Users\\pawel\\AppData\\Roaming\\Microsoft\\Windows\\Cookies"
"Favorites"="C:\\Users\\pawel\\Favorites"
"SendTo"="C:\\Users\\pawel\\AppData\\Roaming\\Microsoft\\Windows\\SendTo"
"Start Menu"="C:\\Users\\pawel\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu"
"My Music"="C:\\Users\\pawel\\Music"
"Programs"="C:\\Users\\pawel\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs"
"Recent"="C:\\Users\\pawel\\AppData\\Roaming\\Microsoft\\Windows\\Recent"
"PrintHood"="C:\\Users\\pawel\\AppData\\Roaming\\Microsoft\\Windows\\Printer Shortcuts"
"{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"="C:\\Users\\pawel\\Searches"
"{374DE290-123F-4565-9164-39C4925E467B}"="C:\\Users\\pawel\\Downloads"
"{A520A1A4-1780-4FF6-BD18-167343C5AF16}"="C:\\Users\\pawel\\AppData\\LocalLow"
"Startup"="C:\\Users\\pawel\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup"
"Administrative Tools"="C:\\Users\\pawel\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Administrative Tools"
"Personal"="C:\\Users\\pawel\\Documents"
"{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"="C:\\Users\\pawel\\Links"
"Cache"="C:\\Users\\pawel\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files"
"Templates"="C:\\Users\\pawel\\AppData\\Roaming\\Microsoft\\Windows\\Templates"
"{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"="C:\\Users\\pawel\\Saved Games"
"Fonts"="C:\\Windows\\Fonts"


Z Menu Notatnika >> Plik >> Zapisz jako >> Ustaw rozszerzenie na Wszystkie pliki >> Zapisz jako> FIX.REG >>
Z prawokliku na ten plik z menu kontekstowego wybierz opcję Scal. Potwierdź import do rejestru.

F.
Na górę

  • Reklama

Wróć do „Bezpieczeństwo”



Kto jest online

Użytkownicy przeglądający to forum: Obecnie na forum nie ma żadnego zarejestrowanego użytkownika i 1 gość