TA STRONA UŻYWA COOKIE. Dowiedz się więcej o celu ich używania i zmianie ustawień cookie w przeglądarce. Korzystając ze strony wyrażasz zgodę na używanie cookie, zgodnie z aktualnymi ustawieniami przeglądarki.
Od dnia 25.05.2018 r. na terenie Unii Europejskiej wchodzi w życie Rozporządzenie Parlamentu Europejskiego w sprawie ochrony danych osobowych. Prosimy o zapoznanie się z polityką prywatności oraz regulaminem serwisu  [X]

Nowy system i już coś jest nie tak

Logi, zabezpieczenie komputera, danych. Programy antywirusowe antyspyware, firewall itp.
Regulamin forum
1. Każdy temat powinien odzwierciedlać treść wątku.
2. W przypadku wklejania logów; należy je wykonać od razu przynajmniej z dwóch narzędzi: FRST oraz z GMER
3. Wszelkie logi proszę publikować na przeznaczonych do tego stronach a w poście wklejać tylko link.
4. Nie wskazane jest skracanie logów, należy wkleić cały - od początku, do końca.
5. Nie wskazane jest podczepianie się do tematów innych użytkowników - proszę założyć nowy temat w dziale Bezpieczeństwo, ułatwi to pomoc sprawdzającemu.
6. Osoby nie posiadające odpowiedniej wiedzy, nie powinny sprawdzać logów, ponieważ grozi to poważnym uszkodzeniem systemu lub aplikacji zainstalowanych na komputerze.
7. Należy dokładnie opisać problem, występujące objawy oraz wszelkie podjęte działania.
8. Każdy skrypt jest unikatowy, napisany dla każdego przypadku z osobna, więc nie może być stosowany przez innych.
9. W przypadku zamieszczenia zrzutu ekranu (screenshot'a) proszę korzystać z zewnętrznego serwisu oferującego hosting zdjęć.
Wyślij odpowiedź

Nowy system i już coś jest nie tak

Postprzez Pangia » 30 Paź 2013, 20:51

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.2; pl; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3

Zainstalowałem Win XP Pro 64bit i ledwo co sterownik do karty sieciowej wrzuciłem i już coś się sypie. Avast nie daje się zainstalować, pod koniec instalacji po prostu komputer się resetuje. GMER to samo, przy włączaniu od razu reset kompa. Logi wyjątkowo w poście, bo są dość krótkie.
Kod: Zaznacz wszystko
OTL logfile created on: 2013-10-30 19:45:33 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator\Desktop
64bit-Windows Server 2003  Service Pack 1 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 6.0.3790.1830)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd
 
4,00 Gb Total Physical Memory | 3,57 Gb Available Physical Memory | 89,39% Memory free
5,74 Gb Paging File | 5,58 Gb Available in Paging File | 97,14% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,00 Gb Total Space | 95,03 Gb Free Space | 95,03% Space Free | Partition Type: NTFS
Drive D: | 831,50 Gb Total Space | 831,42 Gb Free Space | 99,99% Space Free | Partition Type: NTFS
Drive F: | 29,29 Gb Total Space | 2,93 Gb Free Space | 9,99% Space Free | Partition Type: NTFS
Drive G: | 119,75 Gb Total Space | 39,03 Gb Free Space | 32,60% Space Free | Partition Type: NTFS
 
Computer Name: TW-IDIEVV4LD1AA | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-10-30 19:37:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2005-03-25 13:00:00 | 000,109,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2005-03-25 13:00:00 | 000,077,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc)
SRV - [2005-03-25 13:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\wdfmgr.exe -- (UMWdf)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2005-03-25 13:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysWow64\mnmdd.dll -- (mnmdd)
DRV - [2005-03-25 13:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\WINDOWS\SysWow64\winsock.dll -- (Winsock)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
 
 
 
 
IE - HKU\S-1-5-21-2452306259-2199117723-3649595322-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {af79f858-4b25-4ca4-822b-b5db1be628fc}:0.3.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.19.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.4.5
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.7
FF - prefs.js..extensions.enabledItems: [email protected]:5.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.89
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.2.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}:6.0.43
FF - prefs.js..extensions.enabledItems: [email protected]:0.6.20100415
FF - user.js - File not found
 
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-10-30 19:07:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-10-30 19:07:37 | 000,000,000 | ---D | M]
 
[2013-10-30 18:31:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2013-10-30 19:07:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\extensions
[2013-10-30 19:07:19 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2013-10-30 19:07:24 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2013-10-30 19:07:24 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2013-10-30 19:07:24 | 000,000,000 | ---D | M] (BBCodeXtra) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\extensions\{af79f858-4b25-4ca4-822b-b5db1be628fc}
[2013-10-30 19:07:24 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2013-10-30 19:07:25 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2013-10-30 19:07:18 | 000,000,000 | ---D | M] (Youtube MP3 Converter) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\extensions\[email protected]
[2013-10-30 19:07:18 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\extensions\[email protected]
[2013-10-30 19:07:18 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\extensions\[email protected]
[2013-10-30 19:07:19 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\extensions\[email protected]
[2013-10-30 19:07:19 | 000,000,000 | ---D | M] (NASA Night Launch) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\extensions\[email protected]
[2011-09-15 15:55:26 | 000,002,075 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\swl0zlrz.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml
[2013-10-30 19:07:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013-10-30 19:07:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}
[2012-06-28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010-04-01 19:33:12 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010-04-01 19:33:12 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-04-01 19:33:12 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-04-01 19:33:12 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-04-01 19:33:12 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-04-01 19:33:12 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
Hosts file not found
O3:[b]64bit:[/b] - HKU\S-1-5-21-2452306259-2199117723-3649595322-500\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O4:[b]64bit:[/b] - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2452306259-2199117723-3649595322-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - %SystemRoot%\system32\mswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - %SystemRoot%\system32\mswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - %SystemRoot%\system32\mswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - %SystemRoot%\system32\mswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - %SystemRoot%\system32\mswsock.dll File not found
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.231.1.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50FFE9EF-7DB3-4B17-9932-CF4AB26F7161}: DhcpNameServer = 217.172.224.160 89.231.1.206
O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
O18:[b]64bit:[/b] - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -  File not found
O20:[b]64bit:[/b] - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) -  File not found
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) -  File not found
O20 - HKLM Winlogon: UserInit - (userinit) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\cscdll: DllName - (cscdll.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) -  File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) -  File not found
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) -  File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) -  File not found
O21:[b]64bit:[/b] - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:[b]64bit:[/b] - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:[b]64bit:[/b] - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %SystemRoot%\system32\webcheck.dll File not found
O22:[b]64bit:[/b] - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
O22:[b]64bit:[/b] - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-10-30 17:50:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-02-06 12:08:07 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-10-30 19:44:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2013-10-30 19:37:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013-10-30 19:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-10-30 19:21:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013-10-30 19:19:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013-10-30 19:08:21 | 085,444,160 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Administrator\Desktop\avast_free_antivirus_setup.exe
[2013-10-30 19:06:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-10-30 19:05:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Pobieranie
[2013-10-30 18:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
[2013-10-30 18:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
[2013-10-30 18:29:42 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013-10-30 18:28:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\WinRAR
[2013-10-30 18:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2013-10-30 18:09:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ODBC
[2013-10-30 18:09:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Installer
[2013-10-30 18:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2013-10-30 18:09:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeechEngines
[2013-10-30 18:09:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Shared
[2013-10-30 18:09:26 | 000,000,000 | R--D | C] -- C:\Program Files
[2013-10-30 18:09:26 | 000,000,000 | R--D | C] -- C:\Program Files (x86)
[2013-10-30 18:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2013-10-30 18:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2013-10-30 18:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2013-10-30 18:09:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files
[2013-10-30 18:09:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdtuq.dll
[2013-10-30 18:09:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdtuf.dll
[2013-10-30 18:09:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdaze.dll
[2013-10-30 18:09:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbduzb.dll
[2013-10-30 18:09:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdur.dll
[2013-10-30 18:09:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdtat.dll
[2013-10-30 18:09:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdmon.dll
[2013-10-30 18:09:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdkyr.dll
[2013-10-30 18:09:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdkaz.dll
[2013-10-30 18:09:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdazel.dll
[2013-10-30 18:09:24 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdhept.dll
[2013-10-30 18:09:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdhela3.dll
[2013-10-30 18:09:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdhela2.dll
[2013-10-30 18:09:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdgkl.dll
[2013-10-30 18:09:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdru1.dll
[2013-10-30 18:09:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdlv1.dll
[2013-10-30 18:09:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdlv.dll
[2013-10-30 18:09:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdhe319.dll
[2013-10-30 18:09:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdhe220.dll
[2013-10-30 18:09:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdhe.dll
[2013-10-30 18:09:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdest.dll
[2013-10-30 18:09:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdycc.dll
[2013-10-30 18:09:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdru.dll
[2013-10-30 18:09:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdlt1.dll
[2013-10-30 18:09:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdlt.dll
[2013-10-30 18:09:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdbu.dll
[2013-10-30 18:09:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdblr.dll
[2013-10-30 18:09:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdcz2.dll
[2013-10-30 18:09:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdcz.dll
[2013-10-30 18:09:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdycl.dll
[2013-10-30 18:09:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdsl1.dll
[2013-10-30 18:09:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdsl.dll
[2013-10-30 18:09:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdpl1.dll
[2013-10-30 18:09:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdpl.dll
[2013-10-30 18:09:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdhu.dll
[2013-10-30 18:09:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdcz1.dll
[2013-10-30 18:09:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdcr.dll
[2013-10-30 18:09:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDAL.DLL
[2013-10-30 18:09:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdro.dll
[2013-10-30 18:09:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdhu1.dll
[2013-10-30 18:09:14 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
[2013-10-30 18:09:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2013-10-30 18:09:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2013-10-30 18:09:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2013-10-30 18:09:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2013-10-30 18:09:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2013-10-30 18:09:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2013-10-30 18:08:48 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2013-10-30 18:08:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2013-10-30 18:08:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2013-10-30 18:03:56 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013-10-30 18:00:42 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2013-10-30 18:00:42 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2013-10-30 18:00:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\wbem
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\usmt
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWOW64
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\mui
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent64
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\InstallShield
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime (x86)
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\ias
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\export
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Drivers
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\3076
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\2052
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1054
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1042
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1041
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1037
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1033
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1031
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1028
[2013-10-30 18:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1025
[2013-10-30 17:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2013-10-30 17:54:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2013-10-30 17:54:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2013-10-30 17:54:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2013-10-30 17:54:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2013-10-30 17:54:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Cookies
[2013-10-30 17:54:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2013-10-30 17:54:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data
[2013-10-30 17:54:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2013-10-30 17:54:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2013-10-30 17:54:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents
[2013-10-30 17:54:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Favorites
[2013-10-30 17:54:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2013-10-30 17:54:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Templates
[2013-10-30 17:54:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2013-10-30 17:54:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood
[2013-10-30 17:54:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2013-10-30 17:54:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop
[2013-10-30 17:54:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013-10-30 17:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013-10-30 17:54:14 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2013-10-30 17:54:14 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2013-10-30 17:54:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2013-10-30 17:54:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2013-10-30 17:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\system
[2013-10-30 17:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\speechengines
[2013-10-30 17:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\microsoft shared
[2013-10-30 17:50:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\inetsrv
[2013-10-30 17:50:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\ime
[2013-10-30 17:50:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2013-10-30 17:50:06 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2013-10-30 17:49:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ils.dll
[2013-10-30 17:49:36 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msconf.dll
[2013-10-30 17:49:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mnmdd.dll
[2013-10-30 17:49:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nmmkcert.dll
[2013-10-30 17:49:36 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\isrdbg32.dll
[2013-10-30 17:49:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nmevtmsg.dll
[2013-10-30 17:49:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetMeeting
[2013-10-30 17:49:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2013-10-30 17:49:31 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013-10-30 17:49:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Macromed
[2013-10-30 17:49:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2013-10-30 17:49:08 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2013-10-30 17:49:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuaucpl.cpl
[2013-10-30 17:49:08 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuweb.dll
[2013-10-30 17:49:08 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2013-10-30 17:49:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups2.dll
[2013-10-30 17:49:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qmgrprxy.dll
[2013-10-30 17:49:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bitsprx2.dll
[2013-10-30 17:49:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bitsprx3.dll
[2013-10-30 17:49:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie Maker
[2013-10-30 17:48:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Services
[2013-10-30 17:48:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2013-10-30 17:48:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2013-10-30 17:48:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outlook Express
[2013-10-30 17:48:36 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstask.dll
[2013-10-30 17:48:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstinit.exe
[2013-10-30 17:48:36 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2013-10-30 17:48:35 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcfg.dll
[2013-10-30 17:48:35 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\isign32.dll
[2013-10-30 17:48:35 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\icwdial.dll
[2013-10-30 17:48:35 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\icwphbk.dll
[2013-10-30 17:48:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\icfgnt5.dll
[2013-10-30 17:48:35 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2013-10-30 17:48:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\System
[2013-10-30 17:48:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2013-10-30 17:48:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Explorer
[2013-10-30 17:48:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2013-10-30 17:48:23 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2013-10-30 17:48:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2013-10-30 17:48:09 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2013-10-30 17:48:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2013-10-30 17:47:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2013-10-30 17:47:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Player
[2013-10-30 17:47:44 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2013-10-30 17:47:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\write.exe
[2013-10-30 17:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Gaming Zone
[2013-10-30 17:47:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows NT
[2013-10-30 17:47:31 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\accwiz.exe
[2013-10-30 17:47:31 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\access.cpl
[2013-10-30 17:47:27 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winchat.exe
[2013-10-30 17:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2013-10-30 17:47:25 | 000,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspaint.exe
[2013-10-30 17:47:19 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\getuname.dll
[2013-10-30 17:47:19 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clipbrd.exe
[2013-10-30 17:47:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\charmap.exe
[2013-10-30 17:47:17 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\calc.exe
[2013-10-30 17:47:16 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spider.exe
[2013-10-30 17:47:16 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmine.exe
[2013-10-30 17:47:16 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sol.exe
[2013-10-30 17:47:15 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshearts.exe
[2013-10-30 17:47:15 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\freecell.exe
[2013-10-30 17:47:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN
[2013-10-30 17:46:59 | 000,753,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2013-10-30 17:46:59 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qwinsta.exe
[2013-10-30 17:46:59 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qprocess.exe
[2013-10-30 17:46:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qappsrv.exe
[2013-10-30 17:46:59 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2013-10-30 17:46:56 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comuid.dll
[2013-10-30 17:46:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comadmin.dll
[2013-10-30 17:46:56 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comsnap.dll
[2013-10-30 17:46:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxlegih.dll
[2013-10-30 17:46:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxdm.dll
[2013-10-30 17:46:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxex.dll
[2013-10-30 17:46:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Com
[2013-10-30 17:46:55 | 001,248,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comsvcs.dll
[2013-10-30 17:46:55 | 000,622,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\catsrvut.dll
[2013-10-30 17:46:55 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\catsrv.dll
[2013-10-30 17:46:55 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clbcatex.dll
[2013-10-30 17:46:55 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\stclient.dll
[2013-10-30 17:46:55 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\colbact.dll
[2013-10-30 17:46:55 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comaddin.dll
[2013-10-30 17:46:55 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\catsrvps.dll
[2013-10-30 17:46:50 | 000,466,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcprx.dll
[2013-10-30 17:46:50 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcuiu.dll
[2013-10-30 17:46:50 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxoci.dll
[2013-10-30 17:46:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xolehlp.dll
[2013-10-30 17:46:47 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\servdeps.dll
[2013-10-30 17:46:46 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmfutil.dll
[2013-10-30 17:46:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-10-30 19:44:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-10-30 19:42:39 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt
[2013-10-30 19:42:27 | 000,000,213 | -HS- | M] () -- C:\boot.ini
[2013-10-30 19:38:57 | 000,368,554 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2013-10-30 19:37:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013-10-30 19:31:34 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to CCleaner64.exe.lnk
[2013-10-30 19:19:12 | 085,444,160 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Administrator\Desktop\avast_free_antivirus_setup.exe
[2013-10-30 18:31:05 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2013-10-30 18:25:02 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-10-30 17:54:27 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-10-30 17:54:27 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013-10-30 17:50:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013-10-30 17:50:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013-10-30 17:50:41 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013-10-30 17:50:41 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013-10-30 17:50:38 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013-10-30 17:50:38 | 000,023,392 | ---- | M] () -- C:\WINDOWS\SysWow64\nscompat.tlb
[2013-10-30 17:50:38 | 000,016,832 | ---- | M] () -- C:\WINDOWS\SysWow64\amcompat.tlb
[2013-10-30 17:50:33 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-10-30 19:38:58 | 000,368,554 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2013-10-30 19:31:34 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to CCleaner64.exe.lnk
[2013-10-30 19:28:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\config.nt
[2013-10-30 18:31:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2013-10-30 18:25:01 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-10-30 18:09:31 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013-10-30 18:07:50 | 000,000,213 | -HS- | C] () -- C:\boot.ini
[2013-10-30 17:54:27 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013-10-30 17:54:26 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
[2013-10-30 17:54:25 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-10-30 17:54:25 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer (32-bit).lnk
[2013-10-30 17:54:25 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013-10-30 17:54:21 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
[2013-10-30 17:54:21 | 000,000,822 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
[2013-10-30 17:53:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013-10-30 17:50:41 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013-10-30 17:50:41 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013-10-30 17:50:41 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2013-10-30 17:50:41 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2013-10-30 17:50:38 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013-10-30 17:50:38 | 000,023,392 | ---- | C] () -- C:\WINDOWS\SysWow64\nscompat.tlb
[2013-10-30 17:50:38 | 000,016,832 | ---- | C] () -- C:\WINDOWS\SysWow64\amcompat.tlb
[2013-10-30 17:49:24 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2013-10-30 17:48:53 | 000,144,128 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013-10-30 17:48:53 | 000,144,128 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013-10-30 17:48:21 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2013-10-30 17:47:44 | 000,002,040 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2013-10-30 17:47:20 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2013-10-30 17:47:20 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2013-10-30 17:47:20 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2013-10-30 17:47:20 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2013-10-30 17:47:20 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2013-10-30 17:47:20 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2013-10-30 17:47:20 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2013-10-30 17:47:20 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2013-10-30 17:47:20 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013-10-30 17:47:19 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2013-10-30 17:47:19 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = %SystemRoot%\system32\shdocvw.dll
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\SysWOW64\shdocvw.dll -- [2005-03-25 13:00:00 | 001,502,720 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\system32\wbem\fastprox.dll
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\SysWOW64\wbem\fastprox.dll -- [2005-03-25 13:00:00 | 000,482,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\system32\wbem\wbemess.dll
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-10-30 19:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >


Kod: Zaznacz wszystko
OTL Extras logfile created on: 2013-10-30 19:45:33 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator\Desktop
64bit-Windows Server 2003  Service Pack 1 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 6.0.3790.1830)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd
 
4,00 Gb Total Physical Memory | 3,57 Gb Available Physical Memory | 89,39% Memory free
5,74 Gb Paging File | 5,58 Gb Available in Paging File | 97,14% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,00 Gb Total Space | 95,03 Gb Free Space | 95,03% Space Free | Partition Type: NTFS
Drive D: | 831,50 Gb Total Space | 831,42 Gb Free Space | 99,99% Space Free | Partition Type: NTFS
Drive F: | 29,29 Gb Total Space | 2,93 Gb Free Space | 9,99% Space Free | Partition Type: NTFS
Drive G: | 119,75 Gb Total Space | 39,03 Gb Free Space | 32,60% Space Free | Partition Type: NTFS
 
Computer Name: TW-IDIEVV4LD1AA | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
.vbe [@ = VBEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.vbs [@ = VBSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.wsf [@ = WSFFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.wsh [@ = WSHFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-2452306259-2199117723-3649595322-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1"
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CCleaner" = CCleaner
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"WinRAR archiver" = Archiwizator WinRAR
 
< End of report >
Pangia
Przyjaciel forum
Przyjaciel forum
 
Posty: 781
Dołączenie: 27 Wrz 2009, 11:16
Pochwały: 10
Góra

Re: Nowy system i już coś jest nie tak

Postprzez mateo8898 » 30 Paź 2013, 23:26

PostUA: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0

Z tego co widzę to masz Windows Server 2003, a nie XP.
Awatar użytkownika
mateo8898
Moderator
Moderator
 
Posty: 15377
Dołączenie: 15 Maj 2009, 14:55
Pochwały: 966
Góra

Re: Nowy system i już coś jest nie tak

Postprzez Pangia » 30 Paź 2013, 23:32

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.2; pl; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3

Hm, rzeczywiście tak pokazuje. Dziwne zwłaszcza, że wszystkie sterowniki pobierałem pod XP 64bit (choć nie wiem, czy tu akurat nie ma kompatybilności, wydaje mi się, że gdzieś taką informację przeczytałem), na starcie pokazuje XP Pro 64bit (w sumie to żaden dowód, bo na drugim dysku mam XP Pro 32bit, a pokazuje, że to zwykły XP), ale już w zakładce System jest napisane, że to XP Pro 64bit. Tak czy siak dałem sobie radę z problemem - jak zwykle najpierw mówię, potem robię, to znaczy: po zainstalowaniu .NET Framework 4.0, Windows Imaging Component (bez tego .NET nie chciał się zainstalować) i Service Packa 2 wszystko poszło jak należy.
Kurde, 5 godzin już nad tym siedzę :P
No, ale jak już dałem logi, to czyste chociaż? Mam nadzieję, że nie przywiałem sobie czegoś na kompa przy pobieraniu wszystkich sterowników.
Pangia
Przyjaciel forum
Przyjaciel forum
 
Posty: 781
Dołączenie: 27 Wrz 2009, 11:16
Pochwały: 10
Góra

Re: Nowy system i już coś jest nie tak

Postprzez mateo8898 » 30 Paź 2013, 23:35

PostUA: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0

Logi czyste.

Windows Server 2003 jest oparty na XP, stąd może Ci się wyświetlać XP 64-bit.
Awatar użytkownika
mateo8898
Moderator
Moderator
 
Posty: 15377
Dołączenie: 15 Maj 2009, 14:55
Pochwały: 966
Góra

Re: Nowy system i już coś jest nie tak

Postprzez Pangia » 30 Paź 2013, 23:44

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.2; pl; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3

mati8898 napisał(a):Windows Server 2003 jest oparty na XP, stąd może Ci się wyświetlać XP 64-bit.

A nie odwrotnie? Nie, żebym był jakimś nerdem, ale w sumie na Wikipedii (zarówno polskiej, jak i angielskiej) piszą, że XP jest oparty na Server 2k3.
Ale jak się okaże, że znowu połowa programów będzie nie działać, to chyba się pochlastam.
Pangia
Przyjaciel forum
Przyjaciel forum
 
Posty: 781
Dołączenie: 27 Wrz 2009, 11:16
Pochwały: 10
Góra

Re: Nowy system i już coś jest nie tak

Postprzez mateo8898 » 30 Paź 2013, 23:55

PostUA: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0

Na Wikipedii tu -> http://pl.wikipedia.org/wiki/Windows_Server_2003 znów jest napisane, że to Server jest oparty na XP, więc czort wie, zresztą i tak nie ma to znaczenia.
Awatar użytkownika
mateo8898
Moderator
Moderator
 
Posty: 15377
Dołączenie: 15 Maj 2009, 14:55
Pochwały: 966
Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Zarejestrowani użytkownicy: Brak zarejestrowanych użytkowników

Switch to mobile style
Technologię dostarcza phpBB® Forum Software © phpBB Group
Profesjonalne polskie tłumaczenie phpBB3
Korzystanie z forum oznacza akceptację polityki prywatności