x-kom hosting

Ikony zamiast folderów

Sothan
utworzono
utworzono

Witam!
Rok temu kupiłem dysk Toshiba 500GB, do tej pory wszystko było ok, a tu nagle *CIACH* i dysk nie działa.
Wczoraj pożyczyłem dysk kumplowi, żeby zgrał mi parę filmów. (Dotychczas wszystko działało)
Na drugi dzień przychodzi do mnie i mówi, że dysk chyba nie działa - ja zdziwiony, przecież w końcu 2dni temu działał.
Podłączyłem dysk pod port USB, na początku już mi się nie podobał, ponieważ był czytany jako dysk I, a zwykle był jako G, i nie było miniaturki dysku w ikonce.
Otworzyłem dysk, otwieram folder "Filmy" i w tym samym czasie wywaliło mi błąd, pozwolę sobie zacytować -
[quote]System Windows nie może odnaleźć pliku "I:\RECYCLER\4F7D468......exe.Upewnij się, że wpisana nazwa jest poprawna i spróbuj ponownie.[/quote]
Obszukałem tysiące for internetowych, wiele osób miało podobny problem, lecz osoby im pomagające prosiły o logi z OTL, i oczywiście każdy ma inny, a nie będę odkopywał tematu z 2011r. wklejając swój log..
Tak więc proszę o pomoc, nagrodzę w naturze!
Pozdrawiam.

Doman
komentarz
komentarz

[quote name='Sothan' timestamp='1339359374' post='1518442'] Tak więc proszę o pomoc, nagrodzę w naturze! [/quote]

:D Śmiesznie brzmi.

A np. możesz do niego wejść przez Total Comandera, lub jakiegoś linuxa ? Albo czy możesz go przeskanować hd tune ? Próbowałeś formatować ?

Sothan
komentarz
komentarz

Próbowałem wejść przez TotalCmd, ale to nic nie dało, nadal wywalało ten sam błąd.
Nie formatowałem, ponieważ są tam cenne dane ;)
Przeskanuje przez ten hd tune i zobaczymy, mam wysłać jakiś log?

Doman
komentarz
komentarz

[url="http://www.forumpc.pl/index.php?showtopic=237061&st=0&p=1428336&#entry1428336"]http://www.forumpc.pl/index.php?showtopic=237061&st=0&p=1428336&#entry1428336[/url] tam masz o hd tune.

Sothan
komentarz
komentarz

Ale czy ktoś wie w ogóle, o co chodzi z tymi ikonami?

Doman
komentarz
komentarz

Wstaw ss jak to wygląda w praktyce i logi z OTL'a

Sothan
komentarz
komentarz

Zielona strzałeczka pokazuje, to co wyskakuje po kliknięciu na ten "skrót"
Niebieska strzałka pokazuje, te felerne skróty, na dysku.
Jak widać HDtune, nie pokazuje aby były jakiekolwiek Bad Sectory, więc "fizycznie" z dyskiem wszystko gra.
Pomooocy! :)[img]http://img819.imageshack.us/img819/7536/hddc.jpg[/img]

Doman
komentarz
komentarz

Pewnie używałeś jakiegoś programu do zmiany wyglądu systemu ?:)

Sothan
komentarz
komentarz

Raczej nie używałem. Mam SevenLight v3. Nic w wyglądzie nie zmieniałem. A czym to może być jeszcze spowodowane?

Doman
komentarz
komentarz

Przeskanuj całość malwarewebs, po skanie usuń i wstaw te logi z OTL'a

Sothan
komentarz
komentarz

malwarewebs? Wpisując to w google, nie ma żadneg programu do pobrania. Logi z OTL'a są niedostępne ponieważ ten skrypt, o jakim mówiłem u mnie nie działa,

Doman
komentarz
komentarz

Już prostuję. Przepraszam - [url="http://www.google.pl/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&sqi=2&ved=0CGsQFjAB&url=http%3A%2F%2Fwww.dobreprogramy.pl%2FMalwarebytes-AntiMalware%2CProgram%2CWindows%2C13117.html&ei=yYnYT86hMsnHsgbP5vWTDw&usg=AFQjCNEGWDSZ2t0kJbDDVjv-jkRkeSsk4g&sig2=311r1BmRuvDmrXylMlgN_g"]proszę[/url] i jak tak OTL nie działa, to pobierz go z innym rozszerzeniem.

Gość
komentarz
komentarz

[quote]Logi z OTL'a są niedostępne ponieważ ten skrypt, o jakim mówiłem u mnie nie działa, [/quote]
Jaki skrypt? Masz uruchomic OTL zaznaczyć wszystkie sekcje na Uzyj filtrowania, zaznaczyć Wszyscy użtkownicy, zanzczyć Infekcja LOP i PURITY i kliknać w [b]Skanuj[/b]

  • Dobra wypowiedź 1
Sothan
komentarz
komentarz (edytowane)

[b][size=4]MALWARE:[/size][/b]
[size=4][log][/size]
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Wersja bazy: v2012.04.04.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Maciej :: MACIEJ-KOMPUTER [administrator]

2012-06-13 15:07:44
mbam-log-2012-06-13 (15-07-44).txt

Typ skanowania: Niestandardowe skanowanie
Zaznaczone opcje skanowania: System plików | Heuristyka/Shuriken | PUP | PUM
Odznaczone opcje skanowania: Pamięć | Rozruch | Rejestr | Heurystyka/Dodatkowe | P2P
Przeskanowano obiektów: 3091
Upłynęło: 8 minut(y), 18 sekund(y)

Wykrytych procesów w pamięci: 0
(Nie znaleziono zagrożeń)

Wykrytych modułów w pamięci: 0
(Nie znaleziono zagrożeń)

Wykrytych kluczy rejestru: 0
(Nie znaleziono zagrożeń)

Wykrytych wartości rejestru: 0
(Nie znaleziono zagrożeń)

Wykryte wpisy rejestru systemowego: 0
(Nie znaleziono zagrożeń)

wykrytych folderów: 0
(Nie znaleziono zagrożeń)

Wykrytych plików: 1
I:\System Volume Information\_restore{8B5917AE-E87D-4792-A0BD-323FDF5288A0}\RP175\A0856692.exe (Trojan.FakeAlert) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.

(zakończo
[size=4][/log][/size]

[b][size=3]OTL::[/size][/b]
[size=4][log][/size]
OTL logfile created on: 2012-06-13 15:08:18 - Run 2
OTL by OldTimer - Version 3.2.48.0 Folder = E:\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,50 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 25,57% Memory free
7,00 Gb Paging File | 3,75 Gb Available in Paging File | 53,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 70,32 Gb Total Space | 49,48 Gb Free Space | 70,37% Space Free | Partition Type: NTFS
Drive D: | 39,64 Gb Total Space | 37,53 Gb Free Space | 94,68% Space Free | Partition Type: NTFS
Drive E: | 206,05 Gb Total Space | 10,48 Gb Free Space | 5,08% Space Free | Partition Type: NTFS
Drive I: | 465,76 Gb Total Space | 58,01 Gb Free Space | 12,46% Space Free | Partition Type: NTFS

Computer Name: MACIEJ-KOMPUTER | User Name: Maciej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-06-12 14:29:14 | 001,104,440 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012-06-12 14:29:14 | 000,935,480 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012-06-10 22:16:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- E:\Downloads\OTL (1).exe
PRC - [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012-04-22 13:51:04 | 000,720,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012-04-22 13:50:44 | 000,174,120 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012-04-22 13:50:32 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-04-05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG\avgtray.exe
PRC - [2012-04-04 15:56:38 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-03-15 04:05:14 | 003,090,056 | ---- | M] (Trend Media Corporation Limited) -- D:\Programy\FlashGet 3\Flashget3.exe
PRC - [2012-03-01 01:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-02-29 22:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG\avgwdsvc.exe
PRC - [2012-02-14 04:53:14 | 000,758,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG\avgrsx.exe
PRC - [2012-02-14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG\avgcsrvx.exe
PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- D:\Programy\Gadu-Gadu 10\gg.exe
PRC - [2011-04-15 01:54:42 | 002,640,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011-03-27 02:01:01 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011-03-27 02:00:49 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2010-07-08 23:25:36 | 003,554,304 | ---- | M] (MacGadger Studios) -- C:\Program Files\MacGadger\MacG.exe
PRC - [2010-02-22 10:44:14 | 000,045,312 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe
PRC - [2010-01-15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2008-10-26 05:57:38 | 016,151,824 | ---- | M] (Electronic Arts) -- E:\Gry\undercover\nfs.exe
PRC - [2007-12-17 04:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007-01-11 04:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-06-12 14:29:15 | 000,132,664 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll
MOD - [2012-06-12 14:29:14 | 001,104,440 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012-06-07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll
MOD - [2012-06-07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012-06-07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\libglesv2.dll
MOD - [2012-06-07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\libegl.dll
MOD - [2012-06-07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012-06-07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012-06-07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
MOD - [2012-05-05 16:14:28 | 008,797,856 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012-03-15 04:06:50 | 000,059,016 | ---- | M] () -- D:\Programy\FlashGet 3\zlib.dll
MOD - [2012-03-15 04:00:08 | 000,262,144 | ---- | M] () -- D:\Programy\FlashGet 3\ckcore.dll
MOD - [2012-03-15 04:00:08 | 000,249,856 | ---- | M] () -- D:\Programy\FlashGet 3\BugReport.dll
MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- D:\Programy\Gadu-Gadu 10\zlib1.dll
MOD - [2008-10-22 06:27:06 | 000,833,236 | ---- | M] () -- E:\Gry\undercover\PB\pbcl.dll
MOD - [2008-10-22 06:27:06 | 000,057,344 | ---- | M] () -- C:\Users\Maciej\AppData\Local\PunkBuster\UNCO\pb\pbag.dll
MOD - [2007-05-22 11:59:22 | 000,128,512 | ---- | M] () -- D:\Programy\RarExt.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- D:\Programy\avgwdsvc.exe -- (avg9wd)
SRV - File not found [Auto | Stopped] -- D:\Programy\avgemc.exe -- (avg9emc)
SRV - [2012-06-12 14:29:14 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012-05-05 16:14:28 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-04-22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-03-01 01:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Programy\AVG\avgwdsvc.exe -- (avgwd)
SRV - [2010-02-22 10:44:14 | 000,045,312 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe -- (NTI BackupNowEZSvr)
SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-12-17 04:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007-01-11 04:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Maciej\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ac9p9lfj)
DRV - [2012-06-13 15:07:41 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012-06-13 14:07:43 | 000,138,184 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2012-04-22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012-04-19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012-03-23 22:16:04 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012-03-23 22:15:48 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2012-03-01 01:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012-02-22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2012-01-31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012-01-09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012-01-09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011-12-23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011-07-29 14:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2011-07-29 14:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011-03-27 02:01:27 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2011-03-27 02:01:13 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011-03-27 02:00:38 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2011-03-27 02:00:38 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2011-03-27 02:00:38 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2011-03-27 02:00:37 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2011-03-27 02:00:37 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2011-03-27 02:00:37 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2011-03-27 02:00:37 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2011-03-27 02:00:37 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2011-03-27 02:00:37 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2011-03-27 02:00:35 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2011-03-27 02:00:35 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009-07-14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [url="http://isearch.avg.com/search?cid={D0B53B00-76CB-46CE-AEC1-1082E40B389C}&mid=706efdf006a7141f96d5dd5c2a0979f9-3b19f0a6dd146ab4e105ba3ad8be9fe06f4d8838&lang=pl&ds=AVG&pr=fr&d=2012-05-12"]http://isearch.avg.c...fr&d=2012-05-12[/url] 19:41:16&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: D:\Programy\AVG\Firefox\DoNotTrack\ [2012-05-12 19:40:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012-06-12 14:29:18 | 000,000,000 | ---D | M]

[2012-04-20 21:15:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maciej\AppData\Roaming\mozilla\Extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = [url="http://isearch.avg.com/search?cid={D0B53B00-76CB-46CE-AEC1-1082E40B389C}&mid=706efdf006a7141f96d5dd5c2a0979f9-3b19f0a6dd146ab4e105ba3ad8be9fe06f4d8838&lang=pl&ds=AVG&pr=fr&d=2012-05-12"]http://isearch.avg.c...fr&d=2012-05-12[/url] 19:41:16&v=11.1.0.7&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = [url="http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}"]http://clients5.goog...outputEncoding}[/url]
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\
CHR - Extension: AVG Do Not Track = C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = C:\Users\Maciej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - D:\Programy\AVG\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Maciej\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O4 - HKLM..\Run: [AVG_TRAY] D:\Programy\AVG\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BackupNowEZtray] C:\Program Files\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPSON SX110 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [FlashGet 3] D:\Programy\FlashGet 3\FlashGet3.exe (Trend Media Corporation Limited)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all links by FlashGet3 - D:\Programy\FlashGet 3\BHO\fdgetallurl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - D:\Programy\FlashGet 3\BHO\fdgeturl.htm ()
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - D:\Programy\AVG\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.88.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C01D4BED-825F-4D5D-BCA2-F2647C67AC9B}: DhcpNameServer = 192.168.1.254 192.168.88.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Programy\AVG\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012-06-09 17:56:44 | 000,000,120 | -H-- | M] () - I:\autorun.bak -- [ NTFS ]
O32 - AutoRun File - [2012-06-09 17:56:44 | 000,000,139 | -H-- | M] () - I:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{5040deb9-75c1-11e1-b318-001a4d7b46fc}\Shell - "" = AutoRun
O33 - MountPoints2\{5040deb9-75c1-11e1-b318-001a4d7b46fc}\Shell\AutoRun\command - "" = G:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{5667364a-758e-11e1-abe6-001a4d7b46fc}\Shell - "" = AutoRun
O33 - MountPoints2\{5667364a-758e-11e1-abe6-001a4d7b46fc}\Shell\AutoRun\command - "" = H:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (D:\Programy\AVG\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-06-13 15:07:41 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012-06-13 15:06:30 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Roaming\Malwarebytes
[2012-06-13 15:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-06-13 15:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-06-13 15:06:24 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012-06-13 15:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-06-11 16:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012-06-11 16:33:29 | 000,000,000 | ---D | C] -- C:\Users\Maciej\Desktop\hsr2.0cdromsetup
[2012-06-11 05:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2012-06-11 05:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2012-06-10 20:36:10 | 000,000,000 | ---D | C] -- C:\totalcmd
[2012-06-10 20:36:10 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012-06-10 20:36:10 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Roaming\GHISLER
[2012-06-10 20:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NTIReg
[2012-06-10 19:57:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Backup Now EZ
[2012-06-10 19:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Xp_x86
[2012-06-10 19:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\w2k_x86
[2012-06-10 19:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Vista_x86
[2012-06-10 19:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Vista_ia64
[2012-06-10 19:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Vista_amd64
[2012-06-10 19:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\2003_x86
[2012-06-10 19:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\2003_ia64
[2012-06-10 19:57:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\2003_amd64
[2012-06-10 19:57:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti
[2012-06-10 19:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\NewTech Infosystems
[2012-06-10 19:56:55 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012-06-09 12:53:59 | 000,000,000 | ---D | C] -- C:\ProgramData\OpenFM
[2012-06-09 12:53:58 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Roaming\OpenFM
[2012-06-08 18:51:49 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Local\CrashRpt
[2012-06-08 18:50:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outerra
[2012-06-08 18:50:26 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outerra
[2012-06-08 18:50:24 | 000,000,000 | ---D | C] -- C:\Users\Maciej\Outerra
[2012-06-08 10:26:26 | 000,000,000 | ---D | C] -- C:\Users\Maciej\Documents\NFS Undercover
[2012-06-08 10:25:57 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Local\PunkBuster
[2012-06-07 18:53:38 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Roaming\Milestone
[2012-06-07 17:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Milestone
[2012-06-07 11:13:09 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Local\Chromium
[2012-06-07 11:13:04 | 000,000,000 | ---D | C] -- C:\Users\Maciej\Documents\Rockstar Games
[2012-06-07 10:57:43 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2012-06-07 09:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Rockstar Games
[2012-05-29 20:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012-05-29 20:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012-05-29 16:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012-05-29 16:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2012-05-29 16:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2012-05-27 19:32:42 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Local\SniperV2
[2012-05-27 19:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebellion
[2012-05-27 14:19:37 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBFBE.DLL
[2012-05-27 14:19:37 | 000,078,848 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BFBE.DLL
[2012-05-27 14:19:37 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL
[2012-05-27 14:19:27 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2012-05-26 23:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012-05-26 12:50:16 | 000,000,000 | ---D | C] -- C:\Users\Maciej\Documents\Witcher 2
[2012-05-26 12:50:16 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Local\The Witcher 2
[2012-05-26 12:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2
[2012-05-24 14:33:41 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Roaming\LolClient2
[2012-05-24 14:14:29 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Local\SKIDROW
[2012-05-24 13:36:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012-05-22 16:01:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\QuickTime
[2012-05-22 16:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2012-05-22 16:01:23 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2012-05-22 16:01:22 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012-05-22 16:01:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
[2012-05-19 09:14:27 | 000,000,000 | ---D | C] -- C:\Users\Maciej\Documents\Diablo III
[2012-05-19 09:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012-05-19 09:09:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012-05-19 09:09:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo.III.Collectors.Edition
[2012-05-15 18:43:57 | 000,000,000 | ---D | C] -- C:\Downloads
[2012-05-14 18:41:08 | 000,000,000 | R--D | C] -- C:\Users\Maciej\Documents\Scanned Documents
[2012-05-14 18:41:08 | 000,000,000 | ---D | C] -- C:\Users\Maciej\Documents\Fax

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-06-13 15:07:41 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012-06-13 15:06:57 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-06-13 15:06:57 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-06-13 15:06:57 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-06-13 15:06:57 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-06-13 14:26:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-13 14:14:02 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-06-13 14:07:43 | 000,138,184 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012-06-13 13:43:07 | 000,000,045 | ---- | M] () -- C:\Windows\MacG.INI
[2012-06-13 13:43:06 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-13 13:42:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-13 11:55:34 | 000,020,480 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-13 11:55:34 | 000,020,480 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-13 11:54:09 | 100,275,833 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2012-06-13 11:48:06 | 2818,220,032 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-13 07:32:21 | 000,004,648 | ---- | M] () -- C:\Windows\System32\secustat.dat
[2012-06-13 00:24:48 | 000,029,605 | ---- | M] () -- C:\Windows\System32\secushr.dat
[2012-06-12 20:06:35 | 000,263,801 | ---- | M] () -- C:\Users\Maciej\Desktop\hdd.jpg
[2012-06-12 17:44:16 | 000,075,023 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjg.avm
[2012-06-12 17:22:38 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012-06-11 16:46:26 | 000,000,649 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012-06-10 19:57:31 | 000,002,165 | ---- | M] () -- C:\Users\Public\Desktop\Backup Now EZ.lnk
[2012-06-09 16:53:57 | 000,002,933 | ---- | M] () -- C:\Users\Maciej\Desktop\sztaba.jpg
[2012-06-06 20:59:11 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
[2012-06-02 17:44:52 | 000,001,198 | ---- | M] () -- C:\Windows\System32\20120602174453.torrent.filelist
[2012-06-02 17:44:52 | 000,000,608 | ---- | M] () -- C:\Windows\System32\20120602174452.torrent.filelist
[2012-06-02 17:44:52 | 000,000,122 | ---- | M] () -- C:\Windows\System32\20120602174454.torrent.filelist
[2012-06-01 10:02:11 | 000,069,362 | ---- | M] () -- C:\Windows\System32\20120602174452.torrent
[2012-05-31 17:31:09 | 000,001,570 | ---- | M] () -- C:\Windows\System32\20120531173124.torrent.filelist
[2012-05-31 17:31:09 | 000,000,444 | ---- | M] () -- C:\Windows\System32\20120531173125.torrent.filelist
[2012-05-31 17:31:08 | 000,002,226 | ---- | M] () -- C:\Windows\System32\20120531173120.torrent.filelist
[2012-05-31 17:31:08 | 000,002,166 | ---- | M] () -- C:\Windows\System32\20120531173123.torrent.filelist
[2012-05-31 17:31:08 | 000,001,784 | ---- | M] () -- C:\Windows\System32\20120531173121.torrent.filelist
[2012-05-31 17:31:08 | 000,001,166 | ---- | M] () -- C:\Windows\System32\20120531173119.torrent.filelist
[2012-05-31 17:31:08 | 000,000,644 | ---- | M] () -- C:\Windows\System32\20120531173117.torrent.filelist
[2012-05-31 17:31:08 | 000,000,292 | ---- | M] () -- C:\Windows\System32\20120531173122.torrent.filelist
[2012-05-31 17:31:08 | 000,000,258 | ---- | M] () -- C:\Windows\System32\20120531173118.torrent.filelist
[2012-05-31 17:31:07 | 000,002,614 | ---- | M] () -- C:\Windows\System32\20120531173111.torrent.filelist
[2012-05-31 17:31:07 | 000,002,552 | ---- | M] () -- C:\Windows\System32\20120531173115.torrent.filelist
[2012-05-31 17:31:07 | 000,002,296 | ---- | M] () -- C:\Windows\System32\20120531173112.torrent.filelist
[2012-05-31 17:31:07 | 000,002,264 | ---- | M] () -- C:\Windows\System32\20120531173116.torrent.filelist
[2012-05-31 17:31:07 | 000,001,646 | ---- | M] () -- C:\Windows\System32\20120531173109.torrent.filelist
[2012-05-31 17:31:07 | 000,001,198 | ---- | M] () -- C:\Windows\System32\20120531173107.torrent.filelist
[2012-05-31 17:31:07 | 000,000,814 | ---- | M] () -- C:\Windows\System32\20120531173110.torrent.filelist
[2012-05-31 17:31:07 | 000,000,664 | ---- | M] () -- C:\Windows\System32\20120531173113.torrent.filelist
[2012-05-31 17:31:07 | 000,000,566 | ---- | M] () -- C:\Windows\System32\20120531173114.torrent.filelist
[2012-05-31 17:31:07 | 000,000,122 | ---- | M] () -- C:\Windows\System32\20120531173108.torrent.filelist
[2012-05-29 16:16:23 | 000,002,051 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012-05-27 19:30:22 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\Sniper Elite V2.lnk
[2012-05-26 12:48:17 | 000,000,465 | ---- | M] () -- C:\Users\Public\Desktop\Start The Witcher 2.lnk
[2012-05-25 14:43:35 | 000,123,792 | ---- | M] () -- C:\Users\Maciej\Desktop\generImg
[2012-05-23 23:17:41 | 000,057,646 | ---- | M] () -- C:\Windows\System32\20120531173125.torrent
[2012-05-23 23:09:18 | 000,015,579 | ---- | M] () -- C:\Windows\System32\20120531173123.torrent
[2012-05-23 23:09:18 | 000,014,229 | ---- | M] () -- C:\Windows\System32\20120531173124.torrent
[2012-05-23 20:01:51 | 000,105,871 | ---- | M] () -- C:\Windows\System32\20120531173122.torrent
[2012-05-23 08:00:00 | 000,000,545 | ---- | M] () -- C:\Windows\UC.PIF
[2012-05-23 08:00:00 | 000,000,545 | ---- | M] () -- C:\Windows\RAR.PIF
[2012-05-23 08:00:00 | 000,000,545 | ---- | M] () -- C:\Windows\PKZIP.PIF
[2012-05-23 08:00:00 | 000,000,545 | ---- | M] () -- C:\Windows\PKUNZIP.PIF
[2012-05-23 08:00:00 | 000,000,545 | ---- | M] () -- C:\Windows\LHA.PIF
[2012-05-23 08:00:00 | 000,000,545 | ---- | M] () -- C:\Windows\ARJ.PIF
[2012-05-22 22:33:34 | 000,014,612 | ---- | M] () -- C:\Windows\System32\20120531173121.torrent
[2012-05-22 16:05:21 | 000,005,120 | ---- | M] () -- C:\Users\Maciej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-22 14:28:24 | 000,014,839 | ---- | M] () -- C:\Windows\System32\20120531173120.torrent
[2012-05-21 13:20:12 | 000,000,144 | ---- | M] () -- C:\Windows\System32\BITS.ini
[2012-05-19 09:09:21 | 000,000,741 | ---- | M] () -- C:\Users\Maciej\Desktop\Diablo.III.Collectors.Edition.lnk
[2012-05-18 14:59:39 | 000,022,075 | ---- | M] () -- C:\Windows\System32\20120531173119.torrent

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-06-12 20:06:35 | 000,263,801 | ---- | C] () -- C:\Users\Maciej\Desktop\hdd.jpg
[2012-06-10 20:36:10 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2012-06-10 20:36:10 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2012-06-10 20:36:10 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2012-06-10 20:36:10 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2012-06-10 20:36:10 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2012-06-10 20:36:10 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2012-06-10 19:57:31 | 000,002,165 | ---- | C] () -- C:\Users\Public\Desktop\Backup Now EZ.lnk
[2012-06-09 16:54:02 | 000,002,933 | ---- | C] () -- C:\Users\Maciej\Desktop\sztaba.jpg
[2012-06-08 10:26:20 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012-06-05 21:13:17 | 001,424,788 | ---- | C] () -- C:\Users\Maciej\Desktop\TTPod v4.4 Official S60v5 ^3 VI by Caominh171@SymbianVN.sisx
[2012-06-05 20:54:56 | 001,756,392 | ---- | C] () -- C:\Users\Maciej\Desktop\TTPod_4.41_Final_By_itZoM.sis
[2012-06-02 17:44:52 | 000,069,362 | ---- | C] () -- C:\Windows\System32\20120602174452.torrent
[2012-06-02 17:44:52 | 000,061,483 | R--- | C] () -- C:\Windows\System32\20120602174453.torrent
[2012-06-02 17:44:52 | 000,055,176 | R--- | C] () -- C:\Windows\System32\20120602174454.torrent
[2012-06-02 17:44:52 | 000,001,198 | ---- | C] () -- C:\Windows\System32\20120602174453.torrent.filelist
[2012-06-02 17:44:52 | 000,000,608 | ---- | C] () -- C:\Windows\System32\20120602174452.torrent.filelist
[2012-06-02 17:44:52 | 000,000,122 | ---- | C] () -- C:\Windows\System32\20120602174454.torrent.filelist
[2012-05-31 17:31:09 | 000,057,646 | ---- | C] () -- C:\Windows\System32\20120531173125.torrent
[2012-05-31 17:31:09 | 000,014,229 | ---- | C] () -- C:\Windows\System32\20120531173124.torrent
[2012-05-31 17:31:09 | 000,001,570 | ---- | C] () -- C:\Windows\System32\20120531173124.torrent.filelist
[2012-05-31 17:31:09 | 000,000,444 | ---- | C] () -- C:\Windows\System32\20120531173125.torrent.filelist
[2012-05-31 17:31:08 | 000,105,871 | ---- | C] () -- C:\Windows\System32\20120531173122.torrent
[2012-05-31 17:31:08 | 000,076,478 | ---- | C] () -- C:\Windows\System32\20120531173118.torrent
[2012-05-31 17:31:08 | 000,056,008 | ---- | C] () -- C:\Windows\System32\20120531173117.torrent
[2012-05-31 17:31:08 | 000,022,075 | ---- | C] () -- C:\Windows\System32\20120531173119.torrent
[2012-05-31 17:31:08 | 000,015,579 | ---- | C] () -- C:\Windows\System32\20120531173123.torrent
[2012-05-31 17:31:08 | 000,014,839 | ---- | C] () -- C:\Windows\System32\20120531173120.torrent
[2012-05-31 17:31:08 | 000,014,612 | ---- | C] () -- C:\Windows\System32\20120531173121.torrent
[2012-05-31 17:31:08 | 000,002,226 | ---- | C] () -- C:\Windows\System32\20120531173120.torrent.filelist
[2012-05-31 17:31:08 | 000,002,166 | ---- | C] () -- C:\Windows\System32\20120531173123.torrent.filelist
[2012-05-31 17:31:08 | 000,001,784 | ---- | C] () -- C:\Windows\System32\20120531173121.torrent.filelist
[2012-05-31 17:31:08 | 000,001,166 | ---- | C] () -- C:\Windows\System32\20120531173119.torrent.filelist
[2012-05-31 17:31:08 | 000,000,644 | ---- | C] () -- C:\Windows\System32\20120531173117.torrent.filelist
[2012-05-31 17:31:08 | 000,000,292 | ---- | C] () -- C:\Windows\System32\20120531173122.torrent.filelist
[2012-05-31 17:31:08 | 000,000,258 | ---- | C] () -- C:\Windows\System32\20120531173118.torrent.filelist
[2012-05-31 17:31:07 | 000,071,764 | R--- | C] () -- C:\Windows\System32\20120531173110.torrent
[2012-05-31 17:31:07 | 000,056,426 | R--- | C] () -- C:\Windows\System32\20120531173112.torrent
[2012-05-31 17:31:07 | 000,055,176 | R--- | C] () -- C:\Windows\System32\20120531173108.torrent
[2012-05-31 17:31:07 | 000,045,174 | R--- | C] () -- C:\Windows\System32\20120531173113.torrent
[2012-05-31 17:31:07 | 000,044,992 | R--- | C] () -- C:\Windows\System32\20120531173114.torrent
[2012-05-31 17:31:07 | 000,018,454 | R--- | C] () -- C:\Windows\System32\20120531173111.torrent
[2012-05-31 17:31:07 | 000,018,000 | R--- | C] () -- C:\Windows\System32\20120531173109.torrent
[2012-05-31 17:31:07 | 000,015,615 | R--- | C] () -- C:\Windows\System32\20120531173115.torrent
[2012-05-31 17:31:07 | 000,014,664 | ---- | C] () -- C:\Windows\System32\20120531173116.torrent
[2012-05-31 17:31:07 | 000,002,614 | ---- | C] () -- C:\Windows\System32\20120531173111.torrent.filelist
[2012-05-31 17:31:07 | 000,002,552 | ---- | C] () -- C:\Windows\System32\20120531173115.torrent.filelist
[2012-05-31 17:31:07 | 000,002,296 | ---- | C] () -- C:\Windows\System32\20120531173112.torrent.filelist
[2012-05-31 17:31:07 | 000,002,264 | ---- | C] () -- C:\Windows\System32\20120531173116.torrent.filelist
[2012-05-31 17:31:07 | 000,001,646 | ---- | C] () -- C:\Windows\System32\20120531173109.torrent.filelist
[2012-05-31 17:31:07 | 000,001,198 | ---- | C] () -- C:\Windows\System32\20120531173107.torrent.filelist
[2012-05-31 17:31:07 | 000,000,814 | ---- | C] () -- C:\Windows\System32\20120531173110.torrent.filelist
[2012-05-31 17:31:07 | 000,000,664 | ---- | C] () -- C:\Windows\System32\20120531173113.torrent.filelist
[2012-05-31 17:31:07 | 000,000,566 | ---- | C] () -- C:\Windows\System32\20120531173114.torrent.filelist
[2012-05-31 17:31:07 | 000,000,122 | ---- | C] () -- C:\Windows\System32\20120531173108.torrent.filelist
[2012-05-29 16:16:23 | 000,002,051 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012-05-27 19:30:22 | 000,000,834 | ---- | C] () -- C:\Users\Public\Desktop\Sniper Elite V2.lnk
[2012-05-26 12:48:17 | 000,000,465 | ---- | C] () -- C:\Users\Public\Desktop\Start The Witcher 2.lnk
[2012-05-25 14:43:35 | 000,123,792 | ---- | C] () -- C:\Users\Maciej\Desktop\generImg
[2012-05-22 16:03:41 | 000,005,120 | ---- | C] () -- C:\Users\Maciej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-21 13:20:12 | 000,000,144 | ---- | C] () -- C:\Windows\System32\BITS.ini
[2012-05-19 09:09:21 | 000,000,741 | ---- | C] () -- C:\Users\Maciej\Desktop\Diablo.III.Collectors.Edition.lnk
[2012-05-01 17:01:54 | 000,195,072 | ---- | C] () -- C:\Windows\System32\SKIDROW.dll
[2012-05-01 17:01:49 | 000,195,072 | ---- | C] () -- C:\Windows\SKIDROW.dll
[2012-03-27 15:57:41 | 000,183,112 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012-03-27 15:57:26 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012-03-24 13:56:41 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2012-03-24 13:56:40 | 002,469,760 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2012-03-24 13:56:40 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2012-03-24 13:56:40 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2012-03-24 13:56:40 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2012-03-24 09:47:02 | 000,004,648 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2012-03-24 09:46:36 | 000,200,468 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012-03-24 09:45:54 | 000,029,605 | ---- | C] () -- C:\Windows\System32\secushr.dat
[2012-03-24 00:12:53 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2012-03-23 22:06:25 | 000,000,045 | ---- | C] () -- C:\Windows\MacG.INI
[2012-03-23 21:57:42 | 000,171,488 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011-04-15 04:27:03 | 000,001,764 | ---- | C] () -- C:\Windows\System32\RTSLCS.dll
[2011-03-27 02:01:27 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011-03-27 02:01:25 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:6BE50C2B

< End of report >
[/log]

Dodatkowo AVG wykryło 2trojany i jakieś 2 Win32/Partite

Gość
komentarz
komentarz

Uruchom OTL i w oknie [b]własne opcje skanowania/skrypt[/b] wklej:

[code]:OTL
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O4 - HKCU..\Run: [] File not found
@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:6BE50C2B

:Commands
[emptyflash]
[emptytemp]
[/code]
Kliknij w [b]Wykonaj skrypt.[/b]




[quote]
[size=4]Dodatkowo AVG wykryło 2trojany i jakieś 2 Win32/Partite[/size]

[/quote]


Gdzie wykrył? Raport jest potrzebny i dokładne ścieżki do plików.

  • Dobra wypowiedź 1
Sothan
komentarz
komentarz (edytowane)

Niestety zapomniałem zrobić ss z avg.
LOG:

[log]All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
ADS C:\ProgramData\TEMP:6BE50C2B deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Basia
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Maciej
->Flash cache emptied: 3137 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Basia
->Temp folder emptied: 328294 bytes
->Temporary Internet Files folder emptied: 1629849 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 6659229 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Maciej
->Temp folder emptied: 1561621 bytes
->Temporary Internet Files folder emptied: 2253331 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 134656603 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22183689 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 383391 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 162,00 mb


OTL by OldTimer - Version 3.2.48.0 log created on 06132012_173207

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...[/log]

Gość
komentarz
komentarz

Ja ci dam skrina. Masz znależć w konfiguracji AVG opcje odpowiadającą za raporty ze skanowania i przedstwaić log z wynikami.

  • Dobra wypowiedź 1
Sothan
komentarz
komentarz

Mój błąd te wirusy nie były na Toshibie, tylko na moim normalnym dysku ;)
Pooomocy, co mam robić!?

Gość
komentarz
komentarz (edytowane)

Koles to że wprowadziłeś infekcje sam - to ja wiem. Może sie w końcu określ o ktory dysk chodzi ?

[code]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 70,32 Gb Total Space | 49,48 Gb Free Space | 70,37% Space Free | Partition Type: NTFS
Drive D: | 39,64 Gb Total Space | 37,53 Gb Free Space | 94,68% Space Free | Partition Type: NTFS
Drive E: | 206,05 Gb Total Space | 10,48 Gb Free Space | 5,08% Space Free | Partition Type: NTFS
Drive I: | 465,76 Gb Total Space | 58,01 Gb Free Space | 12,46% Space Free | Partition Type: NTFS[/code]

  • Dobra wypowiedź 1
Sothan
komentarz
komentarz

Chodzi o dysk przenośny I. Na nim mam ten problem.

Gość
komentarz
komentarz

Dysk ma być podpięty. Zrób skan za pomocą USBfix z opcji [b]Listing[/b] i przedstaw raport.

http://eldesaparecido.com/tools/UsbFix.exe

  • Dobra wypowiedź 1
Sothan
komentarz
komentarz (edytowane)

############################## | UsbFix V 7.089 | [Listing]
[log]
User: Maciej (Administrator) # MACIEJ-KOMPUTER
Updated 09/06/2012 by El Desaparecido
Started at 15:29:15 | 14/06/2012

Website: [url="http://eldesaparecido.com"]http://eldesaparecido.com[/url]
Forum: [url="http://forum.eldesaparecido.com"]http://forum.eldesaparecido.com[/url]
Suspicious file ? : [url="http://eldesaparecido.com/upload.php"]http://eldesaparecido.com/upload.php[/url]
Contact: contact@eldesaparecido.com

PC: Gigabyte Technology Co., Ltd. (M61SME-S2) (X86-based PC) # Desktop Computer
CPU: AMD Athlon™ 7750 Dual-Core Processor (2700)
RAM -> [Total : 3584 | Free : 2040]
BIOS: Award Modular BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft SevenLight v3 Final (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: AVG Anti-Virus Free Edition 2012 [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 70 Gb (49 Mb free - 70%) [] # NTFS
D:\ -> Fixed drive # 40 Gb (38 Mb free - 95%) [] # NTFS
E:\ -> Fixed drive # 206 Gb (10 Mb free - 5%) [] # NTFS
F:\ -> CD-ROM
H:\ -> CD-ROM
I:\ -> Fixed drive # 466 Gb (58 Mb free - 12%) [TOSHIBA EXT] # NTFS

################## | Listing |

[12/05/2012 - 19:40:29 | HD ] C:\$AVG
[25/03/2012 - 18:32:12 | SHD ] C:\$Recycle.Bin
[10/06/2009 - 23:42:20 | A | 24] C:\autoexec.bat
[10/06/2009 - 23:42:20 | A | 10] C:\config.sys
[14/07/2009 - 06:53:55 | SHD ] C:\Documents and Settings
[15/05/2012 - 18:44:25 | D ] C:\Downloads
[14/04/2012 - 08:38:43 | SHD ] C:\found.000
[14/06/2012 - 14:28:57 | ASH | 2818220032] C:\hiberfil.sys
[24/03/2012 - 22:29:53 | D ] C:\NVIDIA
[14/06/2012 - 14:28:57 | ASH | 3757629440] C:\pagefile.sys
[14/07/2009 - 04:37:05 | D ] C:\PerfLogs
[14/06/2012 - 15:27:07 | RD ] C:\Program Files
[13/06/2012 - 15:06:25 | HD ] C:\ProgramData
[23/03/2012 - 22:04:06 | SHD ] C:\Recovery
[14/06/2012 - 15:01:45 | SHD ] C:\System Volume Information
[10/06/2012 - 20:37:26 | D ] C:\totalcmd
[14/06/2012 - 15:29:18 | D ] C:\UsbFix
[14/06/2012 - 15:28:54 | A | 2034] C:\UsbFix.txt
[25/03/2012 - 18:32:05 | RD ] C:\Users
[14/06/2012 - 15:26:24 | D ] C:\Windows
[12/05/2012 - 20:20:56 | HD ] D:\$AVG
[25/03/2012 - 18:32:12 | SHD ] D:\$RECYCLE.BIN
[05/06/2012 - 20:32:42 | D ] D:\Mjuzik
[29/04/2012 - 09:33:00 | D ] D:\Program Files
[22/05/2012 - 16:01:18 | D ] D:\Programy
[24/03/2012 - 10:50:19 | SHD ] D:\System Volume Information
[04/05/2012 - 20:31:16 | D ] D:\TIBIA
[12/05/2012 - 20:16:59 | HD ] E:\$AVG
[25/03/2012 - 18:32:12 | SHD ] E:\$RECYCLE.BIN
[14/06/2012 - 15:28:42 | SD ] E:\Downloads
[07/11/2007 - 08:00:40 | A | 17734] E:\eula.1028.txt
[07/11/2007 - 08:00:40 | A | 17734] E:\eula.1031.txt
[07/11/2007 - 08:00:40 | A | 10134] E:\eula.1033.txt
[07/11/2007 - 08:00:40 | A | 17734] E:\eula.1036.txt
[07/11/2007 - 08:00:40 | A | 17734] E:\eula.1040.txt
[07/11/2007 - 08:00:40 | A | 118] E:\eula.1041.txt
[07/11/2007 - 08:00:40 | A | 17734] E:\eula.1042.txt
[07/11/2007 - 08:00:40 | A | 17734] E:\eula.2052.txt
[07/11/2007 - 08:00:40 | A | 17734] E:\eula.3082.txt
[07/11/2007 - 08:00:40 | A | 1110] E:\globdata.ini
[08/06/2012 - 10:18:13 | D ] E:\Gry
[07/11/2007 - 08:03:18 | A | 562688] E:\install.exe
[07/11/2007 - 08:00:40 | A | 843] E:\install.ini
[07/11/2007 - 08:03:18 | A | 76304] E:\install.res.1028.dll
[07/11/2007 - 08:03:18 | A | 96272] E:\install.res.1031.dll
[07/11/2007 - 08:03:18 | A | 91152] E:\install.res.1033.dll
[07/11/2007 - 08:03:18 | A | 97296] E:\install.res.1036.dll
[07/11/2007 - 08:03:18 | A | 95248] E:\install.res.1040.dll
[07/11/2007 - 08:03:18 | A | 81424] E:\install.res.1041.dll
[07/11/2007 - 08:03:18 | A | 79888] E:\install.res.1042.dll
[07/11/2007 - 08:03:18 | A | 75792] E:\install.res.2052.dll
[07/11/2007 - 08:03:18 | A | 96272] E:\install.res.3082.dll
[19/04/2012 - 08:23:12 | D ] E:\Luty 2012
[18/04/2012 - 20:16:43 | D ] E:\Nowy folder
[08/06/2012 - 18:50:15 | D ] E:\Program Files
[24/03/2012 - 10:50:20 | SHD ] E:\System Volume Information
[07/11/2007 - 08:00:40 | A | 5686] E:\vcredist.bmp
[07/11/2007 - 08:09:22 | A | 1442522] E:\VC_RED.cab
[07/11/2007 - 08:12:28 | A | 232960] E:\VC_RED.MSI
[10/06/2012 - 22:09:10 | D ] E:\_OTL
[22/08/2011 - 16:44:17 | HD ] I:\$AVG
[25/03/2012 - 18:32:12 | SHD ] I:\$RECYCLE.BIN
[01/05/2012 - 16:45:48 | D ] I:\364ca0be68c7a109a4da7bc2195e03
[09/06/2012 - 18:21:38 | A | 1581] I:\364ca0be68c7a109a4da7bc2195e03.lnk
[01/05/2012 - 21:51:11 | D ] I:\5928644786c4bd6f2516
[09/06/2012 - 16:33:19 | A | 1561] I:\5928644786c4bd6f2516.lnk
[09/06/2012 - 17:56:44 | H | 120] I:\autorun.bak
[09/06/2012 - 17:56:44 | H | 139] I:\autorun.inf
[10/06/2012 - 20:54:21 | D ] I:\boot
[02/02/2012 - 19:29:46 | SHD ] I:\DrWeb Quarantine
[24/05/2012 - 13:44:54 | SHD ] I:\Filmy
[10/06/2012 - 19:13:30 | A | 1525] I:\Filmy.lnk
[15/04/2009 - 15:45:34 | A | 186341] I:\grldr
[10/06/2012 - 20:54:18 | D ] I:\Images(Maciej-Komputer)
[13/06/2012 - 13:43:37 | A | 161] I:\menu.lst
[30/04/2012 - 23:15:31 | HD ] I:\msdownld.tmp
[14/06/2012 - 15:01:46 | D ] I:\My Files(Maciej-Komputer)
[10/06/2012 - 19:13:15 | SHD ] I:\RECYCLER
[10/06/2012 - 20:03:30 | D ] I:\restore
[10/08/2009 - 09:42:40 | A | 32] I:\start.cmd
[11/06/2012 - 16:36:59 | SHD ] I:\System Volume Information
[31/05/2010 - 03:54:01 | SHD ] I:\TOSHIBA
[10/06/2012 - 19:15:52 | A | 1529] I:\TOSHIBA.lnk
[24/03/2012 - 21:52:45 | SHD ] I:\Wesela
[09/06/2012 - 18:01:32 | A | 1533] I:\Wesela.lnk
[10/01/2012 - 18:47:28 | SHD ] I:\YouTube Top 100 Music Hits .2011[www.lokotorrents.com][mp3]
[09/06/2012 - 19:07:09 | A | 1639] I:\YouTube Top 100 Music Hits .2011[www.lokotorrents.com][mp3].lnk
[24/05/2012 - 13:32:39 | SHD ] I:\Zgrane
[09/06/2012 - 16:32:45 | R | 1533] I:\Zgrane.lnk

################## | E.O.F |
[/log]

Gość
komentarz
komentarz

Jedyny podejrzany plik na dysku [b]I[/b] to:

[code][09/06/2012 - 17:56:44 | H | 120] I:\autorun.bak
[09/06/2012 - 17:56:44 | H | 139] I:\autorun.inf[/code]

Włacz pokazywanie ukrytych plików i otwórz w notatniku plik [b]autorun.inf[/b], przeklej jego zawartosć do posta.

  • Dobra wypowiedź 1
Sothan
komentarz
komentarz

[autorun]
icon=autorun\toshiba.ico
label=Toshiba External Hard Drive
open=restore\restorestarter.exe
action=Restore files from backup

Gość
komentarz
komentarz

To jest plik od Toshiby autouruchamianie po podpięciu.

A te pliki znasz? To Twoja robota?

[code][01/05/2012 - 16:45:48 | D ] I:\364ca0be68c7a109a4da7bc2195e03
[09/06/2012 - 18:21:38 | A | 1581] I:\364ca0be68c7a109a4da7bc2195e03.lnk
[01/05/2012 - 21:51:11 | D ] I:\5928644786c4bd6f2516
[09/06/2012 - 16:33:19 | A | 1561] I:\5928644786c4bd6f2516.lnk[/code]

  • Dobra wypowiedź 1

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.