harisonn utworzono 28 sierpnia 2010 utworzono 28 sierpnia 2010 Witam! Wszystko było wcześniej w porządku, a przed godzinką próbuję otworzyć dysk i wyskakuje otwórz za pomocą:. Informuję iż wczoraj i dzisiaj używałem pendriva. Nie działa otworzenie dysku ani kliknięciem ekspolruj, otwórz. Logi z OTL (combofix nie działa na moim systemie[WIndows MX 8]): Otl [url="http://wklej.org/id/382297/"]Mój odnośnik[/url] Extras [url="http://wklej.org/id/382299/"]Mój odnośnik[/url] Proszę o pomoc Z góry dziękuję Pozdrawiam Harisonn
Sohei komentarz 28 sierpnia 2010 komentarz 28 sierpnia 2010 w 1 kolejności podłącz wszystkie pamięci przenośne do komputera i użyj narzędzia flash desinfector po czym daj nowe logi z OTL
harisonn komentarz 29 sierpnia 2010 Autor komentarz 29 sierpnia 2010 (edytowane) Logi OTL OTL.exe [log]OTL logfile created on: 2010-08-29 11:51:46 - Run 2 OTL by OldTimer - Version 3.2.10.0 Folder = E:\Documents and Settings\Administrator\Moje dokumenty\Pobrane Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 023,00 Mb Total Physical Memory | 432,00 Mb Available Physical Memory | 42,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): E:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files Drive C: | 29,30 Gb Total Space | 2,23 Gb Free Space | 7,61% Space Free | Partition Type: NTFS Drive D: | 82,04 Gb Total Space | 80,33 Gb Free Space | 97,92% Space Free | Partition Type: NTFS Drive E: | 59,96 Gb Total Space | 4,99 Gb Free Space | 8,32% Space Free | Partition Type: NTFS Drive F: | 959,13 Mb Total Space | 895,03 Mb Free Space | 93,32% Space Free | Partition Type: FAT G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MX8PC Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-08-28 19:24:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Administrator\Moje dokumenty\Pobrane\OTL.exe PRC - [2010-08-27 20:46:42 | 000,163,908 | ---- | M] (NVIDIA Corporation) -- E:\WINDOWS\system32\nvsvc32.exe PRC - [2010-08-27 20:33:59 | 017,567,744 | ---- | M] (Realtek Semiconductor Corp.) -- E:\WINDOWS\RTHDCPL.EXE PRC - [2010-08-27 19:28:53 | 000,289,072 | ---- | M] (BitTorrent, Inc.) -- E:\program files\uTorrent\uTorrent.exe PRC - [2010-08-27 19:26:13 | 000,723,632 | ---- | M] (COMODO) -- E:\program files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2010-08-27 19:26:12 | 001,799,952 | ---- | M] (COMODO) -- E:\program files\COMODO\COMODO Internet Security\cfp.exe PRC - [2010-07-22 01:24:16 | 012,477,024 | ---- | M] (GG Network S.A.) -- E:\program files\Gadu-Gadu 10\gg.exe PRC - [2010-06-21 10:23:58 | 016,218,112 | ---- | M] (Redefine Sp z o.o.) -- E:\program files\ipla\ipla.exe PRC - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- E:\program files\PC Connectivity Solution\ServiceLayer.exe PRC - [2010-06-07 13:51:24 | 000,138,752 | ---- | M] (Nokia) -- E:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2010-05-14 10:32:30 | 001,479,680 | ---- | M] (Nokia) -- D:\NokiaPCsuite\Nokia PC Suite 7\PCSuite.exe PRC - [2009-10-27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- E:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2009-08-28 13:13:02 | 000,832,808 | ---- | M] (Opera Software) -- E:\program files\Opera\opera.exe PRC - [2009-07-05 01:07:33 | 000,111,104 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\services.exe PRC - [2009-06-27 17:16:26 | 003,642,368 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe PRC - [2008-04-15 00:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\winlogon.exe PRC - [2008-04-15 00:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-15 00:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\smss.exe PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-15 00:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\rundll32.exe PRC - [2008-04-15 00:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\lsass.exe PRC - [2008-04-15 00:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\csrss.exe PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- E:\program files\RocketDock\RocketDock.exe PRC - [2004-01-26 12:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- E:\program files\Thomson\SpeedTouch USB\dragdiag.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-08-28 19:24:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Administrator\Moje dokumenty\Pobrane\OTL.exe MOD - [2010-08-27 19:26:13 | 000,179,792 | ---- | M] (COMODO) -- E:\WINDOWS\system32\guard32.dll MOD - [2009-07-05 15:23:12 | 025,167,872 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\shell32.dll MOD - [2009-07-05 02:18:13 | 000,219,648 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\uxtheme.dll MOD - [2009-07-05 01:07:33 | 000,056,832 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\secur32.dll MOD - [2009-07-05 01:06:31 | 001,020,416 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\kernel32.dll MOD - [2009-07-05 01:06:28 | 000,286,720 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\gdi32.dll MOD - [2009-07-05 01:04:52 | 000,686,592 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\advapi32.dll MOD - [2009-06-09 02:47:53 | 000,631,808 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\user32.dll MOD - [2009-06-09 01:53:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\shlwapi.dll MOD - [2009-02-09 17:00:17 | 000,723,456 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\ntdll.dll MOD - [2008-04-15 00:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\winspool.drv MOD - [2008-04-15 00:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\userenv.dll MOD - [2008-04-15 00:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\wldap32.dll MOD - [2008-04-15 00:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\srclient.dll MOD - [2008-04-15 00:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\version.dll MOD - [2008-04-15 00:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\setupapi.dll MOD - [2008-04-15 00:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\ole32.dll MOD - [2008-04-15 00:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-15 00:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-15 00:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\olepro32.dll MOD - [2008-04-15 00:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\samlib.dll MOD - [2008-04-15 00:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\psapi.dll MOD - [2008-04-15 00:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-15 00:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-15 00:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\imm32.dll MOD - [2008-04-15 00:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-15 00:50:32 | 000,016,896 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\fltlib.dll MOD - [2008-04-15 00:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\comres.dll MOD - [2008-04-15 00:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-15 00:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-15 00:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\msscript.ocx MOD - [2008-04-15 00:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\MSCTFIME.IME MOD - [2008-04-15 00:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- E:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- E:\program files\RocketDock\RocketDock.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- E:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- E:\WINDOWS\System32\alg.exe -- (ALG) SRV - [2010-08-27 19:26:13 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- E:\program files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- E:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-08-27 20:46:39 | 006,280,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-08-27 20:33:59 | 005,056,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2010-08-27 19:26:13 | 000,132,296 | ---- | M] (COMODO) [File_System | System | Running] -- E:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard) DRV - [2010-08-27 19:26:13 | 000,087,104 | ---- | M] (COMODO) [Kernel | Boot | Running] -- E:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect) DRV - [2010-08-27 19:26:13 | 000,025,160 | ---- | M] (COMODO) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-07-05 02:19:05 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- E:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2009-07-04 23:08:24 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-04-14 00:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2003-12-08 12:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) DRV - [2003-12-08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) DRV - [2000-03-29 16:17:42 | 000,005,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\ASUSHWIO.SYS -- (Asushwio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - E:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [COMODO Internet Security] E:\program files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [NvCplDaemon] E:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] E:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] File not found O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] E:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium) O4 - HKCU..\Run: [Gadu-Gadu 10] E:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [IPLA!] E:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKCU..\Run: [kamsoft] E:\WINDOWS\System32\kamsoft.exe File not found O4 - HKCU..\Run: [PC Suite Tray] D:\NokiaPCsuite\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKCU..\Run: [RocketDock] E:\program files\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [TransBar] E:\WINDOWS\TransBar.exe (AKSoftware) O4 - HKCU..\Run: [uTorrent] E:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O20 - AppInit_DLLs: (E:\WINDOWS\system32\guard32.dll) - E:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home O24 - Desktop WallPaper: E:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: E:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-11-26 16:55:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-08-28 13:35:21 | 000,000,465 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-08-28 13:35:21 | 000,000,465 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-08-28 13:35:21 | 000,000,465 | RHS- | M] () - E:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-08-28 13:35:22 | 000,000,465 | RHS- | M] () - F:\autorun.inf -- [ FAT ] O33 - MountPoints2\{8a5645de-b1fd-11df-b358-00138fa476e1}\Shell\AutoRun\command - "" = L:\m9ma.exe -- File not found O33 - MountPoints2\{8a5645de-b1fd-11df-b358-00138fa476e1}\Shell\explore\Command - "" = L:\m9ma.exe -- File not found O33 - MountPoints2\{8a5645de-b1fd-11df-b358-00138fa476e1}\Shell\open\Command - "" = L:\m9ma.exe -- File not found O33 - MountPoints2\{e52d9f00-b1fd-11df-8835-806d6172696f}\Shell\AutoRun\command - "" = m9ma.exe O33 - MountPoints2\{e52d9f00-b1fd-11df-8835-806d6172696f}\Shell\explore\Command - "" = m9ma.exe O33 - MountPoints2\{e52d9f00-b1fd-11df-8835-806d6172696f}\Shell\open\Command - "" = m9ma.exe O33 - MountPoints2\{e52d9f05-b1fd-11df-8835-806d6172696f}\Shell\AutoRun\command - "" = m9ma.exe O33 - MountPoints2\{e52d9f05-b1fd-11df-8835-806d6172696f}\Shell\explore\Command - "" = m9ma.exe O33 - MountPoints2\{e52d9f05-b1fd-11df-8835-806d6172696f}\Shell\open\Command - "" = m9ma.exe O33 - MountPoints2\{e52d9f07-b1fd-11df-8835-806d6172696f}\Shell\AutoRun\command - "" = m9ma.exe O33 - MountPoints2\{e52d9f07-b1fd-11df-8835-806d6172696f}\Shell\explore\Command - "" = m9ma.exe O33 - MountPoints2\{e52d9f07-b1fd-11df-8835-806d6172696f}\Shell\open\Command - "" = m9ma.exe O33 - MountPoints2\C\Shell\AutoRun\command - "" = C:\m9ma.exe -- File not found O33 - MountPoints2\C\Shell\explore\Command - "" = C:\m9ma.exe -- File not found O33 - MountPoints2\C\Shell\open\Command - "" = C:\m9ma.exe -- File not found O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\m9ma.exe -- File not found O33 - MountPoints2\D\Shell\explore\Command - "" = D:\m9ma.exe -- File not found O33 - MountPoints2\D\Shell\open\Command - "" = D:\m9ma.exe -- File not found O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\m9ma.exe -- File not found O33 - MountPoints2\E\Shell\explore\Command - "" = E:\m9ma.exe -- File not found O33 - MountPoints2\E\Shell\open\Command - "" = E:\m9ma.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - E:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-08-28 19:21:52 | 000,000,000 | R--D | C] -- E:\32788R22FWJFW [2010-08-28 18:59:23 | 000,000,000 | -HSD | C] -- E:\Documents and Settings\Administrator\Recent [2010-08-28 18:49:26 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\COMODO [2010-08-28 12:25:20 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\LogFiles [2010-08-28 12:22:54 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\PC Suite [2010-08-28 12:22:47 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\Nokia [2010-08-28 12:22:46 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2010-08-28 12:22:10 | 000,000,000 | ---D | C] -- E:\program files\Common Files\PCSuite [2010-08-28 12:22:05 | 000,000,000 | ---D | C] -- E:\program files\Common Files\Nokia [2010-08-28 12:21:53 | 000,000,000 | ---D | C] -- E:\program files\DIFX [2010-08-28 12:21:51 | 000,018,816 | ---- | C] (Nokia) -- E:\WINDOWS\System32\drivers\pccsmcfd.sys [2010-08-28 12:20:25 | 000,000,000 | ---D | C] -- E:\program files\PC Connectivity Solution [2010-08-28 12:20:15 | 000,008,192 | ---- | C] (Nokia) -- E:\WINDOWS\System32\drivers\usbser_lowerflt.sys [2010-08-28 12:20:13 | 000,022,528 | ---- | C] (Nokia) -- E:\WINDOWS\System32\drivers\ccdcmbo.sys [2010-08-28 12:20:12 | 000,662,016 | ---- | C] (Nokia) -- E:\WINDOWS\System32\nmwcdcocls.dll [2010-08-28 12:20:12 | 000,018,176 | ---- | C] (Nokia) -- E:\WINDOWS\System32\drivers\ccdcmb.sys [2010-08-28 12:20:12 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\DRVSTORE [2010-08-28 12:20:07 | 000,092,672 | ---- | C] (Nokia) -- E:\WINDOWS\System32\nmwcdcls.dll [2010-08-28 12:18:12 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-08-28 10:24:50 | 000,000,000 | ---D | C] -- E:\program files\Tibia [2010-08-28 09:59:31 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PMB Files [2010-08-28 09:59:26 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2010-08-28 09:58:18 | 000,000,000 | ---D | C] -- E:\program files\Pando Networks [2010-08-28 09:08:28 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\dvdcss [2010-08-27 21:00:56 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Moje dokumenty\Pobrane [2010-08-27 20:55:52 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-08-27 20:55:52 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\ipla [2010-08-27 20:55:44 | 000,000,000 | ---D | C] -- E:\program files\ipla [2010-08-27 20:52:41 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\cache [2010-08-27 20:51:02 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10 [2010-08-27 20:50:25 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-08-27 20:49:44 | 000,000,000 | ---D | C] -- E:\program files\Gadu-Gadu 10 [2010-08-27 20:47:46 | 000,000,000 | ---D | C] -- E:\WINDOWS\nview [2010-08-27 20:46:46 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\ReinstallBackups [2010-08-27 20:36:35 | 000,000,000 | --SD | C] -- E:\Documents and Settings\All Users\Dokumenty\Wideo [2010-08-27 20:36:35 | 000,000,000 | --SD | C] -- E:\Documents and Settings\Administrator\Moje dokumenty\Wideo [2010-08-27 20:35:45 | 000,000,000 | R--D | C] -- E:\Documents and Settings\All Users\Dokumenty\Muzyka [2010-08-27 20:34:39 | 000,000,000 | R--D | C] -- E:\Documents and Settings\All Users\Menu Start [2010-08-27 20:34:39 | 000,000,000 | R--D | C] -- E:\Documents and Settings\All Users\Dokumenty [2010-08-27 20:34:39 | 000,000,000 | -H-D | C] -- E:\Documents and Settings\All Users\Szablony [2010-08-27 20:34:39 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Ulubione [2010-08-27 20:34:39 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Pulpit [2010-08-27 20:33:37 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\Macromedia [2010-08-27 20:33:36 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\Adobe [2010-08-27 20:32:40 | 000,000,000 | --SD | C] -- E:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2010-08-27 20:32:40 | 000,000,000 | RH-D | C] -- E:\Documents and Settings\All Users\Dane aplikacji [2010-08-27 20:29:46 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\Lang [2010-08-27 20:18:26 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\RTCOM [2010-08-27 20:18:02 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- E:\WINDOWS\ALCWZRD.EXE [2010-08-27 20:18:01 | 000,000,000 | ---D | C] -- E:\program files\Realtek [2010-08-27 20:10:51 | 000,000,000 | ---D | C] -- E:\WINDOWS\CSC [2010-08-27 19:46:19 | 000,070,688 | ---- | C] (THOMSON) -- E:\WINDOWS\System32\drivers\alcaudsl.sys [2010-08-27 19:46:19 | 000,053,600 | ---- | C] (THOMSON) -- E:\WINDOWS\System32\drivers\alcan5wn.sys [2010-08-27 19:46:19 | 000,005,280 | ---- | C] (THOMSON) -- E:\WINDOWS\System32\drivers\alcawh.sys [2010-08-27 19:46:19 | 000,003,968 | ---- | C] (THOMSON) -- E:\WINDOWS\System32\drivers\alcacr.sys [2010-08-27 19:37:39 | 000,000,000 | -H-D | C] -- E:\program files\InstallShield Installation Information [2010-08-27 19:37:39 | 000,000,000 | ---D | C] -- E:\program files\Thomson [2010-08-27 19:37:32 | 000,000,000 | ---D | C] -- E:\program files\Common Files\InstallShield [2010-08-27 19:35:46 | 000,081,408 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- E:\WINDOWS\System32\devcon_x64.exe [2010-08-27 19:35:44 | 000,000,000 | ---D | C] -- E:\program files\Driver Checker [2010-08-27 19:35:33 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\WinRAR [2010-08-27 19:29:46 | 000,000,000 | ---D | C] -- E:\program files\K-Lite Codec Pack [2010-08-27 19:28:53 | 000,000,000 | ---D | C] -- E:\program files\uTorrent [2010-08-27 19:28:44 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\uTorrent [2010-08-27 19:28:10 | 000,000,000 | ---D | C] -- E:\program files\NAPI-PROJEKT [2010-08-27 19:27:36 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Opera [2010-08-27 19:27:36 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\Opera [2010-08-27 19:27:26 | 000,000,000 | ---D | C] -- E:\program files\Opera [2010-08-27 19:26:18 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\Comodo [2010-08-27 19:26:13 | 000,000,000 | ---D | C] -- E:\program files\COMODO [2010-08-27 19:25:42 | 000,000,000 | -HSD | C] -- E:\Documents and Settings\Administrator\PrivacIE [2010-08-27 19:25:31 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google [2010-08-27 19:25:26 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\vlc [2010-08-27 19:24:49 | 000,000,000 | ---D | C] -- E:\program files\VideoLAN [2010-08-27 19:23:40 | 000,000,000 | -HSD | C] -- E:\WINDOWS\Installer [2010-08-27 19:23:38 | 000,000,000 | ---D | C] -- E:\program files\Common Files\ODBC [2010-08-27 19:23:34 | 000,000,000 | ---D | C] -- E:\program files\Common Files\SpeechEngines [2010-08-27 19:23:33 | 000,000,000 | ---D | C] -- E:\program files\Common Files\Microsoft Shared [2010-08-27 19:23:33 | 000,000,000 | ---D | C] -- E:\program files\Common Files [2010-08-27 19:22:05 | 000,000,000 | ---D | C] -- E:\program files\RocketDock [2010-08-27 19:21:47 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\BESTplayer [2010-08-27 19:21:22 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\CatRoot2 [2010-08-27 19:21:22 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\CatRoot [2010-08-27 19:20:46 | 000,000,000 | ---D | C] -- E:\Documents and Settings [2010-08-27 19:19:48 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\Tibia [2010-08-27 19:11:36 | 000,000,000 | --SD | C] -- E:\WINDOWS\Offline Web Pages [2010-08-27 19:11:36 | 000,000,000 | --SD | C] -- E:\WINDOWS\Downloaded Program Files [2010-08-27 19:11:36 | 000,000,000 | R-SD | C] -- E:\WINDOWS\Fonts [2010-08-27 19:11:36 | 000,000,000 | R--D | C] -- E:\WINDOWS\Web [2010-08-27 19:11:36 | 000,000,000 | -H-D | C] -- E:\WINDOWS\inf [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\WinSxS [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\wins [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\WBEM [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\wbem [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\usmt [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\drivers\UMDF [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\twain_32 [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\Temp [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\system32 [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\system [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\spool [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\ShellExt [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\Setup [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\security [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\Resources [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\repair [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\ras [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\Provisioning [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\pl-pl [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\pl [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\PeerNet [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\pchealth [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\npp [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\NLDRV [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\Network Diagnostic [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\mui [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\mui [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\msapps [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\Media [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\L2Schemas [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\java [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\inetsrv [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\IME [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\ime [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\icsxml [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\ias [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\Help [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\export [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\drivers\etc [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\ehome [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\drivers [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\Driver Cache [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\drivers\disdn [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\dhcp [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\Debug [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\Cursors [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\Connection Wizard [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\config [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\Config [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\AppPatch [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\addins [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\3com_dmi [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\3076 [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\2052 [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\1054 [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\1045 [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\1042 [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\1041 [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\1037 [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\1033 [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\1031 [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\1028 [2010-08-27 19:11:36 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\1025 [2010-08-27 19:07:24 | 000,000,000 | -HSD | C] -- E:\Documents and Settings\Administrator\IETldCache [2010-08-27 19:07:02 | 000,000,000 | --SD | C] -- E:\Documents and Settings\Administrator\Moje dokumenty\Muzyka [2010-08-27 19:07:02 | 000,000,000 | -H-D | C] -- E:\program files\Uninstall Information [2010-08-27 19:07:01 | 000,000,000 | --SD | C] -- E:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy [2010-08-27 19:06:42 | 000,000,000 | --SD | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\Microsoft [2010-08-27 19:06:42 | 000,000,000 | RH-D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji [2010-08-27 19:06:42 | 000,000,000 | -HSD | C] -- E:\Documents and Settings\Administrator\Cookies [2010-08-27 19:06:42 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\Sun [2010-08-27 19:06:42 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Dane aplikacji\Foxit [2010-08-27 19:06:41 | 000,000,000 | --SD | C] -- E:\Documents and Settings\Administrator\Ulubione [2010-08-27 19:06:41 | 000,000,000 | --SD | C] -- E:\Documents and Settings\Administrator\Moje dokumenty [2010-08-27 19:06:41 | 000,000,000 | --SD | C] -- E:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-08-27 19:06:41 | 000,000,000 | RH-D | C] -- E:\Documents and Settings\Administrator\SendTo [2010-08-27 19:06:41 | 000,000,000 | R--D | C] -- E:\Documents and Settings\Administrator\Menu Start [2010-08-27 19:06:41 | 000,000,000 | -H-D | C] -- E:\Documents and Settings\Administrator\Ustawienia lokalne [2010-08-27 19:06:41 | 000,000,000 | -H-D | C] -- E:\Documents and Settings\Administrator\Szablony [2010-08-27 19:06:41 | 000,000,000 | -H-D | C] -- E:\Documents and Settings\Administrator\PrintHood [2010-08-27 19:06:41 | 000,000,000 | -H-D | C] -- E:\Documents and Settings\Administrator\NetHood [2010-08-27 19:06:41 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\RarSFX0 [2010-08-27 19:06:41 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Administrator\Pulpit [2010-08-27 19:06:32 | 000,000,000 | ---D | C] -- E:\WINDOWS\Prefetch [2010-08-27 19:06:25 | 000,000,000 | --SD | C] -- E:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-08-27 19:06:25 | 000,000,000 | --SD | C] -- E:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2010-08-27 19:00:30 | 000,000,000 | --SD | C] -- E:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-08-27 19:00:30 | 000,000,000 | --SD | C] -- E:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2010-08-27 19:00:10 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\XPSViewer [2010-08-27 19:00:09 | 000,000,000 | ---D | C] -- E:\program files\MSBuild [2010-08-27 19:00:09 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\en-US [2010-08-27 19:00:06 | 000,000,000 | ---D | C] -- E:\program files\Reference Assemblies [2010-08-27 18:53:19 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\dllcache [2010-08-27 18:52:36 | 000,000,000 | -HSD | C] -- E:\Documents and Settings\All Users\DRM [2010-08-27 18:52:15 | 000,000,000 | R--D | C] -- E:\Documents and Settings\All Users\Dokumenty\Obrazy [2010-08-27 18:49:56 | 000,000,000 | ---D | C] -- E:\WINDOWS\Registration [2010-08-27 18:29:49 | 000,000,000 | R-SD | C] -- E:\WINDOWS\assembly [2010-08-27 18:29:49 | 000,000,000 | ---D | C] -- E:\WINDOWS\Microsoft.NET [2010-08-27 18:29:48 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\URTTemp [2010-08-27 18:28:38 | 000,000,000 | ---D | C] -- E:\program files\WinRAR [2010-08-27 18:28:37 | 000,065,536 | ---- | C] (AKSoftware) -- E:\WINDOWS\TransBar.exe [2010-08-27 18:28:13 | 000,000,000 | -H-D | C] -- E:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ [2010-08-27 18:28:04 | 000,000,000 | ---D | C] -- E:\97f604ede8417a0d162464efb2934401 [2010-08-27 18:28:01 | 000,000,000 | ---D | C] -- E:\program files\Alky for Applications [2010-08-27 18:27:52 | 000,000,000 | --SD | C] -- E:\WINDOWS\System32\Microsoft [2010-08-27 18:27:38 | 000,000,000 | ---D | C] -- E:\program files\Java [2010-08-27 18:27:23 | 000,000,000 | ---D | C] -- E:\program files\Foxit Software [2010-08-27 18:27:10 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\Adobe [2010-08-27 18:27:01 | 000,031,232 | ---- | C] (NirSoft) -- E:\WINDOWS\nircmd.exe [2010-08-27 18:24:21 | 000,000,000 | ---D | C] -- E:\program files\Usługi online [2010-08-27 18:23:51 | 000,000,000 | ---D | C] -- E:\program files\Common Files\Services [2010-08-27 18:23:48 | 000,000,000 | --SD | C] -- E:\WINDOWS\Tasks [2010-08-27 18:23:46 | 000,000,000 | ---D | C] -- E:\program files\Common Files\MSSoap [2010-08-27 18:23:39 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\Macromed [2010-08-27 18:23:32 | 000,000,000 | ---D | C] -- E:\program files\Movie Maker [2010-08-27 17:39:28 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\Restore [2010-08-27 17:39:23 | 000,000,000 | ---D | C] -- E:\program files\Outlook Express [2010-08-27 17:39:15 | 000,000,000 | ---D | C] -- E:\program files\Common Files\System [2010-08-27 17:39:13 | 000,000,000 | ---D | C] -- E:\program files\Internet Explorer [2010-08-27 17:38:22 | 000,000,000 | ---D | C] -- E:\program files\ComPlus Applications [2010-08-27 17:34:09 | 000,000,000 | ---D | C] -- E:\program files\VistaExperience.org [2010-08-27 17:30:57 | 000,000,000 | ---D | C] -- E:\program files\Windows Sidebar [2010-08-27 17:30:45 | 000,000,000 | ---D | C] -- E:\program files\Windows Media Connect 2 [2010-08-27 17:30:44 | 000,000,000 | ---D | C] -- E:\program files\Windows Media Player [2010-08-27 17:30:26 | 000,000,000 | ---D | C] -- E:\program files\Windows NT [2010-08-27 17:30:20 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\MsDtc [2010-08-27 17:30:18 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\Com [2010-07-01 09:22:11 | 000,000,000 | ---D | C] -- E:\EasyMetin2 [1 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-08-29 11:54:52 | 000,002,634 | ---- | M] () -- E:\WINDOWS\Ascd_tmp.ini [2010-08-29 11:51:02 | 000,509,024 | ---- | M] () -- E:\WINDOWS\System32\drivers\sfi.dat [2010-08-29 11:35:30 | 001,488,926 | ---- | M] () -- E:\WINDOWS\System32\PerfStringBackup.INI [2010-08-29 11:35:30 | 000,655,618 | ---- | M] () -- E:\WINDOWS\System32\perfh015.dat [2010-08-29 11:35:30 | 000,581,292 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat [2010-08-29 11:35:30 | 000,130,426 | ---- | M] () -- E:\WINDOWS\System32\perfc015.dat [2010-08-29 11:35:30 | 000,102,754 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat [2010-08-29 11:31:23 | 000,000,006 | -H-- | M] () -- E:\WINDOWS\tasks\SA.DAT [2010-08-29 11:31:16 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat [2010-08-28 22:04:49 | 001,572,864 | -H-- | M] () -- E:\Documents and Settings\Administrator\NTUSER.DAT [2010-08-28 22:04:33 | 003,225,740 | -H-- | M] () -- E:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-08-28 19:41:18 | 000,003,378 | ---- | M] () -- E:\WINDOWS\System32\NOTEPAD.ini [2010-08-28 18:53:28 | 000,001,854 | ---- | M] () -- E:\Documents and Settings\Administrator\Pulpit\FIX.REG [2010-08-28 13:35:21 | 000,000,465 | RHS- | M] () -- E:\autorun.inf [2010-08-28 12:25:38 | 000,000,000 | -H-- | M] () -- E:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf [2010-08-28 12:25:27 | 000,000,000 | -H-- | M] () -- E:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf [2010-08-28 12:24:07 | 000,000,000 | -H-- | M] () -- E:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2010-08-28 12:24:05 | 000,000,000 | -H-- | M] () -- E:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2010-08-28 12:24:04 | 000,001,374 | ---- | M] () -- E:\WINDOWS\imsins.BAK [2010-08-28 12:22:13 | 000,001,567 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk [2010-08-27 20:56:41 | 000,000,188 | -HS- | M] () -- E:\Documents and Settings\Administrator\ntuser.ini [2010-08-27 20:55:49 | 000,000,632 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-08-27 20:51:06 | 000,001,324 | ---- | M] () -- E:\WINDOWS\System32\d3d9caps.dat [2010-08-27 20:50:25 | 000,000,797 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2010-08-27 20:50:25 | 000,000,768 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-08-27 20:35:12 | 000,000,231 | ---- | M] () -- E:\WINDOWS\system.ini [2010-08-27 20:34:03 | 000,061,440 | ---- | M] () -- E:\WINDOWS\System32\vuins32.dll [2010-08-27 20:33:58 | 002,808,832 | ---- | M] (RealTek Semicoductor Corp.) -- E:\WINDOWS\ALCWZRD.EXE [2010-08-27 20:29:55 | 000,940,794 | ---- | M] () -- E:\WINDOWS\System32\LoopyMusic.wav [2010-08-27 20:29:55 | 000,146,650 | ---- | M] () -- E:\WINDOWS\System32\BuzzingBee.wav [2010-08-27 19:52:48 | 000,012,104 | ---- | M] () -- E:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-08-27 19:51:56 | 000,108,600 | ---- | M] () -- E:\WINDOWS\System32\FNTCACHE.DAT [2010-08-27 19:49:15 | 000,008,192 | ---- | M] () -- E:\WINDOWS\REGLOCS.OLD [2010-08-27 19:46:23 | 000,001,656 | ---- | M] () -- E:\Documents and Settings\Administrator\Pulpit\SpeedTouch Dial-up.lnk [2010-08-27 19:37:07 | 000,000,042 | ---- | M] () -- E:\WINDOWS\System32\DriverChecker.lie [2010-08-27 19:23:45 | 000,004,444 | ---- | M] () -- E:\WINDOWS\System32\pid.PNF [2010-08-27 19:06:30 | 000,002,184 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl [2010-08-27 19:05:01 | 000,001,195 | ---- | M] () -- E:\WINDOWS\System32\$winnt$.inf [2010-08-27 18:54:07 | 000,002,596 | ---- | M] () -- E:\WINDOWS\System32\CONFIG.NT [2010-08-27 18:54:04 | 000,000,507 | ---- | M] () -- E:\WINDOWS\win.ini [2010-08-27 18:53:58 | 000,023,392 | ---- | M] () -- E:\WINDOWS\System32\nscompat.tlb [2010-08-27 18:53:58 | 000,016,832 | ---- | M] () -- E:\WINDOWS\System32\amcompat.tlb [2010-08-27 18:53:20 | 000,004,293 | ---- | M] () -- E:\WINDOWS\ODBCINST.INI [2010-08-27 18:52:21 | 000,000,488 | RH-- | M] () -- E:\WINDOWS\System32\WindowsLogon.manifest [2010-08-27 18:52:21 | 000,000,488 | RH-- | M] () -- E:\WINDOWS\System32\logonui.exe.manifest [2010-08-27 18:52:15 | 000,000,749 | RH-- | M] () -- E:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-08-27 18:52:15 | 000,000,749 | RH-- | M] () -- E:\WINDOWS\WindowsShell.Manifest [2010-08-27 18:52:15 | 000,000,749 | RH-- | M] () -- E:\WINDOWS\System32\sapi.cpl.manifest [2010-08-27 18:52:15 | 000,000,749 | RH-- | M] () -- E:\WINDOWS\System32\nwc.cpl.manifest [2010-08-27 18:52:15 | 000,000,749 | RH-- | M] () -- E:\WINDOWS\System32\ncpa.cpl.manifest [2010-08-27 18:52:15 | 000,000,749 | RH-- | M] () -- E:\WINDOWS\System32\cdplayer.exe.manifest [2010-08-27 18:50:12 | 000,021,856 | ---- | M] () -- E:\WINDOWS\System32\emptyregdb.dat [2010-08-27 18:26:44 | 000,000,000 | ---- | M] () -- E:\WINDOWS\control.ini [2010-08-27 18:26:34 | 000,316,640 | ---- | M] () -- E:\WINDOWS\WMSysPr9.prx [2010-08-27 17:38:18 | 000,000,037 | ---- | M] () -- E:\WINDOWS\vbaddin.ini [2010-08-27 17:38:18 | 000,000,036 | ---- | M] () -- E:\WINDOWS\vb.ini [1 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-28 18:53:28 | 000,001,854 | ---- | C] () -- E:\Documents and Settings\Administrator\Pulpit\FIX.REG [2010-08-28 12:25:38 | 000,000,000 | -H-- | C] () -- E:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf [2010-08-28 12:25:27 | 000,000,000 | -H-- | C] () -- E:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf [2010-08-28 12:24:07 | 000,000,000 | -H-- | C] () -- E:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2010-08-28 12:24:05 | 000,000,000 | -H-- | C] () -- E:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2010-08-28 12:22:13 | 000,001,567 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk [2010-08-28 12:08:35 | 000,000,465 | RHS- | C] () -- E:\autorun.inf [2010-08-27 20:55:49 | 000,000,632 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-08-27 20:50:25 | 000,000,797 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2010-08-27 20:50:25 | 000,000,768 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-08-27 20:34:03 | 000,061,440 | ---- | C] () -- E:\WINDOWS\System32\vuins32.dll [2010-08-27 20:29:55 | 000,146,650 | ---- | C] () -- E:\WINDOWS\System32\BuzzingBee.wav [2010-08-27 20:29:54 | 000,940,794 | ---- | C] () -- E:\WINDOWS\System32\LoopyMusic.wav [2010-08-27 20:18:47 | 000,040,960 | R--- | C] () -- E:\WINDOWS\System32\ChCfg.exe [2010-08-27 20:16:02 | 000,005,824 | ---- | C] () -- E:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2010-08-27 19:51:39 | 000,509,024 | ---- | C] () -- E:\WINDOWS\System32\drivers\sfi.dat [2010-08-27 19:49:15 | 000,008,192 | ---- | C] () -- E:\WINDOWS\REGLOCS.OLD [2010-08-27 19:46:23 | 000,001,656 | ---- | C] () -- E:\Documents and Settings\Administrator\Pulpit\SpeedTouch Dial-up.lnk [2010-08-27 19:46:19 | 000,005,606 | ---- | C] () -- E:\WINDOWS\System32\stci.dll [2010-08-27 19:41:53 | 000,003,378 | ---- | C] () -- E:\WINDOWS\System32\NOTEPAD.ini [2010-08-27 19:37:07 | 000,000,042 | ---- | C] () -- E:\WINDOWS\System32\DriverChecker.lie [2010-08-27 19:29:50 | 000,168,448 | ---- | C] () -- E:\WINDOWS\System32\unrar.dll [2010-08-27 19:23:45 | 000,004,444 | ---- | C] () -- E:\WINDOWS\System32\pid.PNF [2010-08-27 19:23:43 | 000,001,374 | ---- | C] () -- E:\WINDOWS\imsins.BAK [2010-08-27 19:23:31 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\c_28603.nls [2010-08-27 19:23:30 | 000,066,594 | ---- | C] () -- E:\WINDOWS\System32\c_857.nls [2010-08-27 19:23:30 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\c_28599.nls [2010-08-27 19:23:30 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\c_10081.nls [2010-08-27 19:23:29 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\C_28595.NLS [2010-08-27 19:23:29 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\c_10017.nls [2010-08-27 19:23:29 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\c_10007.nls [2010-08-27 19:23:28 | 000,066,594 | ---- | C] () -- E:\WINDOWS\System32\c_869.nls [2010-08-27 19:23:28 | 000,066,594 | ---- | C] () -- E:\WINDOWS\System32\c_737.nls [2010-08-27 19:23:28 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\c_875.nls [2010-08-27 19:23:28 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\C_28597.NLS [2010-08-27 19:23:28 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\c_10006.nls [2010-08-27 19:23:27 | 000,066,594 | ---- | C] () -- E:\WINDOWS\System32\c_866.nls [2010-08-27 19:23:27 | 000,066,594 | ---- | C] () -- E:\WINDOWS\System32\c_855.nls [2010-08-27 19:23:27 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\C_28594.NLS [2010-08-27 19:23:22 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\c_20127.nls [2010-08-27 19:23:20 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\c_10082.nls [2010-08-27 19:23:20 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\c_10029.nls [2010-08-27 19:23:20 | 000,066,082 | ---- | C] () -- E:\WINDOWS\System32\c_10010.nls [2010-08-27 19:23:16 | 000,001,734 | ---- | C] () -- E:\WINDOWS\System32\AUTOEXEC.NT [2010-08-27 19:23:14 | 000,283,648 | ---- | C] () -- E:\WINDOWS\NOTEPAD.EXE [2010-08-27 19:20:44 | 000,108,600 | ---- | C] () -- E:\WINDOWS\System32\FNTCACHE.DAT [2010-08-27 19:19:54 | 000,001,195 | ---- | C] () -- E:\WINDOWS\System32\$winnt$.inf [2010-08-27 19:19:51 | 000,001,324 | ---- | C] () -- E:\WINDOWS\System32\d3d9caps.dat [2010-08-27 19:06:47 | 000,000,188 | -HS- | C] () -- E:\Documents and Settings\Administrator\ntuser.ini [2010-08-27 19:06:41 | 001,572,864 | -H-- | C] () -- E:\Documents and Settings\Administrator\NTUSER.DAT [2010-08-27 19:06:41 | 000,001,024 | -H-- | C] () -- E:\Documents and Settings\Administrator\NTUSER.DAT.LOG [2010-08-27 19:04:49 | 000,002,048 | --S- | C] () -- E:\WINDOWS\bootstat.dat [2010-08-27 19:00:34 | 000,002,272 | ---- | C] () -- E:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-08-27 18:28:37 | 000,000,047 | ---- | C] () -- E:\WINDOWS\TransBar.ini [2010-08-27 18:27:01 | 000,652,287 | ---- | C] () -- E:\WINDOWS\Nowe_konto.exe [2010-08-27 18:26:44 | 000,002,596 | ---- | C] () -- E:\WINDOWS\System32\CONFIG.NT [2010-08-27 18:26:36 | 000,023,392 | ---- | C] () -- E:\WINDOWS\System32\nscompat.tlb [2010-08-27 18:26:36 | 000,016,832 | ---- | C] () -- E:\WINDOWS\System32\amcompat.tlb [2010-08-27 18:26:34 | 000,316,640 | ---- | C] () -- E:\WINDOWS\WMSysPr9.prx [2010-08-27 18:24:41 | 000,000,488 | RH-- | C] () -- E:\WINDOWS\System32\WindowsLogon.manifest [2010-08-27 18:24:41 | 000,000,488 | RH-- | C] () -- E:\WINDOWS\System32\logonui.exe.manifest [2010-08-27 18:24:35 | 000,000,749 | RH-- | C] () -- E:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-08-27 18:24:35 | 000,000,749 | RH-- | C] () -- E:\WINDOWS\WindowsShell.Manifest [2010-08-27 18:24:35 | 000,000,749 | RH-- | C] () -- E:\WINDOWS\System32\sapi.cpl.manifest [2010-08-27 18:24:35 | 000,000,749 | RH-- | C] () -- E:\WINDOWS\System32\nwc.cpl.manifest [2010-08-27 18:24:35 | 000,000,749 | RH-- | C] () -- E:\WINDOWS\System32\ncpa.cpl.manifest [2010-08-27 18:24:35 | 000,000,749 | RH-- | C] () -- E:\WINDOWS\System32\cdplayer.exe.manifest [2010-08-27 17:38:38 | 000,021,856 | ---- | C] () -- E:\WINDOWS\System32\emptyregdb.dat [2010-08-27 17:30:40 | 000,093,702 | ---- | C] () -- E:\WINDOWS\System32\subrange.uce [2010-08-27 17:30:40 | 000,016,740 | ---- | C] () -- E:\WINDOWS\System32\shiftjis.uce [2010-08-27 17:30:40 | 000,012,876 | ---- | C] () -- E:\WINDOWS\System32\korean.uce [2010-08-27 17:30:39 | 000,060,458 | ---- | C] () -- E:\WINDOWS\System32\ideograf.uce [2010-08-27 17:30:39 | 000,024,006 | ---- | C] () -- E:\WINDOWS\System32\gb2312.uce [2010-08-27 17:30:39 | 000,022,984 | ---- | C] () -- E:\WINDOWS\System32\bopomofo.uce [2010-08-27 17:30:39 | 000,008,484 | ---- | C] () -- E:\WINDOWS\System32\kanji_2.uce [2010-08-27 17:30:39 | 000,006,948 | ---- | C] () -- E:\WINDOWS\System32\kanji_1.uce [2010-08-27 17:30:37 | 000,001,225 | ---- | C] () -- E:\WINDOWS\System32\usrlogon.cmd [2010-08-27 17:30:36 | 000,003,286 | ---- | C] () -- E:\WINDOWS\System32\tslabels.h [2010-08-27 17:30:35 | 000,000,768 | ---- | C] () -- E:\WINDOWS\System32\msdtcprf.h [2010-08-27 17:30:28 | 000,063,488 | ---- | C] () -- E:\WINDOWS\System32\wmimgmt.msc [2009-07-05 18:59:43 | 000,000,861 | ---- | C] () -- E:\WINDOWS\System32\oeminfo.ini [color=#E56717]========== LOP Check ==========[/color] [2010-08-27 19:21:51 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Administrator\Dane aplikacji\BESTplayer [2010-08-27 18:54:46 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Administrator\Dane aplikacji\Foxit [2010-08-27 21:19:00 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10 [2010-08-29 11:31:47 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Administrator\Dane aplikacji\ipla [2010-08-28 12:25:33 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Administrator\Dane aplikacji\Nokia [2010-08-27 19:27:36 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Administrator\Dane aplikacji\Opera [2010-08-28 12:24:40 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Administrator\Dane aplikacji\PC Suite [2010-08-27 19:19:55 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Administrator\Dane aplikacji\Tibia [2010-08-29 11:51:36 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Administrator\Dane aplikacji\uTorrent [2010-08-27 20:50:25 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-08-28 12:18:13 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-08-27 20:59:43 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-08-28 12:24:23 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2010-08-28 10:00:25 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Dane aplikacji\PMB Files [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-12-01 17:44:34 | 000,005,787 | ---- | M] () -- E:\0x0405.ini [2006-12-01 17:44:34 | 000,005,880 | ---- | M] () -- E:\0x0415.ini [2007-02-19 20:40:54 | 000,012,800 | ---- | M] () -- E:\1029.mst [2007-02-19 20:40:56 | 000,056,832 | ---- | M] () -- E:\1045.mst [2008-05-30 22:38:31 | 735,934,464 | ---- | M] () -- E:\27 sukienek - 27 dresses 2008 lektor pl(7).avi [2010-08-28 13:35:21 | 000,000,465 | RHS- | M] () -- E:\autorun.inf [2006-03-22 12:06:26 | 061,499,788 | ---- | M] () -- E:\Conten~1.cab [2007-02-19 20:33:40 | 135,076,374 | ---- | M] () -- E:\Data1.cab [2007-02-25 13:48:04 | 000,202,752 | ---- | M] () -- E:\Dok1.doc [2007-04-14 19:06:57 | 000,022,016 | ---- | M] () -- E:\Dorota Kosmowska Puławy.doc [2007-08-13 10:56:34 | 000,023,040 | ---- | M] () -- E:\ewidencja przejazdów.doc [2006-03-22 12:06:30 | 001,901,788 | ---- | M] () -- E:\EXE_Pr~1.cab [2008-11-10 19:11:37 | 000,000,040 | ---- | M] () -- E:\ExUninst.ini [2007-12-10 14:42:14 | 000,036,737 | ---- | M] () -- E:\FAKTURA VAT.rtf [2008-01-05 15:33:48 | 005,490,852 | ---- | M] () -- E:\Fort_Minor-Remember_The_Name.mp3 [2004-04-06 11:57:44 | 000,002,238 | ---- | M] () -- E:\GBiologia1.ico [2009-03-08 21:01:34 | 3635,634,948 | ---- | M] () -- E:\GTA San Andreas.rar [2005-06-02 10:12:16 | 001,822,520 | ---- | M] (Microsoft Corporation) -- E:\instmsiw.exe [2009-04-13 19:03:42 | 733,726,720 | ---- | M] () -- E:\kopciuszek roztańczona historia - another cinderella story 2008 lek pl [cieracho].avi [2007-05-17 20:32:58 | 000,047,104 | ---- | M] () -- E:\Kopia protokol szkoleniowy[1].doc [2007-04-30 20:23:38 | 000,000,880 | ---- | M] () -- E:\Kopia umowa sprzedazy.lnk [2007-06-20 14:44:46 | 000,019,456 | ---- | M] () -- E:\Kopia zamówienie wstępne.doc [2008-02-23 17:40:49 | 000,000,311 | ---- | M] () -- E:\Moje dokumenty.lnk [2006-12-01 17:47:42 | 002,587,408 | ---- | M] () -- E:\msi31.exe [2010-08-29 11:31:06 | 1610,612,736 | -HS- | M] () -- E:\pagefile.sys [2006-03-22 12:06:48 | 020,819,455 | ---- | M] () -- E:\PaintS~1.cab [2007-10-18 12:41:44 | 000,065,536 | ---- | M] () -- E:\PROTOKOL Kaufland aktualny[1].doc [2009-02-26 21:16:32 | 000,036,352 | ---- | M] () -- E:\PROTOKOL naprawy[1].doc [2007-07-21 21:54:12 | 000,044,032 | ---- | M] () -- E:\protokol serwisowy[1].doc [2007-05-17 20:32:58 | 000,047,104 | ---- | M] () -- E:\protokol szkoleniowy[1].doc [2007-05-16 21:46:33 | 000,025,600 | ---- | M] () -- E:\Protokól serwisowy.doc [2008-01-30 17:38:52 | 000,020,992 | ---- | M] () -- E:\PRZELEWY Z FIRMY PROZAM.doc [2007-02-19 20:41:00 | 007,600,128 | ---- | M] () -- E:\psppxi.msi [2006-03-22 12:08:10 | 004,116,992 | ---- | M] () -- E:\pspx.msi [2006-03-22 12:05:56 | 002,194,912 | ---- | M] () -- E:\RCDLL_~1.cab [2007-02-19 20:41:02 | 000,259,664 | ---- | M] () -- E:\setup.exe [2007-02-19 20:33:46 | 000,001,921 | ---- | M] () -- E:\Setup.ini [2008-11-26 19:12:00 | 000,000,275 | ---- | M] () -- E:\Skrót (2) do Dysk lokalny (C).lnk [2008-08-10 15:25:47 | 000,000,275 | ---- | M] () -- E:\Skrót do Dysk lokalny (C).lnk [2008-05-05 17:52:54 | 000,000,129 | ---- | M] () -- E:\Skrót do Dysk wymienny (F).lnk [2006-03-22 12:06:28 | 000,001,028 | ---- | M] () -- E:\TBYB.cab [2008-11-11 14:36:58 | 000,006,144 | -HS- | M] () -- E:\Thumbs.db [2006-03-22 12:06:28 | 001,086,668 | ---- | M] () -- E:\ThumbS~1.cab [2010-03-31 17:44:00 | 477,213,818 | ---- | M] () -- E:\ubuntu-9.10-desktop-i386.iso [2007-04-30 20:23:38 | 000,000,880 | ---- | M] () -- E:\umowa sprzedazy.lnk [2008-11-10 19:12:06 | 000,010,715 | ---- | M] () -- E:\Uninst.isu [2005-07-06 16:20:36 | 000,049,152 | ---- | M] () -- E:\UninstallProject.dll [2007-06-20 14:44:46 | 000,019,456 | ---- | M] () -- E:\zamówienie wstępne.doc [2006-03-22 12:05:52 | 000,768,242 | ---- | M] () -- E:\_1002.cab [2006-03-22 12:06:50 | 001,080,225 | ---- | M] () -- E:\_ISUS.cab [2006-03-22 12:06:02 | 008,012,069 | ---- | M] () -- E:\_NoVer~1.cab [2008-09-24 14:37:09 | 000,000,162 | -H-- | M] () -- E:\~$otokol szkoleniowy[1].doc [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- E:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-18 01:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- E:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- E:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-15 00:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- E:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- E:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-15 00:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- E:\WINDOWS\system32\winlogon.exe < End of report > [/log]
Sohei komentarz 29 sierpnia 2010 komentarz 29 sierpnia 2010 [code]:Processes Explorer.exe :OTL O4 - HKCU..\Run: [kamsoft] E:\WINDOWS\System32\kamsoft.exe File not found O33 - MountPoints2\{8a5645de-b1fd-11df-b358-00138fa476e1}\Shell\AutoRun\command - "" = L:\m9ma.exe -- File not found O33 - MountPoints2\{8a5645de-b1fd-11df-b358-00138fa476e1}\Shell\explore\Command - "" = L:\m9ma.exe -- File not found O33 - MountPoints2\{8a5645de-b1fd-11df-b358-00138fa476e1}\Shell\open\Command - "" = L:\m9ma.exe -- File not found O33 - MountPoints2\{e52d9f00-b1fd-11df-8835-806d6172696f}\Shell\AutoRun\command - "" = m9ma.exe O33 - MountPoints2\{e52d9f00-b1fd-11df-8835-806d6172696f}\Shell\explore\Command - "" = m9ma.exe O33 - MountPoints2\{e52d9f00-b1fd-11df-8835-806d6172696f}\Shell\open\Command - "" = m9ma.exe O33 - MountPoints2\{e52d9f05-b1fd-11df-8835-806d6172696f}\Shell\AutoRun\command - "" = m9ma.exe O33 - MountPoints2\{e52d9f05-b1fd-11df-8835-806d6172696f}\Shell\explore\Command - "" = m9ma.exe O33 - MountPoints2\{e52d9f05-b1fd-11df-8835-806d6172696f}\Shell\open\Command - "" = m9ma.exe O33 - MountPoints2\{e52d9f07-b1fd-11df-8835-806d6172696f}\Shell\AutoRun\command - "" = m9ma.exe O33 - MountPoints2\{e52d9f07-b1fd-11df-8835-806d6172696f}\Shell\explore\Command - "" = m9ma.exe O33 - MountPoints2\{e52d9f07-b1fd-11df-8835-806d6172696f}\Shell\open\Command - "" = m9ma.exe O33 - MountPoints2\C\Shell\AutoRun\command - "" = C:\m9ma.exe -- File not found O33 - MountPoints2\C\Shell\explore\Command - "" = C:\m9ma.exe -- File not found O33 - MountPoints2\C\Shell\open\Command - "" = C:\m9ma.exe -- File not found O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\m9ma.exe -- File not found O33 - MountPoints2\D\Shell\explore\Command - "" = D:\m9ma.exe -- File not found O33 - MountPoints2\D\Shell\open\Command - "" = D:\m9ma.exe -- File not found O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\m9ma.exe -- File not found O33 - MountPoints2\E\Shell\explore\Command - "" = E:\m9ma.exe -- File not found O33 - MountPoints2\E\Shell\open\Command - "" = E:\m9ma.exe -- File not found :files E:\WINDOWS\System32\kamsoft.exe F:\autorun.inf E:\autorun.inf D:\autorun.inf C:\autorun.inf E:\32788R22FWJFW E:\97f604ede8417a0d162464efb2934401 E:\m9ma.exe D:\m9ma.exe C:\m9ma.exe F:\m9ma.exe :Commands [emptytemp] [start explorer] [reboot][/code] Wklejasz to do OTL w białe okienko i klikasz run fix. Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url] Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url] Co znajda usun po czym daj logi z usuwania + nowy log OTL
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.