stormbringer utworzono 25 lipca 2014 utworzono 25 lipca 2014 Witam. Mój zewnętrzny dysk został zainfekowany wirusem recycler. Zainfekowane partycje, to: G, H, I, J oraz K. Partycje C, D, E oraz F są zdrowe i należą do dysku zamontowanego w laptopie. Wirus przejawia się tym, że są widoczne tylko skróty do folderów, lecz nie otwierają się i wyskakuje okienko o treści : "System Windows nie może odnaleźć pliku "I:\RECYCLER\0xA25D5DBD.exe". Upewnij się, że wpisana nazwa jest poprawna i spróbuj ponownie. Po zaznaczeniu opcji, żeby pokazywały się ukryte pliki widoczny jest folder RECYCLER. Zamieszczam logi z UsbFix: [log]############################## | UsbFix V 7.176 | [Research] User: Adam (Administrator) # ADAM-KOMPUTER Updated 18/07/2014 by El Desaparecido - SosVirus Started at 14:32:56 | 25/07/2014 Website : http://www.en.usbfix.net/ Changelog : http://www.en.usbfix.net/changelog/ Support : http://www.sosvirus.net/ Upload Malware : http://www.sosvirus.net/upload_malware.php Contact : http://www.en.usbfix.net/contact/################## | System information | MB: Quanta (30CF) CPU: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-55 RAM -> [Total : 3263 Mo | Free : 1631 Mo] Bios: Hewlett-Packard Boot: Normal boot OS: Microsoft™ Windows 7 Home Premium (6.1.7600 32-Bit) WB: Internet Explorer : 9.00.8112.16421 WB: Mozilla Firefox : 31.0################## | Security Information | AV: AVG AntiVirus Free Edition 2014 [(!) Disabled |Updated] AS: Windows Defender [(!) Disabled |Updated] AS: AVG AntiVirus Free Edition 2014 [(!) Disabled |Updated] FW: Windows Firewall [(!) Disabled] SC: Security Center [Enabled] WU: Windows Update [Enabled]################## | Disk Information | C:\ (%SystemDrive%) -> Fixed disk # 48 Gb (25 Mb free - 51%) [] # NTFS D:\ -> Fixed disk # 194 Gb (13 Mb free - 7%) [] # NTFS E:\ -> Fixed disk # 47 Gb (7 Mb free - 15%) [System] # NTFS F:\ -> Fixed disk # 9 Gb (9 Mb free - 99%) [Dysk lokalny] # NTFS G:\ -> Fixed disk # 200 Mb (155 Mb free - 78%) [] # NTFS H:\ -> Fixed disk # 68 Gb (30 Mb free - 44%) [System] # NTFS I:\ -> Fixed disk # 195 Gb (164 Mb free - 84%) [Dane] # NTFS J:\ -> Fixed disk # 158 Gb (111 Mb free - 70%) [Archiwa] # NTFS K:\ -> Fixed disk # 29 Gb (28 Mb free - 96%) [LENOVO] # NTFS################## | Active Processes | C:\Windows\System32\smss.exe (ID: 280|ParentID: 4|SYSTEM) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe (ID: 352|ParentID: 340|SYSTEM) C:\Windows\System32\wininit.exe (ID: 660|ParentID: 616) C:\Windows\System32\services.exe (ID: 712|ParentID: 660) C:\Windows\System32\winlogon.exe (ID: 744|ParentID: 652) C:\Windows\System32\lsass.exe (ID: 772|ParentID: 660) C:\Windows\System32\lsm.exe (ID: 780|ParentID: 660) C:\Windows\System32\svchost.exe (ID: 876|ParentID: 712) C:\Windows\System32\svchost.exe (ID: 952|ParentID: 712) C:\Windows\System32\svchost.exe (ID: 1040|ParentID: 712) C:\Windows\System32\svchost.exe (ID: 1076|ParentID: 712) C:\Windows\System32\svchost.exe (ID: 1128|ParentID: 712) C:\Windows\System32\svchost.exe (ID: 1240|ParentID: 712) C:\Windows\System32\svchost.exe (ID: 1336|ParentID: 712) C:\Windows\System32\spoolsv.exe (ID: 1452|ParentID: 712) C:\Windows\System32\svchost.exe (ID: 1488|ParentID: 712) C:\Program Files\AVG\AVG2014\avgidsagent.exe (ID: 1564|ParentID: 712) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (ID: 1596|ParentID: 712) C:\Windows\System32\svchost.exe (ID: 1644|ParentID: 712) C:\Program Files\AVG\AVG2014\avgnsx.exe (ID: 1276|ParentID: 1596) C:\Program Files\AVG\AVG2014\avgemcx.exe (ID: 1300|ParentID: 1596) C:\Windows\System32\taskhost.exe (ID: 2480|ParentID: 712|Adam) C:\Windows\System32\dwm.exe (ID: 2544|ParentID: 1076|Adam) C:\Windows\explorer.exe (ID: 2580|ParentID: 2524|Adam) C:\Program Files\AVG\AVG2014\avgui.exe (ID: 2732|ParentID: 2580|Adam) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (ID: 2744|ParentID: 2580|Adam) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe (ID: 2944|ParentID: 712) C:\Windows\System32\ctfmon.exe (ID: 3104|ParentID: 2732|Adam) C:\Windows\System32\SearchIndexer.exe (ID: 3116|ParentID: 712) C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3344|ParentID: 712) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (ID: 3388|ParentID: 712) C:\Windows\System32\svchost.exe (ID: 3580|ParentID: 712) C:\Windows\System32\sppsvc.exe (ID: 3628|ParentID: 712) C:\Windows\System32\wuauclt.exe (ID: 2132|ParentID: 1128|Adam) C:\Program Files\Mozilla Firefox\firefox.exe (ID: 2104|ParentID: 2580|Adam) C:\Windows\System32\wbengine.exe (ID: 5036|ParentID: 712) C:\Windows\System32\vds.exe (ID: 5276|ParentID: 712) C:\Windows\servicing\TrustedInstaller.exe (ID: 5460|ParentID: 712) C:\Windows\System32\SearchFilterHost.exe (ID: 6152|ParentID: 3116|SYSTEM) C:\Windows\System32\SearchProtocolHost.exe (ID: 6292|ParentID: 3116) C:\Windows\System32\taskhost.exe (ID: 2300|ParentID: 712|Adam) C:\UsbFix\UsbFix.exe (ID: 7144|ParentID: 6700|Adam) C:\Program Files\AVG\AVG2014\avgcfgex.exe (ID: 3680|ParentID: 2732|Adam)################## | Autorun |################## | Regedit Run | F2 - HKLM\..\Winlogon : [Shell] explorer.exe F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe, 04 - HKLM\..\Run : [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY 04 - HKLM\..\Run : [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start 04 - HKLM\..\Run : [AutorunRemover.exe] C:\Program Files\AutorunRemover\AutorunRemover.exe -Hide 04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe 04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe################## | Generic Research | Found ! G:\$RECYCLE.BIN.lnk Found ! G:\Boot.lnk Found ! G:\Recycled.lnk Found ! G:\System Volume Information.lnk Found ! H:\$AVG.lnk Found ! H:\$RECYCLE.BIN.lnk Found ! H:\Config.Msi.lnk Found ! H:\Documents and Settings.lnk Found ! H:\found.000.lnk Found ! H:\Intel.lnk Found ! H:\MSOCache.lnk Found ! H:\Program Files (x86).lnk Found ! H:\Program Files.lnk Found ! H:\ProgramData.lnk Found ! H:\Recovery.lnk Found ! H:\System Volume Information.lnk Found ! H:\Users.lnk Found ! H:\Windows.lnk Found ! I:\1.lnk Found ! I:\Allegro.lnk Found ! I:\Firma.lnk Found ! I:\Grafika.lnk Found ! I:\Instalki.lnk Found ! I:\Motoryzacja.lnk Found ! I:\Muzyka.lnk Found ! I:\Pobieranie.lnk Found ! I:\WSB - materiały.lnk Found ! I:\Zdjęcia.lnk Found ! J:\$RECYCLE.BIN.lnk Found ! J:\sterowniki do netbooka.lnk Found ! J:\System Volume Information.lnk Found ! J:\z czyjegoś HP.lnk Found ! J:\z netbooka.lnk Found ! G:\.\recycled\info.exe Found ! G:\Recycled\INFO.EXE Found ! G:\RECYCLER\0xA25D5DBD.exe Found ! J:\RECYCLER\0xA25D5DBD.exe Found ! K:\RECYCLER\0xA25D5DBD.exe################## | Registry |################## | E.O.F | http://www.sosvirus.net/ | http://www.en.usbfix.net/ |[/log] Logi z OTL: [log]OTL Extras logfile created on: 2014-07-25 14:54:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Instalki\usuwanie wirusów Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,19 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 50,52% Memory free 6,37 Gb Paging File | 5,10 Gb Available in Paging File | 80,04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 48,08 Gb Total Space | 24,25 Gb Free Space | 50,44% Space Free | Partition Type: NTFS Drive D: | 194,37 Gb Total Space | 13,23 Gb Free Space | 6,81% Space Free | Partition Type: NTFS Drive E: | 47,00 Gb Total Space | 6,88 Gb Free Space | 14,63% Space Free | Partition Type: NTFS Drive F: | 8,63 Gb Total Space | 8,55 Gb Free Space | 99,08% Space Free | Partition Type: NTFS Drive G: | 200,00 Mb Total Space | 155,24 Mb Free Space | 77,62% Space Free | Partition Type: NTFS Drive H: | 68,36 Gb Total Space | 29,81 Gb Free Space | 43,61% Space Free | Partition Type: NTFS Drive I: | 195,31 Gb Total Space | 163,57 Gb Free Space | 83,75% Space Free | Partition Type: NTFS Drive J: | 158,14 Gb Total Space | 110,75 Gb Free Space | 70,03% Space Free | Partition Type: NTFS Drive K: | 29,00 Gb Total Space | 27,95 Gb Free Space | 96,41% Space Free | Partition Type: NTFS Computer Name: ADAM-KOMPUTER | User Name: Adam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07D6AD9E-A7FA-40F2-8C59-A401B65F3915}" = lport=445 | protocol=6 | dir=in | app=system | "{1956AAD5-507C-471D-9BCB-BF364874D00B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2092D4A9-7C2A-4E76-B62C-A06D5396B3CC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{49A01C33-EACC-417C-9485-ECC03C76846F}" = lport=138 | protocol=17 | dir=in | app=system | "{4ED1D84E-83F8-4A87-9631-5FF1AA23E2BF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{50B34CB1-D741-4DAF-BCA2-DDC54795ECC1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{54FB939F-7EA0-4DF6-91FF-B3BCEDBE3384}" = lport=2869 | protocol=6 | dir=in | app=system | "{5884E14E-3EC3-4EA8-85FD-93576E078F29}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5A5E264D-9294-4D2F-987B-B5A8CA6A7DF0}" = rport=138 | protocol=17 | dir=out | app=system | "{7798E688-0E22-4C25-A44A-CBCDFC39BFBA}" = lport=139 | protocol=6 | dir=in | app=system | "{8EBB66A6-2A09-4EB3-9DA4-1CCA555B816A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A429A748-836F-46D5-AAA8-EAED2EBF606B}" = lport=10243 | protocol=6 | dir=in | app=system | "{ADD4C295-ABC6-4B18-A66E-A744DD548014}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{B3D80425-630C-40CD-A2D9-30822DD1D714}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{B45FE358-5EBA-4409-821B-FD6EDEBFE7B8}" = rport=139 | protocol=6 | dir=out | app=system | "{B63B9BEE-4F9C-4053-9CB6-6E88A957E53B}" = rport=10243 | protocol=6 | dir=out | app=system | "{C0FCA909-BC2F-408D-9057-EE24C3A5CC52}" = rport=137 | protocol=17 | dir=out | app=system | "{CAD551C7-AC58-455E-8985-AF28874E5F0A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E32A4049-008D-4A10-A83D-56E6D51F7FAC}" = rport=445 | protocol=6 | dir=out | app=system | "{EB044424-D93A-4C87-9AD0-51BCFFB0AE7E}" = lport=137 | protocol=17 | dir=in | app=system | "{FE478ECE-E787-4D25-BD4D-79DCD6B9DAF9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07A6DE2C-7312-436C-B2F7-D23F72681FA8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{0E2F2044-91DC-4345-847C-BBDB6474E35E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe | "{14A1316A-E068-4DB0-B835-E01FA967ACAD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{37F0EE9B-7001-4524-9EEC-E1B9C5A6520A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{42E8E706-1AA3-4D44-976E-7C218A123DC6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe | "{4E7859A3-0530-4BAA-8E25-3792B0B41299}" = protocol=6 | dir=out | app=system | "{530384FD-36EA-499A-8CBD-163BAEBDC5B6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{53569943-1329-41DD-8E31-A3FC4CEB72FD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{56EA65B0-7126-4603-B138-0E82D13FBD05}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{59805486-EC34-4177-A1D2-9DCF0C2D47BD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{671C8297-ED6E-425F-9013-0817A15C968D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe | "{86A30952-B013-43A3-8CF2-86BBBF5D4D32}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe | "{8DD00905-898F-4A8B-A1BB-0C46580AD089}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{91A1025B-A907-4DFD-861D-7A232A2634AA}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe | "{92DB1887-7DE6-42AC-A877-33F3E0268ABB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9B8DFBD4-74AA-4C01-AFCF-7C797281CCAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9E8FD3AD-9116-4A3A-ACAD-58E76BA7BE74}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A4D0EB71-1408-4A98-AA82-327FD464E8D7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A7A58DE8-7288-49DD-8DC0-C92AFCF1A9FF}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe | "{AF34DAFF-0C81-4DD6-8977-51AB271D768D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{C10F6ACE-7AD9-4C3A-A03D-2E5704D5EA2F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe | "{D9B25932-FF37-4862-9C6A-7F9C24BD4088}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe | "{DC69DE05-60F6-4F65-ACD9-E2414BB5C4D3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{E16F167F-00E8-4ED5-AD5F-464DBD60E1B0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1" = AOMEI Partition Assistant Home Edition 5.1 "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables "{A2F8F3F6-5AE8-4BE7-AE0E-9FA930C8EE90}" = AVG 2014 "{C330C4F4-FD7C-4821-A210-F8058E1FB81C}" = AVG 2014 "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX "AVG" = AVG 2014 "Mozilla Firefox 31.0 (x86 pl)" = Mozilla Firefox 31.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Recuva" = Recuva "Usbfix" = UsbFix ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2014-07-25 03:33:37 | Computer Name = Adam-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Windows.old\Program Files\WIDCOMM\Bluetooth Software\AdminUtils.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-07-25 03:33:37 | Computer Name = Adam-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Windows.old\Program Files\WIDCOMM\Bluetooth Software\BtwHtmlPrint.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-07-25 03:33:37 | Computer Name = Adam-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Windows.old\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-07-25 03:33:37 | Computer Name = Adam-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Windows.old\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-07-25 03:33:37 | Computer Name = Adam-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Windows.old\Program Files\WIDCOMM\Bluetooth Software\btsendto_explorer.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-07-25 03:45:29 | Computer Name = Adam-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\AOMEI Partition Assistant Home Edition 5.1\MFC80U.DLL". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-07-25 03:45:30 | Computer Name = Adam-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\AOMEI Partition Assistant Home Edition 5.1\MFC80U.DLL". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-07-25 04:16:06 | Computer Name = Adam-Komputer | Source = EventSystem | ID = 4621 Description = Error - 2014-07-25 05:51:38 | Computer Name = Adam-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\AOMEI Partition Assistant Home Edition 5.1\MFC80U.DLL". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-07-25 05:51:38 | Computer Name = Adam-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\AOMEI Partition Assistant Home Edition 5.1\MFC80U.DLL". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. [ System Events ] Error - 2014-07-25 03:23:49 | Computer Name = Adam-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „ADAM-KOMPUTER :20” w interfejsie o adresie IP 192.168.0.102. Komputer o adresie IP 192.168.0.101 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2014-07-25 04:13:23 | Computer Name = Adam-Komputer | Source = Service Control Manager | ID = 7011 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi WSearch. Error - 2014-07-25 04:27:33 | Computer Name = Adam-Komputer | Source = DCOM | ID = 10010 Description = Error - 2014-07-25 05:29:28 | Computer Name = Adam-Komputer | Source = Microsoft-Windows-WHEA-Logger | ID = 18 Description = Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 256 Identyfikator procesora: 1 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error - 2014-07-25 05:29:28 | Computer Name = Adam-Komputer | Source = Microsoft-Windows-WHEA-Logger | ID = 18 Description = Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 10 Identyfikator procesora: 1 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error - 2014-07-25 05:31:06 | Computer Name = Adam-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2014-07-25 05:37:43 | Computer Name = Adam-Komputer | Source = Microsoft-Windows-WHEA-Logger | ID = 18 Description = Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 256 Identyfikator procesora: 1 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error - 2014-07-25 05:38:50 | Computer Name = Adam-Komputer | Source = Service Control Manager | ID = 7023 Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił następujący błąd: %%16405 Error - 2014-07-25 07:05:40 | Computer Name = Adam-Komputer | Source = Microsoft-Windows-WHEA-Logger | ID = 18 Description = Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 256 Identyfikator procesora: 1 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error - 2014-07-25 07:42:11 | Computer Name = Adam-Komputer | Source = Microsoft-Windows-WHEA-Logger | ID = 18 Description = Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 9 Identyfikator procesora: 1 Widok szczegółów tego wpisu zawiera dodatkowe informacje. < End of report > [/log] [log]OTL logfile created on: 2014-07-25 14:54:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Instalki\usuwanie wirusów Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,19 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 50,52% Memory free 6,37 Gb Paging File | 5,10 Gb Available in Paging File | 80,04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 48,08 Gb Total Space | 24,25 Gb Free Space | 50,44% Space Free | Partition Type: NTFS Drive D: | 194,37 Gb Total Space | 13,23 Gb Free Space | 6,81% Space Free | Partition Type: NTFS Drive E: | 47,00 Gb Total Space | 6,88 Gb Free Space | 14,63% Space Free | Partition Type: NTFS Drive F: | 8,63 Gb Total Space | 8,55 Gb Free Space | 99,08% Space Free | Partition Type: NTFS Drive G: | 200,00 Mb Total Space | 155,24 Mb Free Space | 77,62% Space Free | Partition Type: NTFS Drive H: | 68,36 Gb Total Space | 29,81 Gb Free Space | 43,61% Space Free | Partition Type: NTFS Drive I: | 195,31 Gb Total Space | 163,57 Gb Free Space | 83,75% Space Free | Partition Type: NTFS Drive J: | 158,14 Gb Total Space | 110,75 Gb Free Space | 70,03% Space Free | Partition Type: NTFS Drive K: | 29,00 Gb Total Space | 27,95 Gb Free Space | 96,41% Space Free | Partition Type: NTFS Computer Name: ADAM-KOMPUTER | User Name: Adam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014-07-25 11:48:39 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2014-07-17 23:07:40 | 001,665,536 | ---- | M] () -- C:\UsbFix\UsbFix.exe PRC - [2014-07-10 15:34:10 | 003,244,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe PRC - [2014-07-10 15:33:16 | 005,187,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe PRC - [2014-07-10 15:31:10 | 000,846,864 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2014\avgrsx.exe PRC - [2014-07-10 15:30:20 | 000,643,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe PRC - [2014-07-10 15:30:10 | 000,838,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe PRC - [2014-07-10 15:29:38 | 000,318,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcfgex.exe PRC - [2014-07-10 15:29:26 | 000,657,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe PRC - [2014-07-10 15:23:36 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe PRC - [2013-04-30 14:09:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Instalki\usuwanie wirusów\OTL 3.2.69.exe PRC - [2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe ========== Modules (No Company Name) ========== MOD - [2014-07-25 11:48:37 | 003,800,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2014-07-17 23:07:40 | 001,665,536 | ---- | M] () -- C:\UsbFix\UsbFix.exe ========== Services (SafeList) ========== SRV - [2014-07-25 11:48:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-07-25 10:30:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2014-07-10 15:34:10 | 003,244,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent) SRV - [2014-07-10 15:23:36 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2014-06-30 12:43:12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx) DRV - [2014-06-17 16:22:02 | 000,188,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2014-06-17 16:21:22 | 000,197,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2014-06-17 16:18:00 | 000,241,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx) DRV - [2014-06-17 16:17:58 | 000,147,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2014-06-17 16:06:40 | 000,199,960 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2014-06-17 16:06:24 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2014-06-17 16:06:22 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2014-06-17 16:06:20 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2011-12-26 15:27:22 | 000,012,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\ampa.sys -- (ampa) DRV - [2010-02-25 00:02:30 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBTTN.sys -- (HBtnKey) DRV - [2009-07-14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD) DRV - [2009-04-29 07:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2006-11-14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-07-25 11:46:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adam\AppData\Roaming\mozilla\Extensions [2014-07-25 11:55:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adam\AppData\Roaming\mozilla\Firefox\Profiles\5y2ysj9x.default\extensions [2014-07-25 11:48:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-07-25 11:48:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O4 - HKLM..\Run: [AutorunRemover.exe] C:\Program Files\AutorunRemover\AutorunRemover.exe -Hide File not found O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\RunOnce: [] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{920C6375-B36C-44BD-A181-642092245C87}: DhcpNameServer = 192.168.0.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014-07-25 14:31:56 | 000,000,000 | ---D | C] -- C:\UsbFix [2014-07-25 13:30:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT [2014-07-25 13:19:01 | 001,419,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wdfcoinstaller01005.dll [2014-07-25 13:19:01 | 000,015,872 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys [2014-07-25 13:18:55 | 001,885,488 | R--- | C] (Hewlett-Packard Company) -- C:\Windows\System32\BttnCmn.dll [2014-07-25 13:18:55 | 001,885,488 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\BttnCmns.dll [2014-07-25 13:18:55 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard [2014-07-25 13:18:53 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2014-07-25 13:17:12 | 000,000,000 | ---D | C] -- C:\Windows\QLB [2014-07-25 13:01:12 | 000,000,000 | ---D | C] -- C:\Windows\pss [2014-07-25 12:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva [2014-07-25 12:33:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2014-07-25 11:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014-07-25 11:46:45 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Mozilla [2014-07-25 11:46:45 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\Mozilla [2014-07-25 11:45:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2014-07-25 11:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2014-07-25 11:30:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat [2014-07-25 11:15:28 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2014-07-25 11:15:28 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2014-07-25 11:03:29 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2014-07-25 11:03:29 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2014-07-25 11:03:28 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2014-07-25 10:36:01 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2014-07-25 10:36:01 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2014-07-25 10:36:00 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014-07-25 10:35:59 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2014-07-25 10:35:59 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2014-07-25 10:35:59 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2014-07-25 10:35:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014-07-25 10:35:59 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2014-07-25 10:35:59 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2014-07-25 10:35:59 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2014-07-25 10:35:59 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2014-07-25 10:35:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2014-07-25 10:35:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2014-07-25 10:35:59 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2014-07-25 10:35:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2014-07-25 10:35:58 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2014-07-25 10:35:58 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2014-07-25 10:35:58 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2014-07-25 10:35:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2014-07-25 10:35:58 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2014-07-25 10:35:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2014-07-25 10:35:58 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2014-07-25 10:35:57 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014-07-25 10:35:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014-07-25 10:35:57 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014-07-25 10:35:57 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2014-07-25 10:35:57 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2014-07-25 10:35:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014-07-25 10:35:57 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2014-07-25 10:35:57 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2014-07-25 10:35:57 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2014-07-25 10:35:56 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014-07-25 10:35:56 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2014-07-25 10:35:56 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2014-07-25 10:35:56 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2014-07-25 10:35:56 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2014-07-25 10:35:56 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2014-07-25 10:35:10 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2014-07-25 10:35:10 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2014-07-25 10:35:10 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2014-07-25 10:35:09 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2014-07-25 10:35:09 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2014-07-25 10:35:09 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2014-07-25 10:35:08 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2014-07-25 10:35:08 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2014-07-25 10:35:08 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2014-07-25 10:33:59 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2014-07-25 10:24:05 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\AVG2014 [2014-07-25 10:23:24 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\TuneUp Software [2014-07-25 10:23:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2014-07-25 10:21:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014 [2014-07-25 10:20:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2014-07-25 10:19:48 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2014-07-25 10:19:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2014-07-25 10:19:46 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\MFAData [2014-07-25 10:19:46 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2014-07-25 10:19:46 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\Avg2014 [2014-07-25 10:15:01 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Macromedia [2014-07-25 10:14:55 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Adobe [2014-07-25 10:13:24 | 000,699,056 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014-07-25 10:13:24 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014-07-25 10:13:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2014-07-25 09:47:35 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys [2014-07-25 09:47:31 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2014-07-25 09:47:13 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll [2014-07-25 09:46:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2014-07-25 09:46:41 | 003,958,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2014-07-25 09:46:41 | 003,902,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2014-07-25 09:46:41 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2014-07-25 09:46:30 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll [2014-07-25 09:46:30 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2014-07-25 09:46:26 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2014-07-25 09:46:25 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2014-07-25 09:46:12 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2014-07-25 09:46:12 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2014-07-25 09:46:12 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2014-07-25 09:46:12 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax [2014-07-25 09:46:12 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax [2014-07-25 09:46:04 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2014-07-25 09:46:04 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2014-07-25 09:46:04 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2014-07-25 09:46:04 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe [2014-07-25 09:45:28 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll [2014-07-25 09:45:28 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll [2014-07-25 09:45:11 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2014-07-25 09:45:11 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2014-07-25 09:45:11 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2014-07-25 09:44:39 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2014-07-25 09:44:35 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2014-07-25 09:44:35 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2014-07-25 09:44:29 | 000,187,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2014-07-25 09:44:26 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2014-07-25 09:44:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2014-07-25 09:43:56 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe [2014-07-25 09:43:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2014-07-25 09:43:51 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2014-07-25 09:43:50 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll [2014-07-25 09:43:49 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2014-07-25 09:43:49 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2014-07-25 09:43:49 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2014-07-25 09:43:44 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2014-07-25 09:43:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Home Edition 5.1 [2014-07-25 09:43:19 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2014-07-25 09:43:19 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2014-07-25 09:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\AOMEI Partition Assistant Home Edition 5.1 [2014-07-25 09:43:00 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2014-07-25 09:42:55 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll [2014-07-25 09:42:54 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll [2014-07-25 09:42:49 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll [2014-07-25 09:42:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll [2014-07-25 09:42:49 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2014-07-25 09:42:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll [2014-07-25 09:42:49 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll [2014-07-25 09:42:46 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll [2014-07-25 09:42:46 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2014-07-25 09:42:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe [2014-07-25 09:42:41 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll [2014-07-25 09:42:21 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2014-07-25 09:42:19 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2014-07-25 09:42:18 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2014-07-25 09:42:18 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2014-07-25 09:42:17 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2014-07-25 09:42:17 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2014-07-25 09:42:17 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2014-07-25 09:42:12 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2014-07-25 09:42:12 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2014-07-25 09:41:58 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe [2014-07-25 09:41:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2014-07-25 09:36:23 | 000,000,000 | ---D | C] -- C:\Program Files\EaseUS [2014-07-25 09:35:04 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2014-07-25 09:35:04 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2014-07-25 09:35:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2014-07-25 09:35:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2014-07-25 09:35:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2014-07-25 09:35:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2014-07-25 09:35:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2014-07-25 09:35:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2014-07-25 09:35:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2014-07-25 09:35:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2014-07-25 09:35:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2014-07-25 09:35:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2014-07-25 09:35:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2014-07-25 09:35:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2014-07-25 09:35:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2014-07-25 09:26:43 | 000,231,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2014-07-25 09:26:20 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll [2014-07-25 04:18:19 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\ElevatedDiagnostics [2014-07-25 04:17:49 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2014-07-25 04:17:49 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2014-07-25 04:17:42 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2014-07-25 04:17:42 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2014-07-25 04:17:42 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2014-07-25 04:17:35 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2014-07-25 04:17:35 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2014-07-25 04:16:35 | 000,000,000 | R--D | C] -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2014-07-25 04:16:35 | 000,000,000 | R--D | C] -- C:\Users\Adam\Searches [2014-07-25 04:16:35 | 000,000,000 | R--D | C] -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2014-07-25 04:16:20 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Identities [2014-07-25 04:16:18 | 000,000,000 | R--D | C] -- C:\Users\Adam\Contacts [2014-07-25 04:16:11 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\VirtualStore [2014-07-25 04:16:09 | 000,000,000 | --SD | C] -- C:\Users\Adam\AppData\Roaming\Microsoft [2014-07-25 04:16:09 | 000,000,000 | R--D | C] -- C:\Users\Adam\Videos [2014-07-25 04:16:09 | 000,000,000 | R--D | C] -- C:\Users\Adam\Saved Games [2014-07-25 04:16:09 | 000,000,000 | R--D | C] -- C:\Users\Adam\Pictures [2014-07-25 04:16:09 | 000,000,000 | R--D | C] -- C:\Users\Adam\Music [2014-07-25 04:16:09 | 000,000,000 | R--D | C] -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2014-07-25 04:16:09 | 000,000,000 | R--D | C] -- C:\Users\Adam\Links [2014-07-25 04:16:09 | 000,000,000 | R--D | C] -- C:\Users\Adam\Favorites [2014-07-25 04:16:09 | 000,000,000 | R--D | C] -- C:\Users\Adam\Downloads [2014-07-25 04:16:09 | 000,000,000 | R--D | C] -- C:\Users\Adam\Documents [2014-07-25 04:16:09 | 000,000,000 | R--D | C] -- C:\Users\Adam\Desktop [2014-07-25 04:16:09 | 000,000,000 | R--D | C] -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\Ustawienia lokalne [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\AppData\Local\Temporary Internet Files [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\Szablony [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\SendTo [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\Recent [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\PrintHood [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\NetHood [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\Documents\Moje wideo [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\Documents\Moje obrazy [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\Moje dokumenty [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\Documents\Moja muzyka [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\Menu Start [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\AppData\Local\Historia [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\Dane aplikacji [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\AppData\Local\Dane aplikacji [2014-07-25 04:16:09 | 000,000,000 | -HSD | C] -- C:\Users\Adam\Cookies [2014-07-25 04:16:09 | 000,000,000 | -H-D | C] -- C:\Users\Adam\AppData [2014-07-25 04:16:09 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\Temp [2014-07-25 04:16:09 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\Microsoft [2014-07-25 04:16:09 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Media Center Programs [2014-07-25 04:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2014-07-25 04:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2014-07-25 04:15:53 | 000,000,000 | -HSD | C] -- C:\Recovery [2014-07-25 04:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2014-07-25 04:15:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2014-07-25 04:15:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2014-07-25 04:15:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2014-07-25 04:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2014-07-25 04:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2014-07-25 04:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2014-07-25 02:49:44 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2014-07-25 01:53:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2014-07-25 01:50:46 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2014-07-25 00:42:22 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW [2014-07-24 22:06:31 | 000,000,000 | -H-D | C] -- C:\$AVG [2014-06-30 12:43:12 | 000,121,624 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys ========== Files - Modified Within 30 Days ========== [2014-07-25 14:31:58 | 000,001,448 | ---- | M] () -- C:\Users\Adam\Desktop\UsbFix.lnk [2014-07-25 13:46:31 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-07-25 13:46:31 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-07-25 13:46:31 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-07-25 13:46:31 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-07-25 13:44:13 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-07-25 13:44:13 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-07-25 13:41:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-07-25 13:41:51 | 2566,066,176 | -HS- | M] () -- C:\hiberfil.sys [2014-07-25 12:37:23 | 000,001,795 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk [2014-07-25 11:45:36 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2014-07-25 11:37:31 | 000,265,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2014-07-25 10:36:01 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2014-07-25 10:36:01 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2014-07-25 10:36:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014-07-25 10:35:59 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2014-07-25 10:35:59 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2014-07-25 10:35:59 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2014-07-25 10:35:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014-07-25 10:35:59 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2014-07-25 10:35:59 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2014-07-25 10:35:59 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2014-07-25 10:35:59 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2014-07-25 10:35:59 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2014-07-25 10:35:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2014-07-25 10:35:59 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2014-07-25 10:35:59 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2014-07-25 10:35:58 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2014-07-25 10:35:58 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014-07-25 10:35:58 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2014-07-25 10:35:58 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2014-07-25 10:35:58 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2014-07-25 10:35:58 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2014-07-25 10:35:58 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2014-07-25 10:35:58 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2014-07-25 10:35:58 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2014-07-25 10:35:57 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014-07-25 10:35:57 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014-07-25 10:35:57 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2014-07-25 10:35:57 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2014-07-25 10:35:57 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014-07-25 10:35:57 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2014-07-25 10:35:57 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2014-07-25 10:35:57 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2014-07-25 10:35:56 | 001,810,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014-07-25 10:35:56 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2014-07-25 10:35:56 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2014-07-25 10:35:56 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2014-07-25 10:35:56 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2014-07-25 10:35:56 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2014-07-25 10:35:10 | 001,619,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2014-07-25 10:35:10 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2014-07-25 10:35:10 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2014-07-25 10:35:09 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2014-07-25 10:35:09 | 000,219,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2014-07-25 10:35:09 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2014-07-25 10:35:08 | 003,181,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2014-07-25 10:35:08 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2014-07-25 10:35:08 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2014-07-25 10:23:24 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk [2014-07-25 10:13:24 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014-07-25 10:13:24 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014-07-25 09:43:21 | 000,001,215 | ---- | M] () -- C:\Users\Public\Desktop\AOMEI Partition Assistant Home Edition 5.1.lnk [2014-07-25 02:49:31 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2014-07-25 01:54:37 | 000,064,519 | ---- | M] () -- C:\Windows\System32\license.rtf [2014-06-30 12:43:12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys ========== Files Created - No Company Name ========== [2014-07-25 14:31:58 | 000,001,448 | ---- | C] () -- C:\Users\Adam\Desktop\UsbFix.lnk [2014-07-25 12:37:23 | 000,001,795 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk [2014-07-25 11:45:36 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2014-07-25 10:35:58 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2014-07-25 10:23:24 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk [2014-07-25 09:43:21 | 000,001,215 | ---- | C] () -- C:\Users\Public\Desktop\AOMEI Partition Assistant Home Edition 5.1.lnk [2014-07-25 09:43:18 | 001,427,384 | ---- | C] () -- C:\Windows\ampa.exe [2014-07-25 09:43:18 | 000,012,728 | ---- | C] () -- C:\Windows\System32\ampa.sys [2014-07-25 04:16:37 | 000,001,421 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2014-07-25 01:54:27 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2014-07-25 01:54:18 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2014-07-25 01:50:28 | 2566,066,176 | -HS- | C] () -- C:\hiberfil.sys ========== ZeroAccess Check ========== [2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > [/log]
Zayfi komentarz 25 lipca 2014 komentarz 25 lipca 2014 Uruchom OTL. Urządzenia wymienne maja byc podpiete. W okno własne opcje skanowania skrypt wklej :Files G:\*.lnk H:\*.lnk G:\Recycled\INFO.EXE G:\RECYCLER\0xA25D5DBD.exe K:\RECYCLER\0xA25D5DBD.exe J:\RECYCLER\0xA25D5DBD.exe I:\*.lnk J:\*.lnk :Commands [emptytemp] Kliknij w Wykonaj skrypt. Po restarcie zrób nowy skan USBfix z opcji Listing i daj raport.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.