rlk120 utworzono 20 lutego 2010 utworzono 20 lutego 2010 Jak już pisałem w tym : http://www.forumpc.pl/index.php?showtopic=149566 temacie, coś (prawdopodobnie Kaspersky, ale może to też być wirus) blokuje mi po pewnym czasie pobieranie plików. Daję więc logi, które zrobiłem od razu, gdy wystąpił problem ze ściąganiem. Log z OTL : [log]OTL logfile created on: 2010-02-20 11:03:35 - Run 2 OTL by OldTimer - Version 3.1.30.1 Folder = C:\Documents and Settings\Łukasz\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): c:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 15,63 Gb Total Space | 4,72 Gb Free Space | 30,23% Space Free | Partition Type: NTFS Drive D: | 351,57 Gb Total Space | 86,75 Gb Free Space | 24,68% Space Free | Partition Type: NTFS Drive E: | 74,53 Gb Total Space | 12,53 Gb Free Space | 16,81% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: XXX Current User Name: Łukasz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-02-19 14:56:55 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe PRC - [2010-02-10 15:37:10 | 001,555,528 | ---- | M] (K2T.eu, Kaworu) -- D:\WTW\wtw.exe PRC - [2010-01-21 20:46:58 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Mozilla Firefox\firefox.exe PRC - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe PRC - [2009-10-03 17:44:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- D:\Java\jre6\bin\javaw.exe PRC - [2009-09-10 14:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2009-09-10 14:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2009-09-10 14:45:00 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-09-10 14:45:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2009-09-10 14:45:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2009-09-10 14:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2009-09-10 14:45:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2009-09-10 14:45:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2005-12-18 14:18:56 | 000,307,200 | ---- | M] (Team H2O) -- C:\Program Files\Syncrosoft\POS\H2O\cledx.exe PRC - [2004-08-28 19:27:04 | 000,295,424 | ---- | M] (http://autoconnect.prv.pl) -- C:\Program Files\AutoConnect\AutoConnect.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-02-19 14:56:55 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe MOD - [2009-09-10 14:45:00 | 008,490,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2009-09-10 14:45:00 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2009-09-10 14:45:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2009-09-10 14:45:00 | 001,020,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-09-10 14:45:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2009-09-10 14:45:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2009-09-10 14:45:00 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-09-10 14:45:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-09-10 14:45:00 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-09-10 14:45:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2009-09-10 14:45:00 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2009-09-10 14:45:00 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-09-10 14:45:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2009-09-10 14:45:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2009-09-10 14:45:00 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2009-09-10 14:45:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2009-09-10 14:45:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2009-09-10 14:45:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2009-09-10 14:45:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2009-09-10 14:45:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2009-09-10 14:45:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2009-09-10 14:45:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2009-09-10 14:45:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2009-09-10 14:45:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2009-09-10 14:45:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-09-10 14:45:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2009-09-10 14:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-11-06 09:20:16 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2009-10-12 13:55:54 | 000,072,704 | ---- | M] (Adobe Systems) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service) SRV - [2009-10-03 17:44:25 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] -- D:\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009-09-30 03:08:50 | 000,602,112 | ---- | M] (ATI Technologies Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2009-09-29 21:15:00 | 000,593,920 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart) SRV - [2009-09-06 12:38:06 | 000,071,096 | ---- | M] () [Disabled | Stopped] -- D:\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2003-08-18 10:37:10 | 000,303,104 | ---- | M] (Lexmark International, Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\LEXBCES.EXE -- (LexBceS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-02-18 18:54:41 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2009-10-16 12:27:26 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg) DRV - [2009-10-13 15:01:47 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-10-13 15:01:47 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-10-04 11:43:23 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32) DRV - [2009-09-30 05:18:22 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-09-28 20:57:28 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009-09-14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2009-09-10 14:45:00 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Si3132r5.sys -- (Si3132r5) DRV - [2009-09-10 14:45:00 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Si3531.sys -- (Si3531) DRV - [2009-09-10 14:45:00 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\Si3114r5.sys -- (Si3114r5) DRV - [2009-09-10 14:45:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3132.sys -- (Si3132) DRV - [2009-09-10 14:45:00 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3124.sys -- (Si3124) DRV - [2009-09-10 14:45:00 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112) DRV - [2009-09-10 14:45:00 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2009-09-10 14:45:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1) DRV - [2009-04-28 21:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2008-04-13 22:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2007-09-25 15:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\MediaCoder\SysInfo.sys -- (CrystalSysInfo) DRV - [2007-09-10 08:50:56 | 000,457,984 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302) DRV - [2007-02-07 15:50:32 | 000,118,552 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2007-02-07 15:50:14 | 000,056,088 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ELOADER) General Purpose USB Driver (adildr.sys) DRV - [2006-09-24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2005-06-20 21:08:44 | 002,324,480 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005-05-09 20:08:40 | 000,033,792 | ---- | M] (Team H2O) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX) DRV - [2005-04-26 12:22:28 | 000,060,928 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\viamraid.sys -- (viamraid) DRV - [2005-02-23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [1997-08-08 09:51:40 | 000,064,512 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel) DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1606980848-1500820517-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1606980848-1500820517-682003330-1003\S-1-5-21-1606980848-1500820517-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: D:\Mozilla Firefox\components [2010-02-07 21:15:09 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: D:\Mozilla Firefox\plugins [2010-01-21 20:47:09 | 000,000,000 | ---D | M] [2009-10-26 16:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Extensions [2009-10-26 16:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Extensions\MediaCoder [2010-02-19 15:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\x6gbjlrb.Lukasz\extensions [2010-02-16 18:44:41 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\x6gbjlrb.Lukasz\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} O1 HOSTS File: ([2009-09-10 14:45:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - D:\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKU\S-1-5-21-1606980848-1500820517-682003330-1003..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe (http://autoconnect.prv.pl) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe () O4 - Startup: C:\Documents and Settings\Łukasz\Menu Start\Programy\Autostart\Skrót do wtw.exe.lnk = D:\WTW\wtw.exe (K2T.eu, Kaworu) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1606980848-1500820517-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1606980848-1500820517-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 1 O8 - Extra context menu item: &Clean Traces - D:\DAP\Privacy Package\dapcleanerie.htm () O8 - Extra context menu item: &Download All by FlashGet - D:\FlashGet universal\ComDlls\Bhoall.htm () O8 - Extra context menu item: &Download by FlashGet - D:\FlashGet universal\ComDlls\Bholink.htm () O8 - Extra context menu item: &Download with &DAP - D:\DAP\dapextie.htm () O8 - Extra context menu item: &Pobierz wszystko przez FlashGet - D:\FlashGet universal\ComDlls\Bhoall.htm () O8 - Extra context menu item: &Pobrane przez FlashGet - D:\FlashGet universal\ComDlls\Bholink.htm () O8 - Extra context menu item: Download &all with DAP - D:\DAP\dapextie2.htm () O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2009-10-02 18:54:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-11-30 14:32:31 | 000,000,000 | ---D | M] - D:\AutoCAD R14 -- [ NTFS ] O32 - AutoRun File - [2009-09-15 12:41:01 | 000,000,000 | ---D | M] - D:\AutoTuneDX -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-02-19 16:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Sage ''Hardcore Dealin Department'' 2010 [2010-02-19 15:33:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Malpa-Kilka_Numerow_O_Czyms-Vinyl_Bonus_Tracks-PL-2010-211 [2010-02-19 14:56:48 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe [2010-02-18 18:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2010-02-18 18:45:38 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010-02-17 20:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\17 [2010-02-17 20:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files [2010-02-17 18:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ESET [2010-02-17 18:31:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-02-17 15:50:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Cream Software [2010-02-17 15:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\flankerds001 [2010-02-16 18:26:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\eMe-Autodestrukcja (2010) [2010-02-16 16:59:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ArcSoft [2010-02-16 16:58:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcSoft [2010-02-16 16:58:12 | 000,011,776 | ---- | C] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\afc.sys [2010-02-16 16:58:11 | 000,245,408 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll [2010-02-16 16:58:09 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\PCDLIB32.DLL [2010-02-16 16:56:44 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys [2010-02-16 16:56:44 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys [2010-02-16 16:56:32 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll [2010-02-16 16:56:32 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll [2010-02-16 16:56:24 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys [2010-02-16 16:55:18 | 000,048,128 | ---- | C] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\Remove.exe [2010-02-16 16:55:11 | 000,000,000 | ---D | C] -- C:\Program Files\Trust [2010-02-16 16:55:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\PixArt [2010-02-16 16:55:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PAC7302 [2010-02-16 16:54:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations [2010-02-16 15:04:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\VirtualFarm [2010-02-15 16:26:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Fokus_Pezet_Malolat_O.S.T.R.-Komplet_(Rap_Route)-CDM-PL-2010-WTF [2010-02-14 17:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\DonationCoder [2010-02-14 17:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DonationCoder [2010-02-14 17:15:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ProcessLasso [2010-02-14 17:14:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\ProcessExplorer [2010-02-12 18:52:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\XSxS [2010-02-12 18:52:52 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode [2010-02-12 18:52:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Xenocode [2010-02-12 11:42:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\.wtw [2010-02-12 08:53:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Jay-Z-The_Blueprint_3-2009-H3X [2010-02-11 09:51:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Nowy folder (2) [2010-02-10 15:44:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\zdjecia od cioci [2010-02-10 12:31:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\sample quiz [2010-02-06 21:00:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\H [2010-02-06 09:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Nowy folder [2010-02-05 20:40:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{580B8E22-2CB8-4C43-AE50-9338E581C6FA} [2010-02-05 20:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{F322C569-6416-428D-A2EA-A5D1C7073DE8} [2010-02-05 20:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{4275E5EA-6E30-48EB-A209-F964539CBE1C} [2010-02-05 19:59:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Native Instruments [2010-01-23 17:13:04 | 000,000,000 | ---D | C] -- C:\Mozilla [2010-01-23 16:51:21 | 000,073,728 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbkpwr.dll [2010-01-23 16:51:20 | 000,544,768 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXBKLSNT.EXE [2010-01-23 16:51:20 | 000,286,720 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXBKPMNT.DLL [2010-01-23 16:51:20 | 000,286,720 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbkcomm.dll [2010-01-23 16:51:20 | 000,217,088 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXBKLCNT.DLL [2010-01-23 16:51:20 | 000,201,216 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXP2P32.DLL [2010-01-23 16:51:20 | 000,174,592 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXPPS.EXE [2010-01-23 16:51:20 | 000,155,648 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXPING.EXE [2010-01-23 16:51:20 | 000,126,976 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXBKCFG.EXE [2010-01-23 16:51:20 | 000,069,632 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\LXBKCU.DLL [2010-01-23 16:51:19 | 000,303,104 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE [2010-01-23 16:51:19 | 000,196,096 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEX2KUSB.DLL [2010-01-23 16:51:19 | 000,192,512 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXLMPM.DLL [2010-01-23 16:51:19 | 000,147,456 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCE.DLL [2010-01-23 16:51:19 | 000,094,208 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\LXBKCUR.DLL [2010-01-23 16:50:47 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiafbdrv.dll [2010-01-23 16:50:47 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll [2010-01-23 16:50:43 | 000,983,101 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\LXBKGF.DLL [2010-01-23 16:50:43 | 000,352,256 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\LXBKUTIL.DLL [2010-01-23 16:50:43 | 000,069,632 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbkscin.dll [2010-01-23 16:50:43 | 000,057,344 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbkcinf.dll [2010-01-23 16:50:43 | 000,049,152 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbkcoin.dll [2010-01-23 16:50:40 | 000,454,656 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\LXBKJSWR.DLL [2010-01-23 16:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark X1100 Series [2010-01-23 16:50:22 | 000,000,000 | ---D | C] -- C:\Lxk1100 [2010-01-23 16:45:02 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys [2010-01-23 12:21:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Łukasz\Recent [2010-01-22 14:40:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\DSJ 2.1 [2009-10-02 18:57:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2009-10-02 18:57:37 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2009-10-02 18:54:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-10-02 18:54:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-02-20 10:38:54 | 000,339,330 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\podacccap.flp [2010-02-20 10:27:55 | 000,000,471 | ---- | M] () -- C:\WINDOWS\System32\Datei4 [2010-02-20 10:27:55 | 000,000,471 | ---- | M] () -- C:\WINDOWS\System32\Datei2 [2010-02-20 10:27:55 | 000,000,470 | ---- | M] () -- C:\WINDOWS\System32\Datei3 [2010-02-20 10:27:55 | 000,000,470 | ---- | M] () -- C:\WINDOWS\System32\Datei1 [2010-02-20 10:27:55 | 000,000,469 | ---- | M] () -- C:\WINDOWS\System32\Datei7 [2010-02-20 10:27:55 | 000,000,469 | ---- | M] () -- C:\WINDOWS\System32\Datei5 [2010-02-20 10:27:55 | 000,000,468 | ---- | M] () -- C:\WINDOWS\System32\Datei0 [2010-02-20 10:27:55 | 000,000,467 | ---- | M] () -- C:\WINDOWS\System32\Datei9 [2010-02-20 10:27:55 | 000,000,467 | ---- | M] () -- C:\WINDOWS\System32\Datei8 [2010-02-20 10:27:55 | 000,000,467 | ---- | M] () -- C:\WINDOWS\System32\Datei10 [2010-02-20 10:27:55 | 000,000,465 | ---- | M] () -- C:\WINDOWS\System32\Datei6 [2010-02-20 10:22:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-02-20 10:22:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-02-20 09:18:43 | 000,292,036 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\to musze dopracowac.flp [2010-02-20 09:13:03 | 010,114,256 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\The_Unseen_Trap_acca.mp3 [2010-02-19 18:52:05 | 000,000,060 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\listen.pls [2010-02-19 17:23:48 | 089,015,440 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\The_Unseen_Trap_acca.wav [2010-02-19 17:04:10 | 008,487,708 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\1 mixdown.mp3 [2010-02-19 15:56:06 | 000,598,585 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\to musze dopracowac.mp3 [2010-02-19 14:58:55 | 000,071,494 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\index2.php.htm [2010-02-19 14:58:40 | 000,060,603 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\index.php.htm [2010-02-19 14:56:55 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe [2010-02-19 14:56:51 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\RSIT.exe [2010-02-19 12:34:40 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Łukasz\ntuser.ini [2010-02-19 12:34:39 | 005,767,168 | -H-- | M] () -- C:\Documents and Settings\Łukasz\NTUSER.DAT [2010-02-19 12:34:38 | 001,573,864 | -H-- | M] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-02-18 19:38:42 | 000,598,585 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\mixdownjol.mp3 [2010-02-18 18:54:41 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010-02-18 18:46:09 | 000,108,059 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2010-02-18 18:46:09 | 000,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2010-02-18 15:15:45 | 005,286,416 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Shadowville.com 20- 20Once 20In 20A 20Lifetime.mp3 [2010-02-18 15:14:28 | 004,422,426 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Shadowville.com 20- 20Blow 20It 20Up.mp3 [2010-02-18 15:13:53 | 001,503,467 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\zgitarką.mp3 [2010-02-16 17:04:20 | 000,000,641 | ---- | M] () -- C:\WINDOWS\win.ini [2010-02-16 17:03:50 | 291,468,288 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Untitled_20100216_1.avi [2010-02-16 17:01:46 | 001,440,032 | ---- | M] () -- C:\PA7302.DAT [2010-02-16 16:58:11 | 000,000,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Video Impression 2.lnk [2010-02-16 16:25:56 | 007,437,232 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\KAITEU_-_PIETZ_LP_PROMOMIX.mp3 [2010-02-16 15:06:35 | 000,000,489 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Skrót do VirtualFarm.exe.lnk [2010-02-15 13:56:47 | 000,442,293 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\skolioza.pdf [2010-02-14 19:50:50 | 001,028,096 | ---- | M] () -- C:\WINDOWS\MULTIHACK.exe [2010-02-14 19:50:50 | 000,000,140 | ---- | M] () -- C:\WINDOWS\l33td.ini [2010-02-14 19:48:09 | 000,034,820 | ---- | M] () -- C:\WINDOWS\System\iexplore.exe [2010-02-14 19:48:09 | 000,017,920 | ---- | M] () -- C:\WINDOWS\System\smss.exe [2010-02-14 17:18:42 | 000,000,046 | ---- | M] () -- C:\WINDOWS\System32\DonationCoder_processtamer_InstallInfo.dat [2010-02-14 17:18:42 | 000,000,046 | ---- | M] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DonationCoder_processtamer_InstallInfo.dat [2010-02-13 09:23:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-02-12 16:08:22 | 000,000,408 | ---- | M] () -- C:\Documents and Settings\Łukasz\Menu Start\Programy\Autostart\Skrót do wtw.exe.lnk [2010-02-10 11:03:30 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-02-09 13:25:51 | 000,989,184 | ---- | M] () -- C:\WINDOWS\RESETTER 2.31.EXE [2010-02-09 13:25:51 | 000,352,256 | ---- | M] () -- C:\WINDOWS\THERMO.EXE [2010-02-05 14:43:21 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Skrót do H5_Game.exe.lnk [2010-01-30 12:18:20 | 000,000,583 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Skrót do JDownloader.exe.lnk [2010-01-23 17:13:37 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-01-23 17:13:37 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010-01-23 17:10:30 | 000,000,101 | ---- | M] () -- C:\WINDOWS\lexstat.ini [2010-01-23 12:35:27 | 000,000,634 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Counter Strike 1.6.lnk [2010-01-21 14:33:57 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Landwirtschafts-Simulator 2009.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-02-20 09:31:20 | 000,339,330 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\podacccap.flp [2010-02-20 09:12:40 | 010,114,256 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\The_Unseen_Trap_acca.mp3 [2010-02-19 18:50:21 | 000,000,060 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\listen.pls [2010-02-19 17:05:25 | 089,015,440 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\The_Unseen_Trap_acca.wav [2010-02-19 15:55:50 | 000,598,585 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\to musze dopracowac.mp3 [2010-02-19 14:58:55 | 000,071,494 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\index2.php.htm [2010-02-19 14:58:40 | 000,060,603 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\index.php.htm [2010-02-19 14:56:38 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\RSIT.exe [2010-02-18 19:38:28 | 000,598,585 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\mixdownjol.mp3 [2010-02-18 18:46:09 | 000,108,059 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2010-02-18 18:46:09 | 000,095,259 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2010-02-18 17:13:28 | 000,292,036 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\to musze dopracowac.flp [2010-02-18 15:14:16 | 008,487,708 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\1 mixdown.mp3 [2010-02-18 15:13:46 | 005,286,416 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Shadowville.com 20- 20Once 20In 20A 20Lifetime.mp3 [2010-02-18 15:13:19 | 001,503,467 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\zgitarką.mp3 [2010-02-18 15:13:00 | 004,422,426 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Shadowville.com 20- 20Blow 20It 20Up.mp3 [2010-02-16 17:03:29 | 291,468,288 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Untitled_20100216_1.avi [2010-02-16 17:01:02 | 001,440,032 | ---- | C] () -- C:\PA7302.DAT [2010-02-16 16:58:11 | 000,000,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Video Impression 2.lnk [2010-02-16 16:55:17 | 000,000,800 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini [2010-02-16 16:23:38 | 007,437,232 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\KAITEU_-_PIETZ_LP_PROMOMIX.mp3 [2010-02-16 15:06:35 | 000,000,489 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Skrót do VirtualFarm.exe.lnk [2010-02-15 13:56:47 | 000,442,293 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\skolioza.pdf [2010-02-14 19:48:09 | 001,028,096 | ---- | C] () -- C:\WINDOWS\MULTIHACK.exe [2010-02-14 19:48:09 | 000,034,820 | ---- | C] () -- C:\WINDOWS\System\iexplore.exe [2010-02-14 19:48:09 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System\smss.exe [2010-02-14 19:34:27 | 000,000,140 | ---- | C] () -- C:\WINDOWS\l33td.ini [2010-02-14 17:18:42 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_processtamer_InstallInfo.dat [2010-02-14 17:18:42 | 000,000,046 | ---- | C] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DonationCoder_processtamer_InstallInfo.dat [2010-02-12 16:08:22 | 000,000,408 | ---- | C] () -- C:\Documents and Settings\Łukasz\Menu Start\Programy\Autostart\Skrót do wtw.exe.lnk [2010-02-09 13:21:10 | 000,989,184 | ---- | C] () -- C:\WINDOWS\RESETTER 2.31.EXE [2010-02-09 13:21:10 | 000,352,256 | ---- | C] () -- C:\WINDOWS\THERMO.EXE [2010-02-05 14:43:21 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Skrót do H5_Game.exe.lnk [2010-01-30 10:49:03 | 000,000,583 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Skrót do JDownloader.exe.lnk [2010-01-23 17:10:30 | 000,000,101 | ---- | C] () -- C:\WINDOWS\lexstat.ini [2010-01-23 16:51:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll [2010-01-23 16:51:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\LXBKIH.EXE [2010-01-23 16:51:20 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL [2010-01-23 16:51:20 | 000,000,448 | ---- | C] () -- C:\WINDOWS\System32\LXBK.LOC [2010-01-23 16:51:19 | 001,325,626 | ---- | C] () -- C:\WINDOWS\System32\LXBKLPA.HLP [2010-01-23 16:51:19 | 000,503,262 | ---- | C] () -- C:\WINDOWS\System32\LXBKDRV.HLP [2010-01-23 16:51:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE [2010-01-23 16:51:19 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\LXBKDRV.CNT [2010-01-23 16:51:19 | 000,002,321 | ---- | C] () -- C:\WINDOWS\System32\LXBKLPA.CNT [2010-01-23 16:51:19 | 000,000,282 | ---- | C] () -- C:\WINDOWS\System32\LXBKMA.CNT [2010-01-23 16:50:43 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini [2010-01-23 12:35:27 | 000,000,634 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Counter Strike 1.6.lnk [2010-01-21 14:33:57 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Landwirtschafts-Simulator 2009.lnk [2009-12-05 12:11:07 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-11-28 15:26:00 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2009-11-22 13:47:50 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI [2009-11-16 15:35:04 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS [2009-11-16 15:35:04 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\SNTI386.DLL [2009-11-16 15:35:04 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL [2009-11-16 15:35:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MTSTACK.INI [2009-11-09 16:18:43 | 000,000,251 | ---- | C] () -- C:\WINDOWS\w32dasm8.ini [2009-11-01 19:18:35 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-10-10 13:06:52 | 000,000,169 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2009-10-10 13:06:52 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2009-10-10 13:06:46 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2009-10-10 13:06:46 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL [2009-10-06 16:09:35 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-10-06 16:09:32 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-10-04 11:43:23 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys [2009-10-03 13:03:33 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-10-02 19:42:39 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-10-02 19:42:39 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009-10-02 19:42:38 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-10-02 19:42:38 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-10-02 19:42:37 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-10-02 19:42:37 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-10-02 19:35:12 | 000,047,616 | ---- | C] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-02 19:21:50 | 000,174,744 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-10-02 19:08:26 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini [2009-10-02 19:08:23 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2009-10-02 19:04:40 | 000,000,990 | ---- | C] () -- C:\WINDOWS\adiras.ini [2008-10-07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2007-03-20 16:44:02 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.ini [1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2010-02-18 14:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2009-11-10 15:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2009-10-03 12:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited [2009-10-03 12:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-02-14 17:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DonationCoder [2010-02-13 09:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Easy CD-DA Extractor [2009-10-03 19:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EDIROL [2010-02-17 18:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2009-11-17 16:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Farm Frenzy [2009-11-22 11:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-10-21 16:48:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Propellerhead Software [2009-11-29 11:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit [2009-11-18 14:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Spore [2010-02-12 18:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-10-02 19:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl [2010-02-16 15:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VirtualFarm [2010-02-05 20:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{4275E5EA-6E30-48EB-A209-F964539CBE1C} [2010-02-05 20:40:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{580B8E22-2CB8-4C43-AE50-9338E581C6FA} [2010-02-05 20:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{F322C569-6416-428D-A2EA-A5D1C7073DE8} [2010-02-12 11:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\.wtw [2009-11-27 17:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Any Video Converter [2009-10-27 17:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Autodesk [2010-02-17 21:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\BITS [2009-10-26 16:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Broad Intelligence [2009-10-03 12:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Canneverbe_Limited [2010-02-17 15:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Cream Software [2009-10-03 13:03:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\DAEMON Tools Lite [2009-10-05 20:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\DAEMON Tools Pro [2009-10-07 16:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Dev-Cpp [2010-02-14 17:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\DonationCoder [2010-02-17 18:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ESET [2009-12-05 09:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\EurekaLog [2009-10-02 20:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Flatcast [2009-11-22 10:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Gadu-Gadu 10 [2009-10-25 16:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\GIANTS Editor 0.3.0 [2009-11-04 16:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Notepad++ [2009-11-22 10:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\OpenFM [2009-10-07 13:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\OpenOffice.org [2009-10-30 19:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Opera [2010-02-14 17:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ProcessLasso [2009-10-21 16:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Propellerhead Software [2009-11-13 16:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Spore [2009-10-03 13:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Steinberg [2009-12-09 16:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Thinstall [2010-02-08 14:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Tlen.pl [2010-02-15 17:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\uTorrent [2009-10-12 16:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Vso [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 169 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DD4DD9B9 @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4 @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:8CE646EE @Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A9662AE0 < End of report > [/log] Log z RSIT (info.txt) [log]info.txt logfile of random's system information tool 1.06 2010-02-20 11:05:50 ======Uninstall list====== -->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Audition 3.0-->msiexec /I {53C141BA-4F9E-43FB-B4F9-0C01BB716FA8} Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1 Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf ALLPlayer V3.X-->"D:\ALLPlayer\unins000.exe" AoA Audio Extractor-->"D:\AoA Audio Extractor\unins000.exe" ArcSoft VideoImpression 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{244E21B9-164C-4EC1-AED8-9BD64161E66D}\Setup.exe" -l0x9 ASIO4ALL-->D:\ASIO4ALL v2\uninstall.exe ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean AutoCAD R14.0-->C:\WINDOWS\unin0415.exe -f"D:\AutoCAD R14\DeIsL2.isu" AutoConnect v0.1.2.5-->C:\Program Files\AutoConnect\uninst.exe BPM Beats per Minute Detector-->"D:\BPM Beats per Minute Detector\unins000.exe" CDBurnerXP-->"D:\CDBurnerXP\unins000.exe" CoffeeCup GIF Animator-->D:\GIFANI~1\UNWISE.EXE D:\GIFANI~1\GAinst.LOG Counter-Strike 1.6 V35-->D:\Counter-Strike 1.6 V35\Uninstal.exe Download Accelerator Plus (DAP)-->D:\DAP\DAPREMOVE.EXE EVEREST Home Edition v2.20-->"D:\EVEREST Home Edition\unins000.exe" FL Studio 9-->D:\FL Studio 9\uninstall.exe FlashGet 2.0-->D:\FlashGet universal\uninst.exe Flatcast Viewer Plugin 5.0.356-->"C:\WINDOWS\unins000.exe" Gadu-Gadu 10-->D:\Gadu-Gadu 10\Uninstall.exe GIANTS Editor 4.1.2-->"D:\GIANTS_Editor_4.1.2\unins000.exe" Gothic III-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}\setup.exe" -l0x15 -removeonly Hardcore-->C:\Program Files\Image-Line\Hardcore\uninstall.exe Heroes of Might & Magic V: Kuźnia Przeznaczenia-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACC75323-DB4A-4F7F-9AF2-1D1DEFF2D0B4}\Setup.exe" -l0x15 Heroes of Might and Magic V-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DE075DB-4218-4B2C-A35E-48D80BA680BB}\Setup.exe" -l0x15 HijackThis 2.0.2-->"D:\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF} Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA} Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA} K-Lite Codec Pack 5.1.0 (Full)-->"D:\K-Lite Codec Pack\unins000.exe" Komunikator WTW-->D:\WTW\wtw-uninst.exe Landwirtschafts-Simulator 2009-->"D:\Landwirtschafts-Simulator 2009\unins000.exe" Lexmark X1100 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series MediaCoder 0.7.2.4528-->D:\MediaCoder\uninst.exe Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK-->MsiExec.exe /I{2AFF2951-86B1-3C53-B34D-B440F11E7D0A} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK-->MsiExec.exe /I{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - plk-->MsiExec.exe /I{9EFDFBA8-9174-3C61-8645-28376C5CA994} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} MixMeister BPM Analyzer 1.0-->"D:\MixMeister BPM Analyzer\unins000.exe" Mozilla Firefox (3.6)-->D:\Mozilla Firefox\uninstall\helper.exe MP3 Player Recovery Tool-->"C:\Program Files\Creative\MP3 Player Recovery Tool\unins000.exe" MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE} Narzędzie Software Uninstall Utility firmy ATI-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe Native Instruments Komplete 6-->C:\Documents and Settings\All Users\Dane aplikacji\{580B8E22-2CB8-4C43-AE50-9338E581C6FA}\Komplete 6 Setup PC.exe NVIDIA PhysX-->MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477CD655043} OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U OpenOffice.org 3.1-->MsiExec.exe /I{9E35B051-C7EE-47CB-BA43-9A7FFD4E61DE} Orchestral VST-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{77832A71-8657-46D1-89BC-630243926C9A}\setup.exe" MAINTENANCE_XXX Pajączek 5 NxG PRO - Deinstalacja-->"D:\Pajaczek 5 NxG\unins000.exe" Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - plk\setup.exe PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe Radeon Omega Drivers v4.8.442 Setup Files and Tools-->"C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe" "/U:D:\Radeon Omega Drivers\v4.8.442\Omega Uninstall.xml" Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x15 -removeonly reFX Nexus VSTi RTAS v2.2.0-->"D:\VstPlugins\Uninstall Nexus\unins000.exe" Restorator 2009-->"D:\Restorator 2009\unins000.exe" Rob Papen Albino 3-->D:\VstPlugins\UninstalAlbino3.exe Rob Papen Predator V1.1 b-->"D:\VstPlugins\unins000.exe" SAGEM F@st 800-840-->C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe -runfromtemp -l0x0015 -removeonly Sawer-->C:\Program Files\Image-Line\Sawer\uninstall.exe SpeedFan (remove only)-->"D:\SpeedFan\uninstall.exe" Steinberg Hypersonic 2-->D:\VstPlugins\Hypersonic\unins000.exe Super Farmer-->D:\Virtual Farm\Uninstall.exe SyncroSoft Emu (Remove only)-->C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe Syncrosoft's License Control-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe Truck Racing by Renault Trucks-->D:\Truck_Racing_By_Renault_Trucks\uninst.exe Trust WB-3420N HIRS Webcam Live-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A48D9360-5B9C-415D-AF3B-BB691138F463} /l1033 Unlocker 1.8.8-->D:\Unlocker\uninst.exe Velaya - Historia wojowniczki-->D:\Gothic2ZlotaEdycja\Velaya_PL-uninst.exe Virtual DJ - Atomix Productions-->D:\VIRTUA~1\UNWISE.EXE D:\VIRTUA~1\INSTALL.LOG VSO Image Resizer 1.0.7-->"D:\Image Resizer\unins000.exe" WapSter AQQ-->D:\WapSter AQQ\uninstall.exe Winamp-->"D:\Winamp\UninstWA.exe" ======System event log====== Computer Name: XXX Event Code: 7001 Message: Usługa Sentinel zależy od usługi Parport, której nie można uruchomić z powodu następującego błędu: Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. Record Number: 11467 Source Name: Service Control Manager Time Written: 20100118115738.000000+060 Event Type: błąd User: Computer Name: XXX Event Code: 7000 Message: Nie można uruchomić usługi General Purpose USB Driver (adildr.sys) z powodu następującego błędu: Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. Record Number: 11466 Source Name: Service Control Manager Time Written: 20100118115738.000000+060 Event Type: błąd User: Computer Name: XXX Event Code: 6005 Message: Uruchomiono usługę Dziennik zdarzeń. Record Number: 11465 Source Name: EventLog Time Written: 20100118115724.000000+060 Event Type: informacje User: Computer Name: XXX Event Code: 6009 Message: Microsoft (R) Windows (R) 5.01. 2600 Dodatek Service Pack 3 Uniprocessor Free. Record Number: 11464 Source Name: EventLog Time Written: 20100118115724.000000+060 Event Type: informacje User: Computer Name: XXX Event Code: 6006 Message: Zatrzymano usługę Dziennik zdarzeń. Record Number: 11463 Source Name: EventLog Time Written: 20100118071356.000000+060 Event Type: informacje User: =====Application event log===== Computer Name: XXX Event Code: 8193 Message: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x80040206. Record Number: 207 Source Name: VSS Time Written: 20091013144848.000000+120 Event Type: błąd User: Computer Name: XXX Event Code: 4609 Message: Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył zły kod powrotu. HRESULT to 80070422 z w wierszu 44 z d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błąd. Record Number: 206 Source Name: EventSystem Time Written: 20091013144848.000000+120 Event Type: błąd User: Computer Name: XXX Event Code: 1800 Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona. Record Number: 205 Source Name: SecurityCenter Time Written: 20091013070520.000000+120 Event Type: informacje User: Computer Name: XXX Event Code: 8193 Message: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x80040206. Record Number: 204 Source Name: VSS Time Written: 20091013070518.000000+120 Event Type: błąd User: Computer Name: XXX Event Code: 4609 Message: Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył zły kod powrotu. HRESULT to 80070422 z w wierszu 44 z d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błąd. Record Number: 203 Source Name: EventSystem Time Written: 20091013070518.000000+120 Event Type: błąd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 55 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=3702 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- [/log] Oraz log.txt [log]Logfile of random's system information tool 1.06 (written by random/random) Run by Łukasz at 2010-02-20 11:06:03 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 5 GB (30%) free of 16 GB Total RAM: 1535 MB (58% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:06:04, on 2010-02-20 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe D:\WTW\wtw.exe D:\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe D:\Java\jre6\bin\javaw.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Łukasz\Pulpit\RSIT.exe D:\Trend Micro\HijackThis\Łukasz.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - D:\FlashGet universal\ComDlls\bhoCATCH.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Skrót do wtw.exe.lnk = D:\WTW\wtw.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O8 - Extra context menu item: &Clean Traces - D:\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download All by FlashGet - D:\FlashGet universal\ComDlls\Bhoall.htm O8 - Extra context menu item: &Download by FlashGet - D:\FlashGet universal\ComDlls\Bholink.htm O8 - Extra context menu item: &Download with &DAP - D:\DAP\dapextie.htm O8 - Extra context menu item: &Pobierz wszystko przez FlashGet - D:\FlashGet universal\ComDlls\Bhoall.htm O8 - Extra context menu item: &Pobrane przez FlashGet - D:\FlashGet universal\ComDlls\Bholink.htm O8 - Extra context menu item: Download &all with DAP - D:\DAP\dapextie2.htm O9 - Extra button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O13 - Gopher Prefix: O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- End of file - 4523 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}] FG2CatchUrl - D:\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - D:\Java\jre6\bin\jp2ssv.dll [2009-10-03 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - D:\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-03 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-09-10 15360] "AutoConnect"=C:\Program Files\AutoConnect\AutoConnect.exe [2004-08-28 295424] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 "idsvc"=3 "JavaQuickStarterService"=2 "Adobe LM Service"=3 "ATI Smart"=2 "Ati HotKey Poller"=2 "C-DillaCdaC11BA"=2 "Autodesk Licensing Service"=3 "NMSAccessU"=2 "LexBceS"=3 C:\Documents and Settings\All Users\Menu Start\Programy\Autostart DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Documents and Settings\Łukasz\Menu Start\Programy\Autostart Skrót do wtw.exe.lnk - D:\WTW\wtw.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2009-09-30 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2009-10-20 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2009-09-10 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveTypeAutoRun"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\Tlen.pl\tlen.exe"="D:\Tlen.pl\tlen.exe:*:Enabled:Komunikator Tlen.pl" "D:\uTorrent\uTorrent.exe"="D:\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "D:\FlashGet universal\FlashGet.exe"="D:\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2" "D:\FlashGet universal\LiveUpdate.exe"="D:\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate" "D:\FlashGet universal\LiveUpdateEx.exe"="D:\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2010-02-20 11:05:48 ----D---- C:\rsit 2010-02-18 18:45:44 ----D---- C:\Program Files\Kaspersky Lab 2010-02-18 18:34:53 ----A---- C:\WINDOWS\ntbtlog.txt 2010-02-17 20:37:49 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2010-02-17 18:32:23 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\ESET 2010-02-17 18:31:47 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\ESET 2010-02-17 15:50:15 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\Cream Software 2010-02-16 16:59:49 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\ArcSoft 2010-02-16 16:58:14 ----D---- C:\Program Files\Common Files\ArcSoft 2010-02-16 16:58:11 ----RA---- C:\WINDOWS\system32\unicows.dll 2010-02-16 16:58:09 ----A---- C:\WINDOWS\PCDLIB32.DLL 2010-02-16 16:56:32 ----A---- C:\WINDOWS\system32\vfwwdm32.dll 2010-02-16 16:55:18 ----A---- C:\WINDOWS\system32\Remove.exe 2010-02-16 16:55:17 ----A---- C:\WINDOWS\system32\Remover.ini 2010-02-16 16:55:11 ----D---- C:\WINDOWS\PixArt 2010-02-16 16:55:11 ----D---- C:\Program Files\Trust 2010-02-16 16:55:11 ----D---- C:\Program Files\Common Files\PAC7302 2010-02-16 16:54:59 ----D---- C:\WINDOWS\Downloaded Installations 2010-02-16 15:04:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\VirtualFarm 2010-02-14 19:48:09 ----A---- C:\WINDOWS\MULTIHACK.exe 2010-02-14 19:34:27 ----A---- C:\WINDOWS\l33td.ini 2010-02-14 17:18:42 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\DonationCoder 2010-02-14 17:17:49 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\DonationCoder 2010-02-14 17:15:39 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\ProcessLasso 2010-02-12 18:52:52 ----D---- C:\WINDOWS\XSxS 2010-02-12 18:52:52 ----D---- C:\Program Files\Xenocode 2010-02-12 11:42:42 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\.wtw 2010-02-09 13:21:10 ----A---- C:\WINDOWS\THERMO.EXE 2010-02-09 13:21:10 ----A---- C:\WINDOWS\RESETTER 2.31.EXE 2010-02-05 20:40:47 ----HDC---- C:\Documents and Settings\All Users\Dane aplikacji\{580B8E22-2CB8-4C43-AE50-9338E581C6FA} 2010-02-05 20:40:44 ----DC---- C:\Documents and Settings\All Users\Dane aplikacji\{F322C569-6416-428D-A2EA-A5D1C7073DE8} 2010-02-05 20:39:26 ----DC---- C:\Documents and Settings\All Users\Dane aplikacji\{4275E5EA-6E30-48EB-A209-F964539CBE1C} 2010-02-05 19:59:01 ----D---- C:\Program Files\Common Files\Native Instruments 2010-01-23 17:13:04 ----D---- C:\Mozilla 2010-01-23 17:10:30 ----A---- C:\WINDOWS\lexstat.ini 2010-01-23 16:51:21 ----A---- C:\WINDOWS\system32\lxbkvs.dll 2010-01-23 16:51:21 ----A---- C:\WINDOWS\system32\lxbkpwr.dll 2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKPMNT.DLL 2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKLSNT.EXE 2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKLCNT.DLL 2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKLCNP.DLL 2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKIH.EXE 2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKCU.DLL 2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\lxbkcomm.dll 2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKCFG.EXE 2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LEXPPS.EXE 2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LEXPING.EXE 2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LEXP2P32.DLL 2010-01-23 16:51:19 ----A---- C:\WINDOWS\system32\LXBKCUR.DLL 2010-01-23 16:51:19 ----A---- C:\WINDOWS\system32\LEXLMPM.DLL 2010-01-23 16:51:19 ----A---- C:\WINDOWS\system32\LEXBCES.EXE 2010-01-23 16:51:19 ----A---- C:\WINDOWS\system32\LEXBCE.DLL 2010-01-23 16:51:19 ----A---- C:\WINDOWS\system32\LEX2KUSB.DLL 2010-01-23 16:51:19 ----A---- C:\WINDOWS\system32\INSTMON.EXE 2010-01-23 16:50:47 ----A---- C:\WINDOWS\system32\wiafbdrv.dll 2010-01-23 16:50:43 ----A---- C:\WINDOWS\system32\LXBKUTIL.DLL 2010-01-23 16:50:43 ----A---- C:\WINDOWS\system32\lxbkscin.dll 2010-01-23 16:50:43 ----A---- C:\WINDOWS\system32\LXBKGF.DLL 2010-01-23 16:50:43 ----A---- C:\WINDOWS\system32\lxbkcoin.ini 2010-01-23 16:50:43 ----A---- C:\WINDOWS\system32\lxbkcoin.dll 2010-01-23 16:50:43 ----A---- C:\WINDOWS\system32\lxbkcinf.dll 2010-01-23 16:50:40 ----D---- C:\Program Files\Lexmark X1100 Series 2010-01-23 16:50:40 ----A---- C:\WINDOWS\system32\LXBKJSWR.DLL 2010-01-23 16:50:22 ----D---- C:\Lxk1100 ======List of files/folders modified in the last 1 months====== 2010-02-20 11:02:46 ----D---- C:\WINDOWS\Temp 2010-02-20 10:23:23 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2010-02-20 10:23:13 ----D---- C:\Program Files\AutoConnect 2010-02-19 20:35:08 ----D---- C:\WINDOWS\system32\drivers 2010-02-19 16:57:39 ----D---- C:\WINDOWS\system32 2010-02-19 16:13:21 ----D---- C:\WINDOWS 2010-02-19 16:13:07 ----D---- C:\WINDOWS\system 2010-02-19 12:34:42 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-02-18 18:57:41 ----D---- C:\WINDOWS\pss 2010-02-18 18:46:12 ----SHD---- C:\WINDOWS\Installer 2010-02-18 18:46:05 ----HD---- C:\WINDOWS\inf 2010-02-18 18:45:44 ----RD---- C:\Program Files 2010-02-18 18:45:41 ----D---- C:\WINDOWS\system32\CatRoot2 2010-02-18 14:35:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper 2010-02-17 21:23:34 ----D---- C:\WINDOWS\system32\CatRoot 2010-02-17 21:20:52 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\BITS 2010-02-16 17:04:20 ----A---- C:\WINDOWS\win.ini 2010-02-16 16:58:14 ----D---- C:\Program Files\Common Files 2010-02-16 16:58:07 ----HD---- C:\Program Files\InstallShield Installation Information 2010-02-16 16:56:49 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-02-16 16:55:11 ----D---- C:\WINDOWS\twain_32 2010-02-16 16:54:55 ----D---- C:\Program Files\Common Files\InstallShield 2010-02-15 17:55:19 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\uTorrent 2010-02-14 19:48:10 ----SD---- C:\WINDOWS\system32\Microsoft 2010-02-13 09:41:05 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Easy CD-DA Extractor 2010-02-12 18:49:44 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2010-02-12 12:30:12 ----D---- C:\WINDOWS\WinSxS 2010-02-08 14:52:56 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\Tlen.pl 2010-01-23 17:13:37 ----SH---- C:\boot.ini 2010-01-23 17:13:37 ----A---- C:\WINDOWS\system.ini 2010-01-23 17:09:24 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-01-23 12:21:31 ----D---- C:\WINDOWS\Minidump ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys [] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-02-18 315408] R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys [] R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-10-13 281760] R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-10-13 25888] R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2007-02-07 118552] R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-30 3565056] R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272] R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-09-10 30208] R3 usbhub;Standardowy sterownik koncentratora USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2009-09-10 59520] R3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2009-09-10 20608] S2 ELOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2007-02-07 56088] S2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [1997-08-08 64512] S3 awgtszd1;awgtszd1; C:\WINDOWS\system32\drivers\awgtszd1.sys [] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384] S3 CrystalSysInfo;CrystalSysInfo; \??\D:\MediaCoder\SysInfo.sys [] S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112] S3 PAC7302;Trust WB-3420N HIRS Webcam Live; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-09-10 457984] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880] S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976] S3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2009-09-10 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-09-10 38528] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-09-10 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Sterownik filtru Przywracania systemu; C:\WINDOWS\system32\DRIVERS\sr.sys [2009-09-10 73472] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-09-10 14336] S2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2009-09-10 14336] S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-10-12 72704] S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-09-30 602112] S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-09-29 593920] S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S4 JavaQuickStarterService;Java Quick Starter; D:\Java\jre6\bin\jqs.exe [2009-10-03 153376] S4 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 NMSAccessU;NMSAccessU; D:\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096] S4 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] -----------------EOF----------------- [/log] Proszę o pomoc.
Mateusz J. komentarz 21 lutego 2010 komentarz 21 lutego 2010 Log czysty. Jak coś spróbuj całkowicie wyłączyć wszelki oprogramowanie chroniące komputer, Kaspersky, zapora itd.
rlk120 komentarz 21 lutego 2010 Autor komentarz 21 lutego 2010 No muszę powiedzieć, że dziś przeprowadziłem gruntowny skan kasprem i bardzo możliwe, że połączenie blokowały 4 trojanki siedzące sobie na dysku
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.