Komunikat: nie można uruchomić usługi

[Czarodziejczarek]

Witam dziś zresetował mi się komputer laptop parametry niżej. Po tym albo po jakiejś infekcji pojawił mi się komunikat Windows brak programu antywirusowego (posiadam avast fa) oraz że Windows defender (tez jest nic nie grzebałem - komunikat przy włączeniu: nie można uruchomić usługi ponieważ jest wyłaczona albo usługi są z nią wyłączone kod błedu 0x80070422) nie działa, zatem moje pytanie brzmi czy można to naprawić czy nie, czy jest to spowodowane infekcją czy resetem. dołączam logi.

OTL: http://wklej.eu/index.php?id=e20ce4800b OTL
OTL: http://wklej.eu/index.php?id=4c243ed425 EXTRAS
Hijackthis: http://wklej.eu/index.php?id=8002ecf743
Skan Malwarebytes-anti-malawre: http://wklej.eu/index.php?id=1d95b5554d

Logi dołączyłem

Problem rozwiązałem przeinstalowałem program antywirusowy avast i jest Oki. Temat można zamknąć a jeśli jest coś nie tak w logach to proszę sprawdzić logi. jeżeli po przeinstalowaniu należy wykonać nowe logi to je wykonam. Pozdrawiam.

[kominekl]

W HijackThis zafixuj:

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

Następnie odinstaluj HiJackThis.

Następnie uruchom OTL w oknie Własne opcje skanowania/skrypt wklej:

Kod: Zaznacz wszystko

:OTL

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CPNTDF
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CPNTDF
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1186886068-1555068181-2997140243-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
IE - HKU\S-1-5-21-1186886068-1555068181-2997140243-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
IE - HKU\S-1-5-21-1186886068-1555068181-2997140243-1000\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKU\S-1-5-21-1186886068-1555068181-2997140243-1000\..\SearchScopes\{D05C32E0-11C6-42B8-B8E2-BC41DD2C2559}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms}
IE - HKU\S-1-5-21-1186886068-1555068181-2997140243-1000\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Cezary-W-Kielanowicz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Cezary-W-Kielanowicz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
[2012-02-10 18:59:57 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
[2012-05-13 16:59:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012-05-13 11:24:44 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{003682B5-82EE-4FF1-82AB-92FABD5C23B1}
[2012-05-13 11:24:33 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{B6608C76-2695-495C-8756-857CD35F86DE}
[2012-05-12 20:23:35 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{470B6A90-F3ED-4D4A-8796-CDF7F4BC99A0}
[2012-05-12 20:23:25 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C5E1870B-9BEB-492D-A2F2-E83EA0E6C9FA}
[2012-05-11 21:45:50 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{CEA56363-D016-4E9F-BA85-25CFE04244FC}
[2012-05-11 21:45:40 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0AC1AC4F-D9D3-4003-8491-8E397C29AC92}
[2012-05-10 23:27:50 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{293A2389-3CDA-4275-A1F7-C3445AABE8D4}
[2012-05-10 23:27:40 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{5E977A88-6817-4ECA-988D-C5B870723EBF}
[2012-05-09 22:23:38 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8F2D492C-E05C-4696-B19F-86EB96D7B8CF}
[2012-05-09 22:23:28 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{08A70854-4E3F-4F9F-859D-68F96FD3F8BF}
[2012-05-09 10:23:01 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{930EF9AB-388C-4F3C-9034-DC17CD4FF5A4}
[2012-05-09 10:22:51 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{22EE04D4-2DDE-4C6D-8C00-97AD4D75BBF0}
[2012-05-08 22:47:28 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3267A377-9C95-40A3-BDC3-BED19D986839}
[2012-05-08 09:44:15 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0160B216-488F-48CE-B402-87BD77B0A90F}
[2012-05-08 09:44:04 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{AA286C2F-FE83-4407-B515-94C5154D117A}
[2012-05-07 20:38:14 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{40DCC883-CA49-4065-B6CB-AA7915805193}
[2012-05-07 20:38:04 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D929D6E0-3C97-450A-BF3F-B6A2F584B19E}
[2012-05-06 23:53:52 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{B7348040-84D1-49EE-BDD5-7995CDB01075}
[2012-05-06 23:53:42 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3888D85E-DB40-460F-A302-4382522B1DFD}
[2012-05-06 11:12:11 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{EEC02E37-9307-4F28-85AB-381E6DF07530}
[2012-05-06 11:12:00 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{64E6BA6C-161F-40F3-9713-895407B173D3}
[2012-05-05 10:48:29 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{541560E8-2C08-4C30-93D9-F1DDCCB20BF5}
[2012-05-05 10:48:18 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C26F35D3-6BBD-47D4-9ED7-9551870F83CB}
[2012-05-04 22:47:46 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{DA2C5530-CFE5-421B-8AD5-1A0DDFE89856}
[2012-05-04 22:47:35 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{27F60C5C-729E-44CE-9902-2D26DA3CF465}
[2012-05-04 10:15:30 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{AEEDAE6F-E2F1-4520-9E05-3F0BA2F35B09}
[2012-05-03 21:19:35 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{189F6404-CE90-46B7-BE8A-BC2663339A87}
[2012-05-03 21:19:25 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{63CB57A5-B6E3-4561-9880-F9B2F7E9C2DB}
[2012-05-03 09:18:55 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{54328727-81C3-4312-8E62-F596F438DF75}
[2012-05-03 09:18:45 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{EE14A7AF-F208-41FE-BEBF-52186B457BBD}
[2012-05-02 09:26:53 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{5067CA0F-8499-4B9C-955F-047039BB18F4}
[2012-05-02 09:26:42 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{B27BDDDC-24CB-4EEE-B7CD-42165A058AC7}
[2012-05-01 10:54:48 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{98A40C13-D6CB-48CA-BA81-D5A9FA8FDD26}
[2012-05-01 10:54:37 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{F9A8CBA0-F850-41A7-A65F-2F7145AC684E}
[2012-04-30 16:10:08 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3300924E-824D-4B31-90FD-ECD8B30503DE}
[2012-04-30 16:09:58 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{88D28BB5-A29D-4397-BC73-F61EB3717700}
[2012-04-29 21:45:58 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{9796C589-DFCF-4DF7-867D-7C62C8546849}
[2012-04-29 21:45:47 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{5D03FCB1-40C8-486F-BD8B-638F66B6B35A}
[2012-04-29 09:45:20 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{06124B59-79BF-48DA-93B7-04CDFA0E7CF9}
[2012-04-29 09:45:10 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{5030898F-9000-4F72-A562-057AC00CA524}
[2012-04-28 16:03:38 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{2C896007-9F49-4602-9270-9B53EE883BA7}
[2012-04-28 16:03:28 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7D25CBC4-99B3-44D5-AC2C-CCBD19D18137}
[2012-04-26 10:04:54 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0A22A5CC-8463-4C8D-95E1-DFA20AD132ED}
[2012-04-26 10:04:43 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0B5E80CD-F118-47C1-8453-652ACB7DCDAA}
[2012-04-25 21:09:40 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D3411DC8-005A-4145-B857-8DB261A003ED}
[2012-04-25 21:09:30 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C7ED454A-331B-483B-8A1E-2F1B93B0772F}
[2012-04-24 09:27:35 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{2CFCA74E-D36D-45F2-8D7B-D8C6A099C5C3}
[2012-04-24 09:27:25 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{CE21761D-E443-4261-80B3-B52765DEF617}
[2012-04-23 16:06:14 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{B9966403-27C5-4DDE-9123-807BE63BBF4F}
[2012-04-23 16:06:04 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{14B40048-30B3-4A3B-9F95-6C21220CECE2}
[2012-04-22 10:58:57 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{BDAB4E17-0061-4B50-A222-50D711CF8BF3}
[2012-04-22 10:58:47 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{99AA8BC9-5E5C-4175-A475-1BA881CEAEE7}
[2012-04-20 17:53:05 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{E4C21999-9942-4DBE-B13B-86E6035882E1}
[2012-04-20 17:52:55 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0C08831C-B2A1-431A-B1C1-76E06365B8CB}
[2012-04-19 18:24:09 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{6F0A6DC6-D405-422F-ACB6-8D42254DAA76}
[2012-04-19 18:23:42 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{FAF51365-55C7-428A-99AD-C7DBC7F32F56}
[2012-04-18 18:23:45 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{1D39A570-2F3A-4186-8338-17F8C9AA30F9}
[2012-04-18 18:23:35 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{9EE99E80-EC62-414E-8B37-B7D1CFBC265D}
[2012-04-17 19:25:47 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{1BE27D81-259A-4A94-B4B8-381B54E2E53D}
[2012-04-17 19:25:37 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{FE306F9C-EAE2-418D-B70E-1523F850D89B}
[2012-04-15 13:56:38 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C79F1DA3-9DFC-46A6-9CC4-C9A71E86B86D}
[2012-04-15 13:56:28 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D5F2F49D-09A2-4E09-B1B5-8E7790B3DA62}
[2012-04-14 11:59:34 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{570FE7A1-5E06-465F-AAFA-2E6383AA3008}
[2012-04-14 11:59:24 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{4F35C66F-4DF6-44A1-A0A9-CBB828D81DCA}
[2012-04-13 21:02:02 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{533470E6-70AC-4462-BFE5-A8848FE5E15F}
[2012-04-13 21:01:52 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{CC4733BE-FDF9-43AC-81A3-0894068A6D86}
[2012-04-13 20:53:35 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{11A4FE6E-D3E5-49F9-A14D-6350D263048A}
[2012-04-12 20:21:28 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0E3C8ECA-D710-4D2E-B94D-D83D0DC91DED}
[2012-04-12 07:59:34 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0BC0F220-E6A2-4849-969D-4B4B759D456B}
[2012-04-11 17:44:53 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{422AB746-4ADF-4AD3-92BB-8FDC1E140ACE}
[2012-04-10 17:00:40 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C59F23AA-4D8E-4F53-9724-34C2746247CA}
[2012-04-09 21:31:05 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{9980E023-193B-471A-BDA0-35F1A0458634}
[2012-03-31 21:51:24 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{EC3BFF10-4A43-431F-A32A-BE887F87AE29}
[2012-03-30 07:52:26 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{21C175DE-F980-4708-9C17-0FDD973C22C6}
[2012-03-29 14:27:09 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7F72D1A3-4B57-482F-A45B-71D85F40E693}
[2012-03-28 07:57:17 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{427DAF12-D019-4BBE-AAAB-BED959E11386}
[2012-03-28 07:57:08 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8FD03626-69AE-4463-948A-7AA06FF6F469}
[2012-03-27 13:29:53 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{02C7CFD9-F6C0-40D3-83EB-6FBE0AB60B12}
[2012-03-27 13:29:43 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{867082F4-34C7-4580-BCDF-C7B9FF895B9D}
[2012-03-26 17:13:34 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{86F7C611-6FFB-4E06-BBC9-0FC99FFC4E4D}
[2012-03-26 17:13:24 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{FFD4CC48-D7E5-429C-85B1-9978AA7875AC}
[2012-03-25 22:52:12 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{889E7B27-D81E-4506-AA56-C92689597692}
[2012-03-25 22:52:03 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{98448E63-F7B1-45F8-8366-B2AA17DB488E}
[2012-03-25 10:10:41 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8BC61171-4E70-48A1-9BD0-740CDE1ABEB1}
[2012-03-25 10:10:31 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{B0869773-9BB1-41E9-9703-BCE5A55AF14C}
[2012-03-24 15:30:07 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D091C90D-4A94-442D-ABC2-D14BE941D79A}
[2012-03-24 15:29:57 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7D61F172-207E-4B1F-931D-07990A7E79B4}
[2012-03-23 20:25:27 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{792B11B4-6A57-494F-B4B6-3E1C4AB7D182}
[2012-03-23 20:25:16 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{FEA9C7B7-E3CF-4A8C-B454-70B1FF6BA6A5}
[2012-03-22 21:25:12 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{1A5BA85A-E657-4E3C-93B3-D1C4C41AC484}
[2012-03-22 21:25:02 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{ABFA9CA3-4A5A-4CAD-AE67-C6CE53C984C0}
[2012-03-22 08:54:42 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{2D9CB3C6-601F-4513-B8C4-02AEB7A80C27}
[2012-03-22 08:54:32 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7A801BDA-D835-4DE7-B258-37BFC4F1543D}
[2012-03-21 09:06:07 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3E057820-155F-48BB-9757-ECD9E9FA2CA7}
[2012-03-21 09:05:55 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{9E1A5613-8CE6-4AA3-8E4A-F6BD0A44C8F1}
[2012-03-20 13:51:57 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3FECF7C8-59AB-4CEA-9B25-FE8B39724584}
[2012-03-20 13:51:47 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{791F72EB-132A-4C8D-9985-70EE81DDC0AE}
[2012-03-19 21:05:51 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{953E2FBB-E224-4E93-B898-48691BE4AE91}
[2012-03-19 21:05:41 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{736E402B-4BB0-4F99-968B-F6B330A8ED25}
[2012-03-18 16:13:22 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{467EFB6B-1922-40AF-9229-836CBAD22118}
[2012-03-18 16:13:13 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C272E0CB-187B-40C4-8783-22719C92AD7B}
[2012-03-17 13:51:28 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{1FCC2FDE-4A3C-4001-920B-1A6382918F63}
[2012-03-17 13:51:17 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{5761D36B-1CB6-44F4-8471-574B0814D545}
[2012-03-16 15:51:55 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8FC3A453-4E6C-4310-A29A-5F64FD54F8D4}
[2012-03-16 15:51:45 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C6277D47-75BF-434E-A18A-92F70E6C46CF}
[2012-03-15 08:56:05 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{64887828-D16F-46AF-98E2-F70C63BB8204}
[2012-03-15 08:55:55 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{EE163B03-BD10-4B1F-B103-5CF637C4309E}
[2012-03-14 20:49:09 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{84CD192C-808A-4767-9C59-661BEF9B3CFA}
[2012-03-14 20:48:59 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3B7D8FDB-34AA-403E-816F-2042E0136166}
[2012-03-14 08:48:32 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0CA1E585-0747-4148-B85F-4439C58C40CB}
[2012-03-14 08:48:22 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{A6B4C0CD-5AB2-4808-AC31-4F1A56A96029}
[2012-03-13 13:56:42 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C064B166-5A1B-4FB3-A772-1C2EB9DEEA33}
[2012-03-13 13:56:32 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{AC42C68A-DE84-4D8E-94EC-215BB20E0847}
[2012-03-12 08:50:11 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{E3C0DC8B-AFEB-42B3-8C48-B1B28CB5B4A8}
[2012-03-12 08:50:01 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{1C7B49B8-1BA0-4CEF-9B4F-955E83767B2B}
[2012-03-11 12:24:36 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C7D3EFF5-9FB1-4531-8E4D-679CF29072A4}
[2012-03-11 12:24:26 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{29F8A9AE-0217-4E62-B8CD-DFFABD2732A7}
[2012-03-11 00:32:54 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{EE5FC8A8-6EE3-4492-B9B0-ACF2F9E9572A}
[2012-03-11 00:32:44 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{84F0DE07-5123-42EE-8147-2CB015BFFB71}
[2012-03-10 01:03:02 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{2762E990-32C7-42C4-8D72-9393383C7078}
[2012-03-10 01:02:52 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{1CC7DDF8-7DE9-4BAA-8BB2-7CA258198581}
[2012-03-09 08:55:10 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{BA4FBD65-3C6F-4889-865F-725F0A359D40}
[2012-03-09 08:55:00 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{6B84A495-CC4F-4CB6-A1FF-27C91F7C3D2B}
[2012-03-08 15:25:12 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{ECBBBD48-ADC2-4E3A-9622-93196429CEB9}
[2012-03-08 15:25:02 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{383A50DD-C7CC-4E81-882F-224393E59E79}
[2012-03-07 14:44:33 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7E5B9000-CCC6-44F3-B099-C44FEEB3F80C}
[2012-03-07 14:44:24 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8050B1E0-F1E0-48C6-8018-7D1403081E2A}
[2012-03-06 21:06:28 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{F3F5398A-7A48-4AB9-900F-A4251C611904}
[2012-03-06 21:06:19 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{34805C78-49F0-4C72-BFB7-A4DC40707DAD}
[2012-03-06 08:57:55 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{EEF33D5E-3D03-416B-AB5C-D66860A1DAD3}
[2012-03-06 08:57:45 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{5177BB38-BDEA-4764-B595-9FFAFAA785F0}
[2012-03-05 20:54:08 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{4EDF4950-1FD3-4352-BE7C-5ADC95FE6384}
[2012-03-05 20:53:58 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{BAD843E9-A696-443B-9FAE-8A375A5D08B3}
[2012-03-05 08:53:27 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{2CFE78EF-87DF-4AED-B5CF-A30255B3847F}
[2012-03-05 08:53:17 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{F61E7627-8DD4-4B24-980E-95969EC63526}
[2012-03-04 20:31:11 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{E3483B86-F41B-4D6D-A9BD-87E409ED8E5F}
[2012-03-04 20:31:01 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{5F188C4D-4752-47CD-88E9-9A82783CFE2F}
[2012-03-03 13:05:39 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{77E5CBDB-1EBF-478D-93BC-BF14727C4F99}
[2012-03-03 13:05:28 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{A05D86B6-4F6A-4EBB-A0C1-14D380769A1C}
[2012-03-03 01:17:37 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{E2F06196-EEA8-48F0-986D-C78DA1A38CF6}
[2012-03-01 22:34:26 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{5315408B-1AFD-4039-AF3B-B52F706132F1}
[2012-03-01 22:34:16 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8C6203E2-281A-42E0-8205-4AB925DB46B6}
[2012-02-29 15:27:16 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{ECFE15DC-05AF-4550-969B-01B547D07481}
[2012-02-29 15:27:06 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{32DA752B-6527-42DB-AF72-3E911B2A864B}
[2012-02-28 18:07:26 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3283734F-2E6F-4C67-A0C6-3B42A3AACAE6}
[2012-02-28 18:07:15 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C6095537-0CD5-408E-AD9F-BBC10928A825}
[2012-02-27 08:44:59 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{DD8B9783-9ABF-43D3-8166-A22D8706121B}
[2012-02-27 08:44:49 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3D782968-5F89-441A-B47D-C4F5853CC234}
[2012-02-26 13:24:45 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{085661C0-F39E-427E-A2C9-A4B7587EDCD2}
[2012-02-26 13:24:35 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{EF69B338-5212-4A12-AF34-EAD39FB1E87B}
[2012-02-25 20:41:13 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{EF390E01-0BD5-4977-B9DE-390AE12D8FC3}
[2012-02-25 20:41:03 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{6690CBCD-71DB-4943-A791-97E400EFCA81}
[2012-02-23 14:36:37 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{12285D5E-DE1D-456E-86A3-0C887FF1D856}
[2012-02-23 14:36:27 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7FD6F873-28CF-4A84-9A18-AECC0641D27E}
[2012-02-20 08:51:36 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{79AEF370-EB42-41E7-B1A0-83B0AB20E598}
[2012-02-20 08:51:27 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{EE2A8BEA-A54A-415A-A0D2-5E8E3E4DEA00}
[2012-02-19 22:12:55 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back
[2012-02-19 12:15:45 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{B9D1815F-1A97-43A7-8E74-4B10C056F0BD}
[2012-02-18 11:00:55 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{85668371-6AE0-4C3A-9355-FDD217F12D16}
[2012-02-17 22:48:28 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{E961E3F7-E38E-4B1A-836F-4BFFE532EFDE}
[2012-02-17 22:47:56 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{BC851BFC-D917-4004-AC06-1232BC06CBAC}
[2012-02-17 08:53:26 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{39AB4943-12F0-46F9-849A-18421E7CB43C}
[2012-02-17 08:53:16 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{068E7AFB-250E-4838-B67A-6A1A6EBEC97E}
[2012-02-16 19:45:37 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{74436CAD-A4EE-4064-8A0B-D8AB10A86755}
[2012-02-16 19:45:27 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{46BC1A0B-8236-486A-A400-298FB296FB14}
[2012-02-15 21:49:57 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{2D50927D-8E6B-4595-899B-283B63FEE1FD}
[2012-02-15 21:49:30 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{921DA332-30FE-462C-856B-E7B345689FBB}
[2012-02-14 13:37:00 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{2311940B-C15C-4314-AEDB-3EC5BF6A9638}
[2012-02-14 13:36:33 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{CC683F2E-A2AC-4D09-9187-9D4440CB45E1}
[2012-02-13 14:12:10 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{2520BFC9-11B5-4045-A0CF-263ECECEB497}
[2012-02-13 14:11:43 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7CD1FDA0-9BB2-4EB4-A7A7-52E580C9DCCD}
[2012-02-12 21:11:13 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{16F2A94E-4AEC-4759-B6C3-9F1B9366D92B}
[2012-02-12 21:10:45 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{FB79460C-3A7E-498B-AF0D-32B100CF8FB4}
[2012-02-11 11:33:39 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{30B638E7-0D14-4B8D-8826-275E7025B6F4}
[2012-02-11 11:33:12 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{CF591FCC-9E6A-4629-A4A3-F8883F01744A}
[2012-02-10 17:10:54 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C1463B1B-2D4B-403D-855F-FB8298D73E5A}
[2012-02-10 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3BF7CE77-F1F0-4F7C-8568-E1FF70EB88E8}
[2012-02-09 19:32:55 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{9BE66460-F081-4DF4-82FD-73D662782663}
[2012-02-09 19:32:45 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{F585D1ED-5F25-4DAA-AA54-995BEBA51671}
[2012-02-08 21:38:16 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{00E1DF90-7CEC-47D4-B433-6C72985A2C37}
[2012-02-08 21:37:58 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{86954230-6776-44FF-AC9B-ECBCCE0B160C}
[2012-02-07 22:07:52 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{65ECEFC4-C678-4200-A167-458E47456963}
[2012-02-07 22:07:26 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{A1C4871A-FC4B-4A7C-8995-1267AE50C3AA}
[2012-02-06 22:12:55 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0ADE53F3-F4C2-412C-9BF2-77C7BBE7DE7F}
[2012-02-06 22:12:28 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{E7C2201A-9B83-4063-BA95-9CACF50DD55D}
[2012-02-05 11:40:48 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{BDDDFDC5-38D1-4188-B091-23ED66CCE245}
[2012-02-05 11:40:21 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{A05015B9-F9E1-4A89-90EE-0896525D6893}
[2012-02-04 22:51:27 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{EA58471E-F734-4D9F-9C9A-1FE680830337}
[2012-02-04 22:51:00 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{9DB817F6-9E80-44A7-8113-63377CA7EFD5}
[2012-02-04 10:50:32 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8DAEE193-8994-4DA0-90DA-749D55735E51}
[2012-02-04 10:50:04 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{11BC1CCD-B3D5-43B3-90C0-94D0619897C8}
[2012-02-03 16:52:33 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{9DFD105E-44F8-4D75-86CC-28315C810398}
[2012-02-03 16:52:07 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3867FA7E-434E-49C2-86C6-FACD084964A5}
[2012-02-02 17:37:29 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{16B87E33-8E66-4B6D-992B-88423483593A}
[2012-02-02 17:37:19 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{F5D1D55F-1687-4A31-839A-F21223184B20}
[2012-02-01 17:19:31 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{6238BD2A-181F-4DEF-B4D8-BAA1BA04B82D}
[2012-02-01 17:19:21 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{620DBD1F-CF34-4046-9143-AABABE04D993}
[2012-01-31 23:28:31 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{B3B55437-F632-40B2-A824-5D1FBAF952C9}
[2012-01-31 23:28:21 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8390C4C5-E7EA-48F6-94CC-5A6A0DBA1D35}
[2012-01-31 11:13:50 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D282205D-6E49-4C90-8B37-B8A1C927C73A}
[2012-01-31 11:13:24 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{ED02206D-4FED-47C4-AB47-670314585828}
[2012-01-30 22:18:34 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{40AAA6FD-E4FC-4D95-818E-B5D7357A3358}
[2012-01-30 22:18:24 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{493FF2D3-A1DD-4231-8896-3D74147F664B}
[2012-01-30 10:12:02 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{94993612-CA9B-4D35-BE59-6B1F9EDC70E8}
[2012-01-30 10:11:52 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{42E06297-F7E3-4DEF-80D3-378217EDDB67}
[2012-01-29 17:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
[2012-01-29 13:40:54 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{A07D2B97-E877-4C28-B452-6F12F985AFB8}
[2012-01-29 13:40:27 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{32574FE8-BC93-4C99-B6BD-4084043F7883}
[2012-01-28 12:05:47 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{2AA30BB2-3CED-4523-8E0D-FFF3A2C96012}
[2012-01-28 12:05:17 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{1177E15B-7C7A-442F-89B3-64168CDE47FF}
[2012-01-27 21:25:27 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D18E53AB-F567-46EF-B042-AC1EB4F90FEC}
[2012-01-27 21:25:13 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{81A74649-60F5-4E11-8C09-945B655E964F}
[2012-01-27 08:39:24 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D6A95685-B271-4841-89B7-DB9473414F25}
[2012-01-26 18:33:56 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{92F55B8E-CE0E-4016-A603-CC5A798D547F}
[2012-01-26 18:33:29 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7423F1C8-C089-4520-8ACF-52447B40CF12}
[2012-01-25 15:20:01 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{1C341F7D-ACC6-46CB-8E01-AB07A0BABC2B}
[2012-01-25 15:19:35 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{1CFCD8D7-8FA7-45C0-8493-79080CAA81C9}
[2012-01-24 17:08:45 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{EFB02088-D14B-4B70-8E65-38CB8D4CD543}
[2012-01-24 17:08:31 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{9084832D-F553-4295-A8DD-69B5B25BEAB8}
[2012-01-23 21:06:43 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3A12A257-2461-4A89-A115-E2874C1B991C}
[2012-01-23 21:06:12 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{65A82345-C942-4967-8F6D-41B9B7388438}
[2012-01-23 08:54:03 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{96DCEF27-C020-43DF-B192-E363B7128837}
[2012-01-23 08:53:53 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7A491A4A-CDD1-4569-AE6F-11A5CCAB6F22}
[2012-01-22 12:28:11 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0401510C-8155-4083-B0E8-36B50621F1BB}
[2012-01-22 12:27:44 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{FA34A35D-804F-4498-AABD-B171BF5332FB}
[2012-01-21 19:17:03 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{91F00B62-8FD0-4299-93C9-4CEC9E456FD6}
[2012-01-21 19:16:53 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3BA8358C-6D41-400A-8D59-FE329A9BA9DC}
[2012-01-20 21:28:33 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{F04B9205-D09A-41A4-988C-1A298AAA9D6A}
[2012-01-20 21:28:07 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D4FE571E-0F2A-45E1-9099-B72171E77F44}
[2012-01-20 09:02:40 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{548CB9C7-43F9-4F46-8AA6-67C01ABAEF1A}
[2012-01-20 09:02:14 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{A34B5C57-47EB-4A72-9F55-357EB49D4D5E}
[2012-01-19 15:03:42 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{647504DA-9603-4B65-B5D3-579994B0F11A}
[2012-01-19 15:03:29 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8895F480-916B-402A-8243-AC6EE271C14A}
[2012-01-18 21:04:39 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3F9340E0-D4A1-4145-97B3-74CA9FD4DCFD}
[2012-01-18 21:04:10 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{385E3E23-5D90-4C59-8831-D6FE9AB53CF2}
[2012-01-18 09:03:40 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{9318D5E9-33D6-4FF4-B30E-32C4236C1146}
[2012-01-18 09:03:07 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3BA5C318-BFB8-4D52-96BF-9EE1733A6666}
[2012-01-17 20:55:20 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C9E1E489-7CA3-404F-B78B-1FCD61C46EE6}
[2012-01-17 20:55:06 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{380D7C4F-72FD-4DD9-AC26-FE3F137E0FD0}
[2012-01-17 08:54:39 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{34CA0669-8537-4EBA-AC10-F0294CD18453}
[2012-01-17 08:54:00 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{9961075F-FD45-491C-88E8-09707E3E2A2C}
[2012-01-16 18:56:07 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C97CFCC3-10F0-434A-9ADE-5F494DB1EA9E}
[2012-01-16 18:55:55 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{701BF044-2BCA-4DBC-931D-676216A4BBD2}
[2012-01-15 12:06:57 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0790A60C-AB84-48C7-89D6-CEFAFCDF8202}
[2012-01-15 12:06:43 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7463650A-064E-4FC5-A0B5-3096127F9C6F}
[2012-01-14 23:44:09 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7F5C5C7F-A3C1-419A-BB2D-19DFB97F3CB1}
[2012-01-14 23:43:42 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{906A3484-46DD-4351-A6A5-2AF6BC2D3093}
[2012-01-14 11:16:44 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{E0196373-16E0-41D9-95E3-FF5AA2812B8D}
[2012-01-14 11:16:18 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D35D52E9-3654-457B-95BA-97ED895043B4}
[2012-01-13 17:47:26 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{434B6D90-A124-4177-A8F4-95B1FFC337C7}
[2012-01-13 17:46:56 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{3B94E4AC-5E3C-4BFD-A6CE-EF7983845467}
[2012-01-13 00:37:11 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8038DB03-49B9-46DE-A836-F11F6CE74E57}
[2012-01-13 00:36:42 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{29A50D53-E6BD-4AD6-AD82-257C06340BF2}
[2012-01-12 10:31:49 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{61BF1DBD-6690-46C1-AD86-9DB13AFB85E7}
[2012-01-12 10:31:15 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{64F9755D-C60F-48B0-B1A2-7BD8A2E187CC}
[2012-01-11 11:56:04 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{886C2C0C-FEE7-41A8-A3E5-A297B82DF94B}
[2012-01-11 11:55:38 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7D75E25D-2085-475D-A0EC-EA1016BE9C0D}
[2012-01-10 15:08:36 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8263008B-8444-4FD8-A9FF-B93522946F55}
[2012-01-10 15:08:07 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{97FDF203-B8DC-4931-8F75-F25140938DF9}
[2012-01-09 23:35:01 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{2EB63815-D115-45FD-941C-A8AA5D1C5085}
[2012-01-09 23:34:23 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7ED0FB33-585A-415B-AAE4-F5F8D13590BF}
[2012-01-09 11:09:39 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8D214DCF-D908-4F20-BD27-0358DEBE1D25}
[2012-01-09 11:09:08 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{7C4B7B53-309C-41EB-A39B-1C9EB95B227B}
[2012-01-08 21:35:07 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{49B6DEEE-35A7-47E0-8959-BEA7855D7948}
[2012-01-08 21:34:38 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{E958911F-825B-4035-8CB5-0551B233ADE7}
[2012-01-07 14:47:06 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{A33AFD7A-2BAA-46FD-9D14-08B7952E58C9}
[2012-01-07 14:46:40 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{59D10725-A70C-4519-AAB3-506CC157938F}
[2012-01-07 02:46:13 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{BD01FE1E-695D-48AF-81E4-1228606A5FC7}
[2012-01-07 02:46:13 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{61E444AC-6BB9-49FC-8536-B7C52B2C39DA}
[2012-01-07 02:45:51 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{44093837-8BF6-41DE-8DC8-D5B659A1E815}
[2012-01-06 11:54:16 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{9F6B4AB6-3536-4E9D-89F3-5ACC8E0EF8F0}
[2012-01-06 11:53:57 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0E9522F2-C32A-4BCD-9D6F-5601159AF71F}
[2012-01-05 12:23:25 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{266CC45F-AC07-4A76-8B5A-E1664D2E1E99}
[2012-01-05 12:22:56 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{5A45A449-BB15-46F3-93DE-547B5DAD00D0}
[2012-01-04 17:55:11 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{A125F992-B305-48AA-800F-BF712ADC0E97}
[2012-01-04 17:54:43 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{DABB0F8E-6755-4C24-8088-11DE9CBC4736}
[2012-01-04 00:58:04 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D0171D86-0764-4015-96B0-2EFE74BD966B}
[2012-01-04 00:57:35 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{9C5C95DF-8D18-4912-9D37-DBB54349F470}
[2012-01-03 10:58:08 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{5A74E20C-1954-456E-B4FF-3AE033A3DD2A}
[2012-01-03 10:57:55 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{8391FC65-C70F-4E03-859B-8DAC9880A38E}
[2012-01-02 15:49:56 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{0CA484C9-4041-4668-BD7C-8985646D898E}
[2012-01-02 15:49:29 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{25D2D6E3-4443-43A9-99BF-40D586DF4A57}
[2012-01-01 19:17:04 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D024A6DC-8D42-4B22-B3E1-BD99F33BDF11}
[2012-01-01 19:16:52 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C0C9B3B8-4D6D-4934-A426-DE874388993F}
[2012-01-01 18:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}
[2011-12-31 11:43:58 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C59178BD-7D08-4682-8352-F6514687B9A8}
[2011-12-31 11:43:48 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{DFB1DA9A-00D9-4F98-BBCE-6F6B328C262C}
[2011-12-31 02:40:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}

:Files
C:\Windows\tasks\*.job
C:\Windows\tasks\SA.DAT

:Reg
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

:Commands
[emptyflash]
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podajesz nowe logi z OTL + log z TDSSKiller otl-gmer-silent-runners-sdfix-i-inne-poradnik-t13967-15.html#p120292 + log z Autoruns otl-gmer-silent-runners-sdfix-i-inne-poradnik-t13967-15.html#p138589.

[Czarodziejczarek]

Hijack this zrobione.
Log OTL po czyszczeniu: http://wklej.eu/index.php?id=ed9be6078e
Nowy OTL: http://wklej.eu/index.php?id=53577e3fc7
Nowy Extras: http://wklej.eu/index.php?id=221a765c15
Kasperski tdsskiller: http://wklej.eu/index.php?id=2b99082368
Jeżeli chodzi o Autoruns to próbowałem pobierac z instalki.pl i dobreprogramy.pl i otrzymywałem takie komunikaty;

Kod: Zaznacz wszystko

Podany plik XML nie zawiera żadnych informacji o stylach z nim związanych. Poniżej wyświetlone jest drzewo dokumentu.
      <Error><Code>OutOfRangeInput</Code><Message>One of the request inputs is out of range.
RequestId:d3fec6d1-f462-4dc9-8720-3afa1438c463
Time:2012-05-13T21:55:49.8844561Z</Message></Error>

[Bozz]

Dzięki za sygnał, poprawione: http://www.instalki.pl/programy/downloa ... oruns.html

[kominekl]

OK. Poczekam jeszcze na Autoruns.

[Czarodziejczarek]

pytanie tylko gdzie mam wrzucić te autoruns bo nie wiem zapodam na chomiku.pl.
Link: http://chomikuj.pl/CzarodziejCzarek/P*26r*3dz*2be)m*3de*2bk
http://wklej.eu/index.php?id=9cc5aea15e

[kominekl]

W Autoruns odznacz, a następnie usuń (co się będzie dało) kolejno wpisy rdpclip, IgfxTray, Persistence, Microsoft Windows, LightScribe Control Panel, Microsoft Windows, MBAMShlExt, MBAMShlExt, Java(tm) Plug-In 2 SSV Helper, Java(tm) Plug-In SSV Helper, Windows Live ID Sign-in Helper, Adobe PDF Link Helper, Bing Bar Helper, Java(tm) Plug-In 2 SSV Helper, Java(tm) Plug-In SSV Helper, Skype Browser Helper, Bing, wszystko z zakładki Task Scheduler, AdobeARMservice, BBSvc, BBUpdate, gusvc, HP Support Assistant Service, SkypeUpdate i ALSysIO.

Następnie odinstaluj koniecznie Bing Bar i Malwarebytes Anti-Malware (zła forma instalacji).

Następnie uruchom OTL w oknie Własne opcje skanowania/skrypt wklej:

Kod: Zaznacz wszystko

:OTL

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF

:Files
C:\Users\Cezary-W-Kielanowicz\AppData\Local\Temp
C:\Windows\tasks\SA.DAT

:Commands
[emptyflash]
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podajesz nowe logi z OTL.

[Czarodziejczarek]

http://wklej.eu/index.php?id=88d28c9ac9 log z usuwania.

Następnie odinstaluj koniecznie Bing Bar i Malwarebytes Anti-Malware (zła forma instalacji). - zrobione.

W Autoruns odznacz, a następnie usuń (co się będzie dało) kolejno wpisy rdpclip, IgfxTray, Persistence, Microsoft Windows, LightScribe Control Panel, Microsoft Windows, MBAMShlExt, MBAMShlExt, Java(tm) Plug-In 2 SSV Helper, Java(tm) Plug-In SSV Helper, Windows Live ID Sign-in Helper, Adobe PDF Link Helper, Bing Bar Helper, Java(tm) Plug-In 2 SSV Helper, Java(tm) Plug-In SSV Helper, Skype Browser Helper, Bing, wszystko z zakładki Task Scheduler, AdobeARMservice, BBSvc, BBUpdate, gusvc, HP Support Assistant Service, SkypeUpdate i ALSysIO.

- tego nie robiłem nie mogłem wielu wyłączyć a po tych rzeczach wnisokuje że są to normalne programy. Nie przeszkadzają mi. chyba że na legasz !!!

nowe logi:
http://wklej.eu/index.php?id=fef2e7dd66 extras

http://wklej.eu/index.php?id=cf199b8548 otl

[kominekl]

Raczej proszę niż nalegam. Utwórz kopie zapasową, jak chcesz. Jednak komputer dzięki tym zabiegom będzie zoptymalizowany. Następnie podaj nowe logi z OTL.

[Czarodziejczarek]

Logi a te odchaczanie wykonałem prócz zakładki

wszystko z zakładki Task Scheduler

ponieważ to znam i powrotnie bym to ustawił reszta poszła, ta która dała rade.
extras

http://wklej.eu/index.php?id=c1b9e4a47a

otl

http://wklej.eu/index.php?id=bac0f0b7a0

[kominekl]

Uruchom OTL w oknie Własne opcje skanowania/skrypt wklej:

:OTL

[2012-05-18 11:44:36 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{A698E5FE-0F60-4A56-97A7-CA5BEDE40765}
[2012-05-18 11:44:24 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{2FD20AE7-65AC-4C98-A987-1EEF8450AE3A}
[2012-05-17 23:29:22 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{6183C83C-8E56-4C6B-BFFA-B768539039D6}
[2012-05-17 23:29:12 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{B1920274-62F7-4DB9-830E-FE0AE20F7401}
[2012-05-17 09:03:44 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{90243112-C996-40CA-90FB-446323A47570}
[2012-05-17 09:03:31 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{A19B9A00-24EA-4FF3-B3C0-F7534FD2949D}
[2012-05-16 21:54:02 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\Temp
[2012-05-16 09:45:43 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C8071893-840F-4EAB-87DA-3DC62F1516CA}
[2012-05-16 09:45:33 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{6241E24A-67F7-4D3B-B0D0-509A8047D2BF}
[2012-05-15 09:07:44 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{F0F1886A-2921-4FF2-B107-C568F8817710}
[2012-05-15 09:07:34 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{B4F881BA-25D9-4BAD-AC9C-4FB70323C47D}
[2012-05-14 09:58:04 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{AEB152C5-DB1F-4781-8071-02E1DF751260}
[2012-05-14 09:57:54 | 000,000,000 | ---D | C] -- C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D29E66E9-CA3A-4513-97D3-3844CCEA519D}
[2012-05-18 18:52:42 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

:Commands
[emptyflash]
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie w OTL Sprzątanie.

Odinstaluj starą wersję Java`y Java(TM) 6 Update 31 i zainstaluj najnowszą http://www.instalki.pl/programy/downloa ... /Java.html.
Odinstaluj starą wersję paczki kodeków K-Lite Codec Pack 8.0.0. Zainstaluj najnowszą wersję K-Lite Codec Pack https://www.instalki.pl/download/programy/windows/multimedia/kodeki/k-lite-codec-pack-full/.
Odinstaluj starą wersję Skype`a Skype™ 5.8 i zainstaluj najnowszą http://www.instalki.pl/programy/downloa ... Skype.html.
Przeczyść dysk i rejestr CCleaner`em https://www.instalki.pl/download/programy/windows/narzedzia/narzedzia-systemowe/ccleaner/.
Wykonaj pełne skanowanie Malwarebytes`em Anti-Malware (nie gódź się na wersję testową) https://www.instalki.pl/download/programy/windows/bezpieczenstwo/antyspyware/malwarebytes/, jeśli coś znajdzie usuń i daj raport.

[Czarodziejczarek]

pierwszy log sie nie udał otrzymałem takie coś:

Kod: Zaznacz wszystko

Files\Folders moved on Reboot...
C:\Users\Cezary-W-Kielanowicz\AppData\Local\Temp folder moved successfully.

Registry entries deleted on Reboot...

drugi log jest taki

Kod: Zaznacz wszystko

All processes killed
========== OTL ==========
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\{A698E5FE-0F60-4A56-97A7-CA5BEDE40765}\ not found.
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\{2FD20AE7-65AC-4C98-A987-1EEF8450AE3A}\ not found.
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\{6183C83C-8E56-4C6B-BFFA-B768539039D6}\ not found.
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\{B1920274-62F7-4DB9-830E-FE0AE20F7401}\ not found.
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\{90243112-C996-40CA-90FB-446323A47570}\ not found.
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\{A19B9A00-24EA-4FF3-B3C0-F7534FD2949D}\ not found.
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\Temp\ not found.
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\{C8071893-840F-4EAB-87DA-3DC62F1516CA}\ not found.
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\{6241E24A-67F7-4D3B-B0D0-509A8047D2BF}\ not found.
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\{F0F1886A-2921-4FF2-B107-C568F8817710}\ not found.
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\{B4F881BA-25D9-4BAD-AC9C-4FB70323C47D}\ not found.
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\{AEB152C5-DB1F-4781-8071-02E1DF751260}\ not found.
Folder C:\Users\Cezary-W-Kielanowicz\AppData\Local\{D29E66E9-CA3A-4513-97D3-3844CCEA519D}\ not found.
C:\Windows\Tasks\SA.DAT moved successfully.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: Administrator
 
User: All Users
 
User: Cezary-W-Kielanowicz
->Flash cache emptied: 0 bytes
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
Restore point Set: OTL Restore Point
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: Cezary-W-Kielanowicz
->Temporary Internet Files folder emptied: 49152 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 50013196 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 751 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 48,00 mb
 
 
OTL by OldTimer - Version 3.2.42.3 log created on 05182012_211458

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


i to tyle ??? stare programu usunalem teraz instaluje nowe i robie czuyszczenie.

log malware

Kod: Zaznacz wszystko

Malwarebytes Anti-Malware (Okres testowy) 1.61.0.1400
www.malwarebytes.org

Wersja bazy: v2012.05.19.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cezary-W-Kielanowicz :: CEZARY-W-K-HP [administrator]

Ochrona: Włączona

2012-05-19 16:37:55
mbam-log-2012-05-19 (16-37-55).txt

Typ skanowania: Pełne skanowanie
Zaznaczone opcje skanowania: Pamięć | Rozruch | Rejestr | System plików | Heurystyka/Dodatkowe | Heuristyka/Shuriken | PUP | PUM
Odznaczone opcje skanowania: P2P
Przeskanowano obiektów: 380165
Upłynęło: 58 minut(y), 56 sekund(y)

Wykrytych procesów w pamięci: 0
(Nie znaleziono zagrożeń)

Wykrytych modułów w pamięci: 0
(Nie znaleziono zagrożeń)

Wykrytych kluczy rejestru: 0
(Nie znaleziono zagrożeń)

Wykrytych wartości rejestru: 0
(Nie znaleziono zagrożeń)

Wykryte wpisy rejestru systemowego: 0
(Nie znaleziono zagrożeń)

wykrytych folderów: 0
(Nie znaleziono zagrożeń)

Wykrytych plików: 0
(Nie znaleziono zagrożeń)

(zakończone)


[kominekl]

Log z usuwania w porządku . To wszystko .

[Czarodziejczarek]

Dziękuję. Pozdrawiam