x-kom hosting

Wirus blokuje ściąganie ?

rlk120
utworzono
utworzono

Jak już pisałem w tym : http://www.forumpc.pl/index.php?showtopic=149566 temacie, coś (prawdopodobnie Kaspersky, ale może to też być wirus) blokuje mi po pewnym czasie pobieranie plików.

Daję więc logi, które zrobiłem od razu, gdy wystąpił problem ze ściąganiem.

Log z OTL :
[log]OTL logfile created on: 2010-02-20 11:03:35 - Run 2
OTL by OldTimer - Version 3.1.30.1 Folder = C:\Documents and Settings\Łukasz\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15,63 Gb Total Space | 4,72 Gb Free Space | 30,23% Space Free | Partition Type: NTFS
Drive D: | 351,57 Gb Total Space | 86,75 Gb Free Space | 24,68% Space Free | Partition Type: NTFS
Drive E: | 74,53 Gb Total Space | 12,53 Gb Free Space | 16,81% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XXX
Current User Name: Łukasz
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-02-19 14:56:55 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe
PRC - [2010-02-10 15:37:10 | 001,555,528 | ---- | M] (K2T.eu, Kaworu) -- D:\WTW\wtw.exe
PRC - [2010-01-21 20:46:58 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Mozilla Firefox\firefox.exe
PRC - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
PRC - [2009-10-03 17:44:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- D:\Java\jre6\bin\javaw.exe
PRC - [2009-09-10 14:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009-09-10 14:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2009-09-10 14:45:00 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-09-10 14:45:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2009-09-10 14:45:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2009-09-10 14:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2009-09-10 14:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2009-09-10 14:45:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2009-09-10 14:45:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2005-12-18 14:18:56 | 000,307,200 | ---- | M] (Team H2O) -- C:\Program Files\Syncrosoft\POS\H2O\cledx.exe
PRC - [2004-08-28 19:27:04 | 000,295,424 | ---- | M] (http://autoconnect.prv.pl) -- C:\Program Files\AutoConnect\AutoConnect.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-02-19 14:56:55 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe
MOD - [2009-09-10 14:45:00 | 008,490,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2009-09-10 14:45:00 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2009-09-10 14:45:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2009-09-10 14:45:00 | 001,020,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-09-10 14:45:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2009-09-10 14:45:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2009-09-10 14:45:00 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2009-09-10 14:45:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-09-10 14:45:00 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-09-10 14:45:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2009-09-10 14:45:00 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2009-09-10 14:45:00 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-09-10 14:45:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2009-09-10 14:45:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2009-09-10 14:45:00 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2009-09-10 14:45:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2009-09-10 14:45:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2009-09-10 14:45:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2009-09-10 14:45:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2009-09-10 14:45:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2009-09-10 14:45:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2009-09-10 14:45:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2009-09-10 14:45:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2009-09-10 14:45:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2009-09-10 14:45:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-09-10 14:45:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2009-09-10 14:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-11-06 09:20:16 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2009-10-12 13:55:54 | 000,072,704 | ---- | M] (Adobe Systems) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2009-10-03 17:44:25 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] -- D:\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-09-30 03:08:50 | 000,602,112 | ---- | M] (ATI Technologies Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009-09-29 21:15:00 | 000,593,920 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2009-09-06 12:38:06 | 000,071,096 | ---- | M] () [Disabled | Stopped] -- D:\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2003-08-18 10:37:10 | 000,303,104 | ---- | M] (Lexmark International, Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\LEXBCES.EXE -- (LexBceS)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-02-18 18:54:41 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009-10-16 12:27:26 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009-10-13 15:01:47 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-10-13 15:01:47 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-10-04 11:43:23 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2009-09-30 05:18:22 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-09-28 20:57:28 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-09-14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009-09-10 14:45:00 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Si3132r5.sys -- (Si3132r5)
DRV - [2009-09-10 14:45:00 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Si3531.sys -- (Si3531)
DRV - [2009-09-10 14:45:00 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\Si3114r5.sys -- (Si3114r5)
DRV - [2009-09-10 14:45:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3132.sys -- (Si3132)
DRV - [2009-09-10 14:45:00 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3124.sys -- (Si3124)
DRV - [2009-09-10 14:45:00 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112)
DRV - [2009-09-10 14:45:00 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2009-09-10 14:45:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009-04-28 21:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008-04-13 22:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2007-09-25 15:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007-09-10 08:50:56 | 000,457,984 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2007-02-07 15:50:32 | 000,118,552 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw)
DRV - [2007-02-07 15:50:14 | 000,056,088 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ELOADER) General Purpose USB Driver (adildr.sys)
DRV - [2006-09-24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2005-06-20 21:08:44 | 002,324,480 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-05-09 20:08:40 | 000,033,792 | ---- | M] (Team H2O) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX)
DRV - [2005-04-26 12:22:28 | 000,060,928 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\viamraid.sys -- (viamraid)
DRV - [2005-02-23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [1997-08-08 09:51:40 | 000,064,512 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank






IE - HKU\S-1-5-21-1606980848-1500820517-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1606980848-1500820517-682003330-1003\S-1-5-21-1606980848-1500820517-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: D:\Mozilla Firefox\components [2010-02-07 21:15:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: D:\Mozilla Firefox\plugins [2010-01-21 20:47:09 | 000,000,000 | ---D | M]

[2009-10-26 16:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Extensions
[2009-10-26 16:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Extensions\MediaCoder
[2010-02-19 15:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\x6gbjlrb.Lukasz\extensions
[2010-02-16 18:44:41 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\x6gbjlrb.Lukasz\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

O1 HOSTS File: ([2009-09-10 14:45:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - D:\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKU\S-1-5-21-1606980848-1500820517-682003330-1003..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe (http://autoconnect.prv.pl)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()
O4 - Startup: C:\Documents and Settings\Łukasz\Menu Start\Programy\Autostart\Skrót do wtw.exe.lnk = D:\WTW\wtw.exe (K2T.eu, Kaworu)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1606980848-1500820517-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1606980848-1500820517-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 1
O8 - Extra context menu item: &Clean Traces - D:\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download All by FlashGet - D:\FlashGet universal\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Download by FlashGet - D:\FlashGet universal\ComDlls\Bholink.htm ()
O8 - Extra context menu item: &Download with &DAP - D:\DAP\dapextie.htm ()
O8 - Extra context menu item: &Pobierz wszystko przez FlashGet - D:\FlashGet universal\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Pobrane przez FlashGet - D:\FlashGet universal\ComDlls\Bholink.htm ()
O8 - Extra context menu item: Download &all with DAP - D:\DAP\dapextie2.htm ()
O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009-10-02 18:54:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-11-30 14:32:31 | 000,000,000 | ---D | M] - D:\AutoCAD R14 -- [ NTFS ]
O32 - AutoRun File - [2009-09-15 12:41:01 | 000,000,000 | ---D | M] - D:\AutoTuneDX -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-02-19 16:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Sage ''Hardcore Dealin Department'' 2010
[2010-02-19 15:33:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Malpa-Kilka_Numerow_O_Czyms-Vinyl_Bonus_Tracks-PL-2010-211
[2010-02-19 14:56:48 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe
[2010-02-18 18:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010-02-18 18:45:38 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-02-17 20:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\17
[2010-02-17 20:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
[2010-02-17 18:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ESET
[2010-02-17 18:31:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-02-17 15:50:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Cream Software
[2010-02-17 15:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\flankerds001
[2010-02-16 18:26:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\eMe-Autodestrukcja (2010)
[2010-02-16 16:59:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ArcSoft
[2010-02-16 16:58:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcSoft
[2010-02-16 16:58:12 | 000,011,776 | ---- | C] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\afc.sys
[2010-02-16 16:58:11 | 000,245,408 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll
[2010-02-16 16:58:09 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\PCDLIB32.DLL
[2010-02-16 16:56:44 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2010-02-16 16:56:44 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2010-02-16 16:56:32 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2010-02-16 16:56:32 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2010-02-16 16:56:24 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2010-02-16 16:55:18 | 000,048,128 | ---- | C] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\Remove.exe
[2010-02-16 16:55:11 | 000,000,000 | ---D | C] -- C:\Program Files\Trust
[2010-02-16 16:55:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\PixArt
[2010-02-16 16:55:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PAC7302
[2010-02-16 16:54:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010-02-16 15:04:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\VirtualFarm
[2010-02-15 16:26:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Fokus_Pezet_Malolat_O.S.T.R.-Komplet_(Rap_Route)-CDM-PL-2010-WTF
[2010-02-14 17:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\DonationCoder
[2010-02-14 17:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DonationCoder
[2010-02-14 17:15:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ProcessLasso
[2010-02-14 17:14:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\ProcessExplorer
[2010-02-12 18:52:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\XSxS
[2010-02-12 18:52:52 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2010-02-12 18:52:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Xenocode
[2010-02-12 11:42:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\.wtw
[2010-02-12 08:53:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Jay-Z-The_Blueprint_3-2009-H3X
[2010-02-11 09:51:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Nowy folder (2)
[2010-02-10 15:44:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\zdjecia od cioci
[2010-02-10 12:31:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\sample quiz
[2010-02-06 21:00:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\H
[2010-02-06 09:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Nowy folder
[2010-02-05 20:40:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{580B8E22-2CB8-4C43-AE50-9338E581C6FA}
[2010-02-05 20:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{F322C569-6416-428D-A2EA-A5D1C7073DE8}
[2010-02-05 20:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{4275E5EA-6E30-48EB-A209-F964539CBE1C}
[2010-02-05 19:59:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Native Instruments
[2010-01-23 17:13:04 | 000,000,000 | ---D | C] -- C:\Mozilla
[2010-01-23 16:51:21 | 000,073,728 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbkpwr.dll
[2010-01-23 16:51:20 | 000,544,768 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXBKLSNT.EXE
[2010-01-23 16:51:20 | 000,286,720 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXBKPMNT.DLL
[2010-01-23 16:51:20 | 000,286,720 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbkcomm.dll
[2010-01-23 16:51:20 | 000,217,088 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXBKLCNT.DLL
[2010-01-23 16:51:20 | 000,201,216 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXP2P32.DLL
[2010-01-23 16:51:20 | 000,174,592 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXPPS.EXE
[2010-01-23 16:51:20 | 000,155,648 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXPING.EXE
[2010-01-23 16:51:20 | 000,126,976 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXBKCFG.EXE
[2010-01-23 16:51:20 | 000,069,632 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\LXBKCU.DLL
[2010-01-23 16:51:19 | 000,303,104 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE
[2010-01-23 16:51:19 | 000,196,096 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEX2KUSB.DLL
[2010-01-23 16:51:19 | 000,192,512 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXLMPM.DLL
[2010-01-23 16:51:19 | 000,147,456 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCE.DLL
[2010-01-23 16:51:19 | 000,094,208 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\LXBKCUR.DLL
[2010-01-23 16:50:47 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiafbdrv.dll
[2010-01-23 16:50:47 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2010-01-23 16:50:43 | 000,983,101 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\LXBKGF.DLL
[2010-01-23 16:50:43 | 000,352,256 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\LXBKUTIL.DLL
[2010-01-23 16:50:43 | 000,069,632 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbkscin.dll
[2010-01-23 16:50:43 | 000,057,344 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbkcinf.dll
[2010-01-23 16:50:43 | 000,049,152 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbkcoin.dll
[2010-01-23 16:50:40 | 000,454,656 | ---- | C] (Lexmark International Inc.) -- C:\WINDOWS\System32\LXBKJSWR.DLL
[2010-01-23 16:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark X1100 Series
[2010-01-23 16:50:22 | 000,000,000 | ---D | C] -- C:\Lxk1100
[2010-01-23 16:45:02 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2010-01-23 12:21:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Łukasz\Recent
[2010-01-22 14:40:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\DSJ 2.1
[2009-10-02 18:57:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2009-10-02 18:57:37 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-10-02 18:54:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-10-02 18:54:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-02-20 10:38:54 | 000,339,330 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\podacccap.flp
[2010-02-20 10:27:55 | 000,000,471 | ---- | M] () -- C:\WINDOWS\System32\Datei4
[2010-02-20 10:27:55 | 000,000,471 | ---- | M] () -- C:\WINDOWS\System32\Datei2
[2010-02-20 10:27:55 | 000,000,470 | ---- | M] () -- C:\WINDOWS\System32\Datei3
[2010-02-20 10:27:55 | 000,000,470 | ---- | M] () -- C:\WINDOWS\System32\Datei1
[2010-02-20 10:27:55 | 000,000,469 | ---- | M] () -- C:\WINDOWS\System32\Datei7
[2010-02-20 10:27:55 | 000,000,469 | ---- | M] () -- C:\WINDOWS\System32\Datei5
[2010-02-20 10:27:55 | 000,000,468 | ---- | M] () -- C:\WINDOWS\System32\Datei0
[2010-02-20 10:27:55 | 000,000,467 | ---- | M] () -- C:\WINDOWS\System32\Datei9
[2010-02-20 10:27:55 | 000,000,467 | ---- | M] () -- C:\WINDOWS\System32\Datei8
[2010-02-20 10:27:55 | 000,000,467 | ---- | M] () -- C:\WINDOWS\System32\Datei10
[2010-02-20 10:27:55 | 000,000,465 | ---- | M] () -- C:\WINDOWS\System32\Datei6
[2010-02-20 10:22:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-02-20 10:22:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-02-20 09:18:43 | 000,292,036 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\to musze dopracowac.flp
[2010-02-20 09:13:03 | 010,114,256 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\The_Unseen_Trap_acca.mp3
[2010-02-19 18:52:05 | 000,000,060 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\listen.pls
[2010-02-19 17:23:48 | 089,015,440 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\The_Unseen_Trap_acca.wav
[2010-02-19 17:04:10 | 008,487,708 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\1 mixdown.mp3
[2010-02-19 15:56:06 | 000,598,585 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\to musze dopracowac.mp3
[2010-02-19 14:58:55 | 000,071,494 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\index2.php.htm
[2010-02-19 14:58:40 | 000,060,603 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\index.php.htm
[2010-02-19 14:56:55 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe
[2010-02-19 14:56:51 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\RSIT.exe
[2010-02-19 12:34:40 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Łukasz\ntuser.ini
[2010-02-19 12:34:39 | 005,767,168 | -H-- | M] () -- C:\Documents and Settings\Łukasz\NTUSER.DAT
[2010-02-19 12:34:38 | 001,573,864 | -H-- | M] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-18 19:38:42 | 000,598,585 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\mixdownjol.mp3
[2010-02-18 18:54:41 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-02-18 18:46:09 | 000,108,059 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-02-18 18:46:09 | 000,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-02-18 15:15:45 | 005,286,416 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Shadowville.com 20- 20Once 20In 20A 20Lifetime.mp3
[2010-02-18 15:14:28 | 004,422,426 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Shadowville.com 20- 20Blow 20It 20Up.mp3
[2010-02-18 15:13:53 | 001,503,467 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\zgitarką.mp3
[2010-02-16 17:04:20 | 000,000,641 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-02-16 17:03:50 | 291,468,288 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Untitled_20100216_1.avi
[2010-02-16 17:01:46 | 001,440,032 | ---- | M] () -- C:\PA7302.DAT
[2010-02-16 16:58:11 | 000,000,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Video Impression 2.lnk
[2010-02-16 16:25:56 | 007,437,232 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\KAITEU_-_PIETZ_LP_PROMOMIX.mp3
[2010-02-16 15:06:35 | 000,000,489 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Skrót do VirtualFarm.exe.lnk
[2010-02-15 13:56:47 | 000,442,293 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\skolioza.pdf
[2010-02-14 19:50:50 | 001,028,096 | ---- | M] () -- C:\WINDOWS\MULTIHACK.exe
[2010-02-14 19:50:50 | 000,000,140 | ---- | M] () -- C:\WINDOWS\l33td.ini
[2010-02-14 19:48:09 | 000,034,820 | ---- | M] () -- C:\WINDOWS\System\iexplore.exe
[2010-02-14 19:48:09 | 000,017,920 | ---- | M] () -- C:\WINDOWS\System\smss.exe
[2010-02-14 17:18:42 | 000,000,046 | ---- | M] () -- C:\WINDOWS\System32\DonationCoder_processtamer_InstallInfo.dat
[2010-02-14 17:18:42 | 000,000,046 | ---- | M] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DonationCoder_processtamer_InstallInfo.dat
[2010-02-13 09:23:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-02-12 16:08:22 | 000,000,408 | ---- | M] () -- C:\Documents and Settings\Łukasz\Menu Start\Programy\Autostart\Skrót do wtw.exe.lnk
[2010-02-10 11:03:30 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-09 13:25:51 | 000,989,184 | ---- | M] () -- C:\WINDOWS\RESETTER 2.31.EXE
[2010-02-09 13:25:51 | 000,352,256 | ---- | M] () -- C:\WINDOWS\THERMO.EXE
[2010-02-05 14:43:21 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Skrót do H5_Game.exe.lnk
[2010-01-30 12:18:20 | 000,000,583 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Skrót do JDownloader.exe.lnk
[2010-01-23 17:13:37 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-01-23 17:13:37 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010-01-23 17:10:30 | 000,000,101 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010-01-23 12:35:27 | 000,000,634 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Counter Strike 1.6.lnk
[2010-01-21 14:33:57 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Landwirtschafts-Simulator 2009.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-02-20 09:31:20 | 000,339,330 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\podacccap.flp
[2010-02-20 09:12:40 | 010,114,256 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\The_Unseen_Trap_acca.mp3
[2010-02-19 18:50:21 | 000,000,060 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\listen.pls
[2010-02-19 17:05:25 | 089,015,440 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\The_Unseen_Trap_acca.wav
[2010-02-19 15:55:50 | 000,598,585 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\to musze dopracowac.mp3
[2010-02-19 14:58:55 | 000,071,494 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\index2.php.htm
[2010-02-19 14:58:40 | 000,060,603 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\index.php.htm
[2010-02-19 14:56:38 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\RSIT.exe
[2010-02-18 19:38:28 | 000,598,585 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\mixdownjol.mp3
[2010-02-18 18:46:09 | 000,108,059 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-02-18 18:46:09 | 000,095,259 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-02-18 17:13:28 | 000,292,036 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\to musze dopracowac.flp
[2010-02-18 15:14:16 | 008,487,708 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\1 mixdown.mp3
[2010-02-18 15:13:46 | 005,286,416 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Shadowville.com 20- 20Once 20In 20A 20Lifetime.mp3
[2010-02-18 15:13:19 | 001,503,467 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\zgitarką.mp3
[2010-02-18 15:13:00 | 004,422,426 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Shadowville.com 20- 20Blow 20It 20Up.mp3
[2010-02-16 17:03:29 | 291,468,288 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Untitled_20100216_1.avi
[2010-02-16 17:01:02 | 001,440,032 | ---- | C] () -- C:\PA7302.DAT
[2010-02-16 16:58:11 | 000,000,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Video Impression 2.lnk
[2010-02-16 16:55:17 | 000,000,800 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2010-02-16 16:23:38 | 007,437,232 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\KAITEU_-_PIETZ_LP_PROMOMIX.mp3
[2010-02-16 15:06:35 | 000,000,489 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Skrót do VirtualFarm.exe.lnk
[2010-02-15 13:56:47 | 000,442,293 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\skolioza.pdf
[2010-02-14 19:48:09 | 001,028,096 | ---- | C] () -- C:\WINDOWS\MULTIHACK.exe
[2010-02-14 19:48:09 | 000,034,820 | ---- | C] () -- C:\WINDOWS\System\iexplore.exe
[2010-02-14 19:48:09 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System\smss.exe
[2010-02-14 19:34:27 | 000,000,140 | ---- | C] () -- C:\WINDOWS\l33td.ini
[2010-02-14 17:18:42 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_processtamer_InstallInfo.dat
[2010-02-14 17:18:42 | 000,000,046 | ---- | C] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DonationCoder_processtamer_InstallInfo.dat
[2010-02-12 16:08:22 | 000,000,408 | ---- | C] () -- C:\Documents and Settings\Łukasz\Menu Start\Programy\Autostart\Skrót do wtw.exe.lnk
[2010-02-09 13:21:10 | 000,989,184 | ---- | C] () -- C:\WINDOWS\RESETTER 2.31.EXE
[2010-02-09 13:21:10 | 000,352,256 | ---- | C] () -- C:\WINDOWS\THERMO.EXE
[2010-02-05 14:43:21 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Skrót do H5_Game.exe.lnk
[2010-01-30 10:49:03 | 000,000,583 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Skrót do JDownloader.exe.lnk
[2010-01-23 17:10:30 | 000,000,101 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2010-01-23 16:51:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2010-01-23 16:51:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\LXBKIH.EXE
[2010-01-23 16:51:20 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2010-01-23 16:51:20 | 000,000,448 | ---- | C] () -- C:\WINDOWS\System32\LXBK.LOC
[2010-01-23 16:51:19 | 001,325,626 | ---- | C] () -- C:\WINDOWS\System32\LXBKLPA.HLP
[2010-01-23 16:51:19 | 000,503,262 | ---- | C] () -- C:\WINDOWS\System32\LXBKDRV.HLP
[2010-01-23 16:51:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2010-01-23 16:51:19 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\LXBKDRV.CNT
[2010-01-23 16:51:19 | 000,002,321 | ---- | C] () -- C:\WINDOWS\System32\LXBKLPA.CNT
[2010-01-23 16:51:19 | 000,000,282 | ---- | C] () -- C:\WINDOWS\System32\LXBKMA.CNT
[2010-01-23 16:50:43 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2010-01-23 12:35:27 | 000,000,634 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Counter Strike 1.6.lnk
[2010-01-21 14:33:57 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Landwirtschafts-Simulator 2009.lnk
[2009-12-05 12:11:07 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-11-28 15:26:00 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009-11-22 13:47:50 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009-11-16 15:35:04 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS
[2009-11-16 15:35:04 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\SNTI386.DLL
[2009-11-16 15:35:04 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL
[2009-11-16 15:35:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MTSTACK.INI
[2009-11-09 16:18:43 | 000,000,251 | ---- | C] () -- C:\WINDOWS\w32dasm8.ini
[2009-11-01 19:18:35 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-10-10 13:06:52 | 000,000,169 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2009-10-10 13:06:52 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2009-10-10 13:06:46 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2009-10-10 13:06:46 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
[2009-10-06 16:09:35 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-10-06 16:09:32 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-10-04 11:43:23 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2009-10-03 13:03:33 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-10-02 19:42:39 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-10-02 19:42:39 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-10-02 19:42:38 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-10-02 19:42:38 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-10-02 19:42:37 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-10-02 19:42:37 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-10-02 19:35:12 | 000,047,616 | ---- | C] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-02 19:21:50 | 000,174,744 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2009-10-02 19:08:26 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2009-10-02 19:08:23 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009-10-02 19:04:40 | 000,000,990 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2008-10-07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007-03-20 16:44:02 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.ini
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-02-18 14:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
[2009-11-10 15:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk
[2009-10-03 12:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2009-10-03 12:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-02-14 17:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DonationCoder
[2010-02-13 09:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Easy CD-DA Extractor
[2009-10-03 19:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EDIROL
[2010-02-17 18:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2009-11-17 16:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Farm Frenzy
[2009-11-22 11:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-10-21 16:48:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Propellerhead Software
[2009-11-29 11:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
[2009-11-18 14:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Spore
[2010-02-12 18:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-10-02 19:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl
[2010-02-16 15:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VirtualFarm
[2010-02-05 20:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{4275E5EA-6E30-48EB-A209-F964539CBE1C}
[2010-02-05 20:40:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{580B8E22-2CB8-4C43-AE50-9338E581C6FA}
[2010-02-05 20:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{F322C569-6416-428D-A2EA-A5D1C7073DE8}
[2010-02-12 11:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\.wtw
[2009-11-27 17:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Any Video Converter
[2009-10-27 17:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Autodesk
[2010-02-17 21:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\BITS
[2009-10-26 16:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Broad Intelligence
[2009-10-03 12:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Canneverbe_Limited
[2010-02-17 15:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Cream Software
[2009-10-03 13:03:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\DAEMON Tools Lite
[2009-10-05 20:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\DAEMON Tools Pro
[2009-10-07 16:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Dev-Cpp
[2010-02-14 17:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\DonationCoder
[2010-02-17 18:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ESET
[2009-12-05 09:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\EurekaLog
[2009-10-02 20:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Flatcast
[2009-11-22 10:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Gadu-Gadu 10
[2009-10-25 16:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\GIANTS Editor 0.3.0
[2009-11-04 16:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Notepad++
[2009-11-22 10:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\OpenFM
[2009-10-07 13:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\OpenOffice.org
[2009-10-30 19:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Opera
[2010-02-14 17:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ProcessLasso
[2009-10-21 16:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Propellerhead Software
[2009-11-13 16:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Spore
[2009-10-03 13:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Steinberg
[2009-12-09 16:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Thinstall
[2010-02-08 14:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Tlen.pl
[2010-02-15 17:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\uTorrent
[2009-10-12 16:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Vso

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 169 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DD4DD9B9
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:8CE646EE
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A9662AE0
< End of report >
[/log]


Log z RSIT (info.txt)
[log]info.txt logfile of random's system information tool 1.06 2010-02-20 11:05:50

======Uninstall list======

-->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Audition 3.0-->msiexec /I {53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
ALLPlayer V3.X-->"D:\ALLPlayer\unins000.exe"
AoA Audio Extractor-->"D:\AoA Audio Extractor\unins000.exe"
ArcSoft VideoImpression 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{244E21B9-164C-4EC1-AED8-9BD64161E66D}\Setup.exe" -l0x9
ASIO4ALL-->D:\ASIO4ALL v2\uninstall.exe
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AutoCAD R14.0-->C:\WINDOWS\unin0415.exe -f"D:\AutoCAD R14\DeIsL2.isu"
AutoConnect v0.1.2.5-->C:\Program Files\AutoConnect\uninst.exe
BPM Beats per Minute Detector-->"D:\BPM Beats per Minute Detector\unins000.exe"
CDBurnerXP-->"D:\CDBurnerXP\unins000.exe"
CoffeeCup GIF Animator-->D:\GIFANI~1\UNWISE.EXE D:\GIFANI~1\GAinst.LOG
Counter-Strike 1.6 V35-->D:\Counter-Strike 1.6 V35\Uninstal.exe
Download Accelerator Plus (DAP)-->D:\DAP\DAPREMOVE.EXE
EVEREST Home Edition v2.20-->"D:\EVEREST Home Edition\unins000.exe"
FL Studio 9-->D:\FL Studio 9\uninstall.exe
FlashGet 2.0-->D:\FlashGet universal\uninst.exe
Flatcast Viewer Plugin 5.0.356-->"C:\WINDOWS\unins000.exe"
Gadu-Gadu 10-->D:\Gadu-Gadu 10\Uninstall.exe
GIANTS Editor 4.1.2-->"D:\GIANTS_Editor_4.1.2\unins000.exe"
Gothic III-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}\setup.exe" -l0x15 -removeonly
Hardcore-->C:\Program Files\Image-Line\Hardcore\uninstall.exe
Heroes of Might & Magic V: Kuźnia Przeznaczenia-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACC75323-DB4A-4F7F-9AF2-1D1DEFF2D0B4}\Setup.exe" -l0x15
Heroes of Might and Magic V-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DE075DB-4218-4B2C-A35E-48D80BA680BB}\Setup.exe" -l0x15
HijackThis 2.0.2-->"D:\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
K-Lite Codec Pack 5.1.0 (Full)-->"D:\K-Lite Codec Pack\unins000.exe"
Komunikator WTW-->D:\WTW\wtw-uninst.exe
Landwirtschafts-Simulator 2009-->"D:\Landwirtschafts-Simulator 2009\unins000.exe"
Lexmark X1100 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series
MediaCoder 0.7.2.4528-->D:\MediaCoder\uninst.exe
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK-->MsiExec.exe /I{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK-->MsiExec.exe /I{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - plk-->MsiExec.exe /I{9EFDFBA8-9174-3C61-8645-28376C5CA994}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
MixMeister BPM Analyzer 1.0-->"D:\MixMeister BPM Analyzer\unins000.exe"
Mozilla Firefox (3.6)-->D:\Mozilla Firefox\uninstall\helper.exe
MP3 Player Recovery Tool-->"C:\Program Files\Creative\MP3 Player Recovery Tool\unins000.exe"
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
Narzędzie Software Uninstall Utility firmy ATI-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
Native Instruments Komplete 6-->C:\Documents and Settings\All Users\Dane aplikacji\{580B8E22-2CB8-4C43-AE50-9338E581C6FA}\Komplete 6 Setup PC.exe
NVIDIA PhysX-->MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477CD655043}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 3.1-->MsiExec.exe /I{9E35B051-C7EE-47CB-BA43-9A7FFD4E61DE}
Orchestral VST-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{77832A71-8657-46D1-89BC-630243926C9A}\setup.exe" MAINTENANCE_XXX
Pajączek 5 NxG PRO - Deinstalacja-->"D:\Pajaczek 5 NxG\unins000.exe"
Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - plk\setup.exe
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
Radeon Omega Drivers v4.8.442 Setup Files and Tools-->"C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe" "/U:D:\Radeon Omega Drivers\v4.8.442\Omega Uninstall.xml"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x15 -removeonly
reFX Nexus VSTi RTAS v2.2.0-->"D:\VstPlugins\Uninstall Nexus\unins000.exe"
Restorator 2009-->"D:\Restorator 2009\unins000.exe"
Rob Papen Albino 3-->D:\VstPlugins\UninstalAlbino3.exe
Rob Papen Predator V1.1 b-->"D:\VstPlugins\unins000.exe"
SAGEM F@st 800-840-->C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe -runfromtemp -l0x0015 -removeonly
Sawer-->C:\Program Files\Image-Line\Sawer\uninstall.exe
SpeedFan (remove only)-->"D:\SpeedFan\uninstall.exe"
Steinberg Hypersonic 2-->D:\VstPlugins\Hypersonic\unins000.exe
Super Farmer-->D:\Virtual Farm\Uninstall.exe
SyncroSoft Emu (Remove only)-->C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe
Syncrosoft's License Control-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
Truck Racing by Renault Trucks-->D:\Truck_Racing_By_Renault_Trucks\uninst.exe
Trust WB-3420N HIRS Webcam Live-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A48D9360-5B9C-415D-AF3B-BB691138F463} /l1033
Unlocker 1.8.8-->D:\Unlocker\uninst.exe
Velaya - Historia wojowniczki-->D:\Gothic2ZlotaEdycja\Velaya_PL-uninst.exe
Virtual DJ - Atomix Productions-->D:\VIRTUA~1\UNWISE.EXE D:\VIRTUA~1\INSTALL.LOG
VSO Image Resizer 1.0.7-->"D:\Image Resizer\unins000.exe"
WapSter AQQ-->D:\WapSter AQQ\uninstall.exe
Winamp-->"D:\Winamp\UninstWA.exe"

======System event log======

Computer Name: XXX
Event Code: 7001
Message: Usługa Sentinel zależy od usługi Parport, której nie można uruchomić z powodu następującego błędu:
Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia.


Record Number: 11467
Source Name: Service Control Manager
Time Written: 20100118115738.000000+060
Event Type: błąd
User:

Computer Name: XXX
Event Code: 7000
Message: Nie można uruchomić usługi General Purpose USB Driver (adildr.sys) z powodu następującego błędu:
Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia.


Record Number: 11466
Source Name: Service Control Manager
Time Written: 20100118115738.000000+060
Event Type: błąd
User:

Computer Name: XXX
Event Code: 6005
Message: Uruchomiono usługę Dziennik zdarzeń.

Record Number: 11465
Source Name: EventLog
Time Written: 20100118115724.000000+060
Event Type: informacje
User:

Computer Name: XXX
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Dodatek Service Pack 3 Uniprocessor Free.

Record Number: 11464
Source Name: EventLog
Time Written: 20100118115724.000000+060
Event Type: informacje
User:

Computer Name: XXX
Event Code: 6006
Message: Zatrzymano usługę Dziennik zdarzeń.

Record Number: 11463
Source Name: EventLog
Time Written: 20100118071356.000000+060
Event Type: informacje
User:

=====Application event log=====

Computer Name: XXX
Event Code: 8193
Message: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x80040206.

Record Number: 207
Source Name: VSS
Time Written: 20091013144848.000000+120
Event Type: błąd
User:

Computer Name: XXX
Event Code: 4609
Message: Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył zły kod powrotu. HRESULT to 80070422 z w wierszu 44 z d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błąd.
Record Number: 206
Source Name: EventSystem
Time Written: 20091013144848.000000+120
Event Type: błąd
User:

Computer Name: XXX
Event Code: 1800
Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona.

Record Number: 205
Source Name: SecurityCenter
Time Written: 20091013070520.000000+120
Event Type: informacje
User:

Computer Name: XXX
Event Code: 8193
Message: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x80040206.

Record Number: 204
Source Name: VSS
Time Written: 20091013070518.000000+120
Event Type: błąd
User:

Computer Name: XXX
Event Code: 4609
Message: Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył zły kod powrotu. HRESULT to 80070422 z w wierszu 44 z d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błąd.
Record Number: 203
Source Name: EventSystem
Time Written: 20091013070518.000000+120
Event Type: błąd
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 55 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=3702
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
[/log]

Oraz log.txt
[log]Logfile of random's system information tool 1.06 (written by random/random)
Run by Łukasz at 2010-02-20 11:06:03
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 5 GB (30%) free of 16 GB
Total RAM: 1535 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:06:04, on 2010-02-20
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
D:\WTW\wtw.exe
D:\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Java\jre6\bin\javaw.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Łukasz\Pulpit\RSIT.exe
D:\Trend Micro\HijackThis\Łukasz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - D:\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Skrót do wtw.exe.lnk = D:\WTW\wtw.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &Clean Traces - D:\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download All by FlashGet - D:\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - D:\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: &Download with &DAP - D:\DAP\dapextie.htm
O8 - Extra context menu item: &Pobierz wszystko przez FlashGet - D:\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Pobrane przez FlashGet - D:\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: Download &all with DAP - D:\DAP\dapextie2.htm
O9 - Extra button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - Gopher Prefix:
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

--
End of file - 4523 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - D:\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Java\jre6\bin\jp2ssv.dll [2009-10-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-03 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-09-10 15360]
"AutoConnect"=C:\Program Files\AutoConnect\AutoConnect.exe [2004-08-28 295424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"idsvc"=3
"JavaQuickStarterService"=2
"Adobe LM Service"=3
"ATI Smart"=2
"Ati HotKey Poller"=2
"C-DillaCdaC11BA"=2
"Autodesk Licensing Service"=3
"NMSAccessU"=2
"LexBceS"=3

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Documents and Settings\Łukasz\Menu Start\Programy\Autostart
Skrót do wtw.exe.lnk - D:\WTW\wtw.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-09-30 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-10-20 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2009-09-10 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Tlen.pl\tlen.exe"="D:\Tlen.pl\tlen.exe:*:Enabled:Komunikator Tlen.pl"
"D:\uTorrent\uTorrent.exe"="D:\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\FlashGet universal\FlashGet.exe"="D:\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"D:\FlashGet universal\LiveUpdate.exe"="D:\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"D:\FlashGet universal\LiveUpdateEx.exe"="D:\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-02-20 11:05:48 ----D---- C:\rsit
2010-02-18 18:45:44 ----D---- C:\Program Files\Kaspersky Lab
2010-02-18 18:34:53 ----A---- C:\WINDOWS\ntbtlog.txt
2010-02-17 20:37:49 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2010-02-17 18:32:23 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\ESET
2010-02-17 18:31:47 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\ESET
2010-02-17 15:50:15 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\Cream Software
2010-02-16 16:59:49 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\ArcSoft
2010-02-16 16:58:14 ----D---- C:\Program Files\Common Files\ArcSoft
2010-02-16 16:58:11 ----RA---- C:\WINDOWS\system32\unicows.dll
2010-02-16 16:58:09 ----A---- C:\WINDOWS\PCDLIB32.DLL
2010-02-16 16:56:32 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-02-16 16:55:18 ----A---- C:\WINDOWS\system32\Remove.exe
2010-02-16 16:55:17 ----A---- C:\WINDOWS\system32\Remover.ini
2010-02-16 16:55:11 ----D---- C:\WINDOWS\PixArt
2010-02-16 16:55:11 ----D---- C:\Program Files\Trust
2010-02-16 16:55:11 ----D---- C:\Program Files\Common Files\PAC7302
2010-02-16 16:54:59 ----D---- C:\WINDOWS\Downloaded Installations
2010-02-16 15:04:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\VirtualFarm
2010-02-14 19:48:09 ----A---- C:\WINDOWS\MULTIHACK.exe
2010-02-14 19:34:27 ----A---- C:\WINDOWS\l33td.ini
2010-02-14 17:18:42 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\DonationCoder
2010-02-14 17:17:49 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\DonationCoder
2010-02-14 17:15:39 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\ProcessLasso
2010-02-12 18:52:52 ----D---- C:\WINDOWS\XSxS
2010-02-12 18:52:52 ----D---- C:\Program Files\Xenocode
2010-02-12 11:42:42 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\.wtw
2010-02-09 13:21:10 ----A---- C:\WINDOWS\THERMO.EXE
2010-02-09 13:21:10 ----A---- C:\WINDOWS\RESETTER 2.31.EXE
2010-02-05 20:40:47 ----HDC---- C:\Documents and Settings\All Users\Dane aplikacji\{580B8E22-2CB8-4C43-AE50-9338E581C6FA}
2010-02-05 20:40:44 ----DC---- C:\Documents and Settings\All Users\Dane aplikacji\{F322C569-6416-428D-A2EA-A5D1C7073DE8}
2010-02-05 20:39:26 ----DC---- C:\Documents and Settings\All Users\Dane aplikacji\{4275E5EA-6E30-48EB-A209-F964539CBE1C}
2010-02-05 19:59:01 ----D---- C:\Program Files\Common Files\Native Instruments
2010-01-23 17:13:04 ----D---- C:\Mozilla
2010-01-23 17:10:30 ----A---- C:\WINDOWS\lexstat.ini
2010-01-23 16:51:21 ----A---- C:\WINDOWS\system32\lxbkvs.dll
2010-01-23 16:51:21 ----A---- C:\WINDOWS\system32\lxbkpwr.dll
2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKPMNT.DLL
2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKLSNT.EXE
2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKLCNT.DLL
2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKLCNP.DLL
2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKIH.EXE
2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKCU.DLL
2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\lxbkcomm.dll
2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LXBKCFG.EXE
2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LEXPPS.EXE
2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LEXPING.EXE
2010-01-23 16:51:20 ----A---- C:\WINDOWS\system32\LEXP2P32.DLL
2010-01-23 16:51:19 ----A---- C:\WINDOWS\system32\LXBKCUR.DLL
2010-01-23 16:51:19 ----A---- C:\WINDOWS\system32\LEXLMPM.DLL
2010-01-23 16:51:19 ----A---- C:\WINDOWS\system32\LEXBCES.EXE
2010-01-23 16:51:19 ----A---- C:\WINDOWS\system32\LEXBCE.DLL
2010-01-23 16:51:19 ----A---- C:\WINDOWS\system32\LEX2KUSB.DLL
2010-01-23 16:51:19 ----A---- C:\WINDOWS\system32\INSTMON.EXE
2010-01-23 16:50:47 ----A---- C:\WINDOWS\system32\wiafbdrv.dll
2010-01-23 16:50:43 ----A---- C:\WINDOWS\system32\LXBKUTIL.DLL
2010-01-23 16:50:43 ----A---- C:\WINDOWS\system32\lxbkscin.dll
2010-01-23 16:50:43 ----A---- C:\WINDOWS\system32\LXBKGF.DLL
2010-01-23 16:50:43 ----A---- C:\WINDOWS\system32\lxbkcoin.ini
2010-01-23 16:50:43 ----A---- C:\WINDOWS\system32\lxbkcoin.dll
2010-01-23 16:50:43 ----A---- C:\WINDOWS\system32\lxbkcinf.dll
2010-01-23 16:50:40 ----D---- C:\Program Files\Lexmark X1100 Series
2010-01-23 16:50:40 ----A---- C:\WINDOWS\system32\LXBKJSWR.DLL
2010-01-23 16:50:22 ----D---- C:\Lxk1100

======List of files/folders modified in the last 1 months======

2010-02-20 11:02:46 ----D---- C:\WINDOWS\Temp
2010-02-20 10:23:23 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2010-02-20 10:23:13 ----D---- C:\Program Files\AutoConnect
2010-02-19 20:35:08 ----D---- C:\WINDOWS\system32\drivers
2010-02-19 16:57:39 ----D---- C:\WINDOWS\system32
2010-02-19 16:13:21 ----D---- C:\WINDOWS
2010-02-19 16:13:07 ----D---- C:\WINDOWS\system
2010-02-19 12:34:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-18 18:57:41 ----D---- C:\WINDOWS\pss
2010-02-18 18:46:12 ----SHD---- C:\WINDOWS\Installer
2010-02-18 18:46:05 ----HD---- C:\WINDOWS\inf
2010-02-18 18:45:44 ----RD---- C:\Program Files
2010-02-18 18:45:41 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-18 14:35:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
2010-02-17 21:23:34 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-17 21:20:52 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\BITS
2010-02-16 17:04:20 ----A---- C:\WINDOWS\win.ini
2010-02-16 16:58:14 ----D---- C:\Program Files\Common Files
2010-02-16 16:58:07 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-16 16:56:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-16 16:55:11 ----D---- C:\WINDOWS\twain_32
2010-02-16 16:54:55 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-15 17:55:19 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\uTorrent
2010-02-14 19:48:10 ----SD---- C:\WINDOWS\system32\Microsoft
2010-02-13 09:41:05 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Easy CD-DA Extractor
2010-02-12 18:49:44 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2010-02-12 12:30:12 ----D---- C:\WINDOWS\WinSxS
2010-02-08 14:52:56 ----D---- C:\Documents and Settings\Łukasz\Dane aplikacji\Tlen.pl
2010-01-23 17:13:37 ----SH---- C:\boot.ini
2010-01-23 17:13:37 ----A---- C:\WINDOWS\system.ini
2010-01-23 17:09:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-01-23 12:21:31 ----D---- C:\WINDOWS\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-02-18 315408]
R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-10-13 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-10-13 25888]
R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2007-02-07 118552]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-30 3565056]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272]
R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-09-10 30208]
R3 usbhub;Standardowy sterownik koncentratora USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2009-09-10 59520]
R3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2009-09-10 20608]
S2 ELOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2007-02-07 56088]
S2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [1997-08-08 64512]
S3 awgtszd1;awgtszd1; C:\WINDOWS\system32\drivers\awgtszd1.sys []
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\MediaCoder\SysInfo.sys []
S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PAC7302;Trust WB-3420N HIRS Webcam Live; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-09-10 457984]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2009-09-10 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-09-10 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-09-10 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Sterownik filtru Przywracania systemu; C:\WINDOWS\system32\DRIVERS\sr.sys [2009-09-10 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-09-10 14336]
S2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2009-09-10 14336]
S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-10-12 72704]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-09-30 602112]
S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-09-29 593920]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 JavaQuickStarterService;Java Quick Starter; D:\Java\jre6\bin\jqs.exe [2009-10-03 153376]
S4 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMSAccessU;NMSAccessU; D:\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]
S4 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]

-----------------EOF-----------------
[/log]







Proszę o pomoc.

Mateusz J.
komentarz
komentarz

Log czysty.
Jak coś spróbuj całkowicie wyłączyć wszelki oprogramowanie chroniące komputer, Kaspersky, zapora itd.

rlk120
komentarz
komentarz

No muszę powiedzieć, że dziś przeprowadziłem gruntowny skan kasprem i bardzo możliwe, że połączenie blokowały 4 trojanki siedzące sobie na dysku :D

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.