13.07.2008, 18:53
Witam
wykonałem czynności podane dla kolegów z podobnym problemem i oto wyniki:
code
code
143
code
Proszę o podanie plików do usunięcia. Dziękuję
wykonałem czynności podane dla kolegów z podobnym problemem i oto wyniki:
code
Kod:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:20:34, on 2008-07-13
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAviraAntiVir PersonalEdition Classicsched.exe
C:Program Filesa-squared Anti-Malwarea2service.exe
C:Program FilesAviraAntiVir PersonalEdition Classicavguard.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:WINDOWSsystem32notepad.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = aboutblank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_02binssv.dll
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [avgnt] "C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe" /min
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ''USŁUGA LOKALNA'')
O4 - HKUSS-1-5-19..RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ''USŁUGA LOKALNA'')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ''USŁUGA SIECIOWA'')
O4 - HKUSS-1-5-20..RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ''USŁUGA SIECIOWA'')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ''SYSTEM'')
O4 - HKUSS-1-5-18..RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ''SYSTEM'')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ''Default user'')
O4 - HKUS.DEFAULT..RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ''Default user'')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:PROGRA~1MICROS~1Office12EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~1Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Filter: AutorunsDisabled - (no CLSID) - (no file)
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:Program Filesa-squared Anti-Malwarea2service.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:Program FilesAviraAntiVir PersonalEdition Classicsched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:Program FilesAviraAntiVir PersonalEdition Classicavguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:WINDOWSsystem32cisvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe
O24 - Desktop Component 0: (no name) - (no file)
--
End of file - 5540 bytes
code
Kod:
ComboFix 08-07-12.6 - Administrator 2008-07-13 19:21:49.2 - NTFSx86
Microsoft Windows XP Professional5.1.2600.2.1250.1.1045.18.52 [GMT 2:00]Running from: C:Documents and SettingsAdministratorPulpitComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((( Files Created from 2008-06-13 to 2008-07-13)))))))))))))))))))))))))))))))
.
2008-07-13 18:50 . 2008-07-13 18:50 <DIR> d-------- C:WINDOWSsystem32xircom
2008-07-13 18:50 . 2008-07-13 18:50 <DIR> d-------- C:WINDOWSsystem32oobe
2008-07-13 18:50 . 2008-07-13 18:50 <DIR> d-------- C:WINDOWSsrchasst
2008-07-13 18:50 . 2008-07-13 18:50 <DIR> d-------- C:WINDOWSmsagent
2008-07-13 18:50 . 2008-07-13 18:50 <DIR> d-------- C:Program Filesmicrosoft frontpage
2008-07-13 18:39 . 2008-07-13 18:40 <DIR> d-------- C:WINDOWSERUNT
2008-07-13 18:34 . 2008-07-13 18:56 <DIR> d-------- C:SDFix
2008-07-13 18:21 . 2008-07-13 18:21 <DIR> d-------- C:Program FilesTrend Micro
2008-07-13 13:10 . 2008-07-13 13:10 <DIR> d-------- C:Program FilesAvira
2008-07-13 13:10 . 2008-07-13 13:10 <DIR> d-------- C:Documents and SettingsAll UsersDane aplikacjiAvira
2008-07-09 21:20 . 2008-07-09 23:54 <DIR> d-------- C:Program Filesa-squared Anti-Malware
2008-07-09 20:39 . 2008-07-09 20:42 <DIR> d-------- C:Program FilesSkanerOnline
2008-06-26 08:50 . 2008-06-26 08:50 <DIR> d-------- C:WINDOWSSun
2008-06-22 20:48 . 2008-06-22 20:48 <DIR> d-------- C:Program FilesMicrosoft Works
2008-06-22 20:45 . 2008-06-22 20:45 <DIR> d-------- C:Program FilesMicrosoft.NET
2008-06-22 20:39 . 2008-06-22 20:39 <DIR> d-------- C:WINDOWSSHELLNEW
2008-06-22 20:38 . 2008-06-22 20:50 <DIR> d-------- C:Documents and SettingsAll UsersDane aplikacjiMicrosoft Help
2008-06-22 20:37 . 2008-06-22 20:37 <DIR> dr-h----- C:MSOCache
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-13 15:47 --------- d-----w C:Documents and SettingsAdministratorDane aplikacjiXnView
2008-07-13 14:41 --------- d-----w C:Program FilesDC++
2008-05-29 04:46 --------- d-----w C:Program FilesHaft Krzyzykowy
2008-05-24 16:23 --------- d-----w C:Program FilesNAPI-PROJEKT
2008-05-24 10:22 --------- d-----w C:Program FilesOdkurzacz
2008-05-23 21:34 --------- d-----w C:Program FilesURUSoft
2008-05-18 12:10 --------- d-----w C:Documents and SettingsAdministratorDane aplikacjiPanasonic
2008-05-18 08:12 --------- d--h--w C:Program FilesInstallShield Installation Information
2008-05-18 08:12 --------- d-----w C:Program FilesPanasonic
2008-05-18 08:10 --------- d-----w C:Program FilesCommon FilesInstallShield
2008-05-18 08:09 --------- d-----w C:Documents and SettingsAdministratorDane aplikacjiInstallShield
2008-05-18 08:08 --------- d-----w C:Program FilesISL
2008-05-04 19:48 524,288 -c--a-w C:WINDOWSsystem32DivXsm.exe
2008-05-04 18:58 22,782 -c--a-w C:WINDOWSsystem32UninstXviDDec.exe
2008-05-01 18:05 404,992 -c--a-w C:WINDOWSsystem32libmplayer.dll
2008-05-01 18:05 3,142,656 -c--a-w C:WINDOWSsystem32libavcodec.dll
2008-05-01 18:05 126,976 -c--a-w C:WINDOWSsystem32libmpeg2_ff.dll
2008-04-15 17:26 755,027 -c--a-w C:WINDOWSsystem32xvidcore.dll
2008-01-25 16:25 16,384 -csha-w C:WINDOWSsystem32configsystemprofileCookiesindex.dat
2008-01-25 16:25 16,384 -csha-w C:WINDOWSsystem32configsystemprofileUstawienia lokalneHistoriaHistory.IE5index.dat
2008-01-25 16:25 32,768 -csha-w C:WINDOWSsystem32configsystemprofileUstawienia lokalneTemporary Internet FilesContent.IE5index.dat
.
------- Sigcheck -------
2007-07-10 15:06642560ce594e18fe0d0af804f1f3694921ce62 C:WINDOWSsystem32user32.dll
2007-07-14 00:56814592ce7193c5f7c01b19768e066087c1c919 C:WINDOWSsystem32wininet.dll
2007-07-28 03:153605760fb6743e937c7bb248b2530a5a77abc6 C:WINDOWSsystem32driverstcpip.sys
2007-07-26 19:3020675845362d54a6925afdcbbba53b43ee65774 C:WINDOWSsystem32ntkrnlpa.exe
2007-07-26 19:3121904649899bb89856e3bd4ef13e11ccee49b71 C:WINDOWSsystem32ntoskrnl.exe
2007-07-14 00:4297484832f67215c57df2c401bf93b7ee65987f C:WINDOWSexplorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-07-13_18.31.33.31 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-13 15:35:04 2,048 --s-a-w C:WINDOWSbootstat.dat
+ 2008-07-13 16:50:22 2,048 --s-a-w C:WINDOWSbootstat.dat
+ 2008-07-13 04:11:01 163,328 ----a-w C:WINDOWSERUNTSDFIXERDNT.EXE
+ 2008-07-13 16:40:20 3,256,320 ----a-w C:WINDOWSERUNTSDFIXUsers[u]0[/u]0000001NTUSER.DAT
+ 2008-07-13 16:40:20 159,744 ----a-w C:WINDOWSERUNTSDFIXUsers[u]0[/u]0000002UsrClass.dat
+ 2008-07-13 04:11:01 163,328 ----a-w C:WINDOWSERUNTSDFIX_First_RunERDNT.EXE
+ 2008-07-13 16:40:09 3,256,320 ----a-w C:WINDOWSERUNTSDFIX_First_RunUsers[u]0[/u]0000001NTUSER.DAT
+ 2008-07-13 16:40:09 159,744 ----a-w C:WINDOWSERUNTSDFIX_First_RunUsers[u]0[/u]0000002UsrClass.dat
+ 2008-07-13 16:50:49 16,384 ----atw C:WINDOWSTempPerflib_Perfdata_5c8.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"ctfmon.exe"="C:WINDOWSsystem32ctfmon.exe" [2004-08-04 02:44 15360]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"avgnt"="C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe" [2008-02-12 10:06 262401]
"SoundMan"="SOUNDMAN.EXE" [2002-09-11 04:57 46592 C:WINDOWSSOUNDMAN.EXE]
[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
"CTFMON.EXE"="C:WINDOWSsystem32CTFMON.EXE" [2004-08-04 02:44 15360]
[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
"nltide_2"="shell32" [X]
C:Documents and SettingsAll UsersMenu StartProgramyAutostartAutorunsDisabled
Adobe Reader Speed Launch.lnk - C:Program FilesAdobeReader 8.0Readerreader_sl.exe [2006-10-23 03:48:00 40048]
Adobe Reader Synchronizer.lnk - C:Program FilesAdobeReader 8.0ReaderAdobeCollabSync.exe [2006-10-23 02:01:00 734872]
LUMIX Simple Viewer.lnk - C:Program FilesPanasonicLUMIXSimpleViewerPhLeAutoRun.exe [2008-05-18 10:10:21 63696]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
"DisableStatusMessages"= 1 (0x1)
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
[HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
"vidc.i420"= i263_32.drv
"vidc.DIV3"= DivXc32.dll
"msacm.divxa32"= DivXa32.acm
[HKLM~startupfolder^ExpressivoCfg.xml]
path=ExpressivoCfg.xml
backup=C:WINDOWSpssExpressivoCfg.xmlCommon Startup
[HKLM~startupfolder^ExpressivoDictionary.xml]
path=ExpressivoDictionary.xml
backup=C:WINDOWSpssExpressivoDictionary.xmlCommon Startup
[HKLM~startupfolder^Slownik dla Expressivo - info.txt]
path=Slownik dla Expressivo - info.txt
backup=C:WINDOWSpssSlownik dla Expressivo - info.txtCommon Startup
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartuprega-squared]
--a------ 2008-07-09 22:26 2132112 C:Program Filesa-squared Anti-Malwarea2guard.exe
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregavast!]
--a------ 2008-05-16 01:19 79224 C:PROGRA~1ALWILS~1Avast4ashDisp.exe
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"=
"C:\WINDOWS\system32\sessmgr.exe"=
R1 aswSP;avast! Self Protection;C:WINDOWSsystem32driversaswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2008-05-16 01:16]
S3 USBSTOR;Sterownik magazynu masowego USB;C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-04 00:08]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled componentsAutorunsDisabled{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:Program FilesCommon FilesLightScribeLSRunOnce.exe"
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-13 19:24:55
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-07-13 19:28:51
ComboFix-quarantined-files.txt2008-07-13 17:28:24
ComboFix2.txt2008-07-13 16:32:58
Pre-Run: 4,506,873,856 bajtów wolnych
Post-Run: 4,499,472,384 bajtów wolnych
143
code
Kod:
[b]SDFix: Version 1.205 [/b]
Run by Administrator on 2008-07-13 at 18:43
Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-13 18:54:18
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg]
"s1"=dword:7bc3b3a6
"s2"=dword:48e37883
"h0"=dword:00000001
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA4]
"p0"="C:Program FilesDAEMON Tools"
"h0"=dword:00000000
"khjeh"=hex:00,21,51,5e,55,f6,42,43,ff,d8,cf,27,22,19,ec,80,be,3c,4d,22,3d,..
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,e8,e6,25,a5,09,f2,29,e4,60,76,68,ab,8c,79,f5,4c,ee,..
"khjeh"=hex:dd,ce,c8,4c,7d,20,82,a0,6b,f8,75,d9,7a,ca,1d,9e,29,42,ce,a1,bc,..
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:3b,02,c2,62,bf,31,3d,b3,7b,2e,d4,ea,80,58,ee,e3,5e,c4,8d,b7,ae,..
[HKEY_LOCAL_MACHINESYSTEMControlSet002ServicessptdCfg19659239224E364682FA4BAF72C53EA4]
"p0"="C:Program FilesDAEMON Tools"
"h0"=dword:00000000
"khjeh"=hex:00,21,51,5e,55,f6,42,43,ff,d8,cf,27,22,19,ec,80,be,3c,4d,22,3d,..
[HKEY_LOCAL_MACHINESYSTEMControlSet002ServicessptdCfg19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,e8,e6,25,a5,09,f2,29,e4,60,76,68,ab,8c,79,f5,4c,ee,..
"khjeh"=hex:dd,ce,c8,4c,7d,20,82,a0,6b,f8,75,d9,7a,ca,1d,9e,29,42,ce,a1,bc,..
[HKEY_LOCAL_MACHINESYSTEMControlSet002ServicessptdCfg19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:3b,02,c2,62,bf,31,3d,b3,7b,2e,d4,ea,80,58,ee,e3,5e,c4,8d,b7,ae,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
[b]Finished![/b]
Proszę o podanie plików do usunięcia. Dziękuję