Log z Comboscan:
ComboScan v20070306.20 run by Damian on 2007-03-22 at 21:20:13
[color=red]Computer is in Safe Mode with Networking.[/color]
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Failed to create restore point; computer is in safe mode.
-- Last 5 Restore Point(s) --
51: 2007-03-20 19:28:09 UTC - RP158 - Zainstalowano Windows Installer KB893803v2.
50: 2007-03-19 19:10:55 UTC - RP157 - Punkt kontrolny systemu
49: 2007-03-18 17:34:51 UTC - RP156 - Punkt kontrolny systemu
48: 2007-03-17 16:19:21 UTC - RP155 - Punkt kontrolny systemu
47: 2007-03-15 18:47:56 UTC - RP154 - Punkt kontrolny systemu
-- First Restore Point --
1: 2007-01-13 19:59:46 UTC - RP108 - Punkt kontrolny systemu
Performed disk cleanup.
-- HijackThis (run as Damian.exe) ----------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 21:20:54, on 2007-03-22
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avant Browser\avant.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Damian\Moje dokumenty\comboscan.exe
C:\DOCUME~1\Damian\Pulpit\HIJACK~1\Damian.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F3 - REG:win.ini: load=C:\YDPDict\watch.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1045 -noicon
O4 - HKLM\..\Run: [\\Kuba\EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P30 "\\Kuba\EPSON Stylus D88 Series" /O6 "USB001" /M "Stylus D88"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: QuickTV.lnk = C:\Program Files\AVerTV USB 2.0\QuickTV.exe
O4 - Global Startup: RaConfig.lnk = C:\WINDOWS\system32\RaConfig.exe
O8 - Extra context menu item: Blokuj wszystkie obrazy z tego serwera - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Dodaj do listy blokowanych reklam - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Otwórz wszystkie adresy z tej strony... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Podświetl - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Szukaj - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: Ochrona WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.sgnappo.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FCCF15D-4470-48FD-A8C6-86B4A582856C}: NameServer = 62.94.144.232,151.13.150.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E74115B-9F0C-46AC-9880-8F1E82769DAD}: NameServer = 62.94.144.232,151.13.150.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E6E8088-D0CA-4723-BD4D-412A8C3E7F23}: NameServer = 62.94.144.232,151.13.150.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FCCF15D-4470-48FD-A8C6-86B4A582856C}: NameServer = 62.94.144.232,151.13.150.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{0FCCF15D-4470-48FD-A8C6-86B4A582856C}: NameServer = 62.94.144.232,151.13.150.22
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
-- HijackThis Fixed Entries (C:\DOCUME~1\Damian\Pulpit\HIJACK~1\backups\) ------
backup-20070318-112455-511 O1 - Hosts: 0.0.1 free.xxxcounter.com
backup-20070318-114112-122 O1 - Hosts: 127.0. mt21.mtree.com
backup-20070318-114112-125 O1 - Hosts: persky-labs.com
backup-20070318-114112-154 O1 - Hosts: porthelp.com
backup-20070318-114112-155 O1 - Hosts: banners.sextracker.com
backup-20070318-114112-158 O1 - Hosts: mt33.mtree.com
backup-20070318-114112-166 O1 - Hosts: porthelp.com
backup-20070318-114112-170 O1 - Hosts: 127.0. mt21.mtree.com
backup-20070318-114112-171 O1 - Hosts: 127.com
backup-20070318-114112-176 O1 - Hosts: .0.1 st[Marketing Extensions Inc][Adware.AdShooter]om
backup-20070318-114112-186 O1 - Hosts: 127.0. mt21.mtree.com
backup-20070318-114112-198 O1 - Hosts: 127.0. mt21.mtree.com
backup-20070318-114112-200 O1 - Hosts: .0.1 st[Marketing Extensions Inc][Adware.AdShooter].adshooter.com
backup-20070318-114112-215 O1 - Hosts: 127.0. mt21.mtree.com
backup-20070318-114112-228 O1 - Hosts: ee.com
backup-20070318-114112-240 O1 - Hosts: porthelp.com
backup-20070318-114112-262 O1 - Hosts: 127.0..1 counter6.sextracker.com
backup-20070318-114112-269 O1 - Hosts: racker.com
backup-20070318-114112-275 O1 - Hosts: 127.
backup-20070318-114112-298 O1 - Hosts: 127.0.0e.cf.mtreexxx.net
backup-20070318-114112-307 O1 - Hosts: yresponse.symantec.com
backup-20070318-114112-312 O1 - Hosts: 127.0.0e.cf.mtreexxx.net
backup-20070318-114112-319 O1 - Hosts: 127.0. mt21.mtree.com
backup-20070318-114112-322 O1 - Hosts: yresponse.symantec.com
backup-20070318-114112-323 O1 - Hosts: 127.0.07.0.0mtree.com
backup-20070318-114112-326 O1 - Hosts: racker.com
backup-20070318-114112-355 O1 - Hosts: 127.0. mt21.mtree.com
backup-20070318-114112-358 O1 - Hosts: racker.com
backup-20070318-114112-369 O1 - Hosts: banners.sextracker.com
backup-20070318-114112-373 O1 - Hosts: persky-labs.com
backup-20070318-114112-390 O1 - Hosts: persky-labs.com
backup-20070318-114112-393 O1 - Hosts: banners.sextracker.com
backup-20070318-114112-418 O1 - Hosts: mt33.mtree.com
backup-20070318-114112-422 O1 - Hosts: racker.com
backup-20070318-114112-428 O1 - Hosts: yresponse.symantec.com
backup-20070318-114112-431 O1 - Hosts: tree.com
backup-20070318-114112-440 O1 - Hosts: 127.0.0e.cf.mtreexxx.net
backup-20070318-114112-442 O1 - Hosts: yresponse.symantec.com
backup-20070318-114112-455 O1 - Hosts: .0.1 st[Marketing Extensions Inc][Adware.AdShooter]
backup-20070318-114112-462 O1 - Hosts: yresponse.symantec.com
backup-20070318-114112-468 O1 - Hosts: 127.0.0e.cf.mtreexxx.net
backup-20070318-114112-474 O1 - Hosts: porthelp.com
backup-20070318-114112-506 O1 - Hosts: 127.0.07.0.0mtree.com
backup-20070318-114112-511 O1 - Hosts: .0.1 st[Marketing Extensions Inc][Adware.AdShooter].adshooter.com
backup-20070318-114112-531 O1 - Hosts: banners.sextracker.com
backup-20070318-114112-533 O1 - Hosts: persky-labs.com
backup-20070318-114112-539 O1 - Hosts: tree.com
backup-20070318-114112-555 O1 - Hosts: porthelp.com
backup-20070318-114112-563 O1 - Hosts: 127.0. mt21.mtree.com
backup-20070318-114112-570 O1 - Hosts: racker.com
backup-20070318-114112-571 O1 - Hosts: banners.sextracker.com
backup-20070318-114112-572 O1 - Hosts: 127.0.
backup-20070318-114112-575 O1 - Hosts: racker.com
backup-20070318-114112-586 O1 - Hosts: 127.0..1 counter6.sextracker.com
backup-20070318-114112-587 O1 - Hosts: .0.1 st[Marketing Extensions Inc][Adware.AdShooter]
backup-20070318-114112-591 O1 - Hosts: 127.0.07.0.0mtree.com
backup-20070318-114112-602 O1 - Hosts: mt33.mtree.com
backup-20070318-114112-609 O1 - Hosts: porthelp.com
backup-20070318-114112-618 O1 - Hosts: racker.com
backup-20070318-114112-656 O1 - Hosts: porthelp.com
backup-20070318-114112-657 O1 - Hosts: .0.1 st[Marketing Extensions Inc][Adware.AdShooter]om
backup-20070318-114112-660 O1 - Hosts: banners.sextracker.com
backup-20070318-114112-662 O1 - Hosts: racker.com
backup-20070318-114112-679 O1 - Hosts: yresponse.symantec.com
backup-20070318-114112-688 O1 - Hosts: racker.com
backup-20070318-114112-692 O1 - Hosts: yresponse.symantec.com
backup-20070318-114112-694 O1 - Hosts: yresponse.symantec.com
backup-20070318-114112-710 O1 - Hosts: tree.com
backup-20070318-114112-715 O1 - Hosts: banners.sextracker.com
backup-20070318-114112-717 O1 - Hosts: 127.0.0e.cf.mtreexxx.net
backup-20070318-114112-730 O1 - Hosts: porthelp.com
backup-20070318-114112-743 O1 - Hosts: yresponse.symantec.com
backup-20070318-114112-744 O1 - Hosts: 127.0.
backup-20070318-114112-754 O1 - Hosts: mt33.mtree.com
backup-20070318-114112-768 O1 - Hosts: porthelp.com
backup-20070318-114112-773 O1 - Hosts: 127.0.0e.cf.mtreexxx.net
backup-20070318-114112-774 O1 - Hosts: ee.com
backup-20070318-114112-775 O1 - Hosts: porthelp.com
backup-20070318-114112-784 O1 - Hosts: 127.0.07.0.0mtree.com
backup-20070318-114112-791 O1 - Hosts: racker.com
backup-20070318-114112-801 O1 - Hosts: 127.0..1 counter6.sextracker.com
backup-20070318-114112-816 O1 - Hosts: banners.sextracker.com
backup-20070318-114112-817 O1 - Hosts: mt33.mtree.com
backup-20070318-114112-821 O1 - Hosts: yresponse.symantec.com
backup-20070318-114112-823 O1 - Hosts: 127.0.0e.cf.mtreexxx.net
backup-20070318-114112-837 O1 - Hosts: 127.0.0e.cf.mtreexxx.net
backup-20070318-114112-862 O1 - Hosts: racker.com
backup-20070318-114112-863 O1 - Hosts: 127.0.0e.cf.mtreexxx.net
backup-20070318-114112-865 O1 - Hosts: banners.sextracker.com
backup-20070318-114112-869 O1 - Hosts: 127.0. mt21.mtree.com
backup-20070318-114112-882 O1 - Hosts: porthelp.com
backup-20070318-114112-892 O1 - Hosts: persky-labs.com
backup-20070318-114112-896 O1 - Hosts: 127.0..1 counter6.sextracker.com
backup-20070318-114112-908 O1 - Hosts: banners.sextracker.com
backup-20070318-114112-909 O1 - Hosts: ee.com
backup-20070318-114112-955 O1 - Hosts: yresponse.symantec.com
backup-20070318-114112-958 O1 - Hosts: 127.0.0e.cf.mtreexxx.net
backup-20070318-114112-962 O1 - Hosts: banners.sextracker.com
backup-20070318-114112-964 O1 - Hosts: porthelp.com
backup-20070318-114112-972 O1 - Hosts: 127.0.07.0.0mtree.com
backup-20070318-114112-989 O1 - Hosts: 127.0.07.0.0mtree.com
backup-20070318-114112-992 O1 - Hosts: yresponse.symantec.com
backup-20070318-114530-159 O4 - HKLM\..\Run: [lnwin.exe] C:\WINDOWS\system32\lnwin.exe
backup-20070318-114530-242 O4 - HKLM\..\Run: [sysinter] C:\WINDOWS\system32\adirss.exe
backup-20070318-114530-939 O4 - HKLM\..\Run: [tcpipmon] tcpipmon.exe
backup-20070320-211351-130 O1 - Hosts: .com
backup-20070320-211351-258 O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll (file missing)
backup-20070320-211351-264 O1 - Hosts: .com
backup-20070320-211351-273 O4 - HKLM\..\Run: [syswin] C:\WINDOWS\system32\v6.exe
backup-20070320-211351-307 O1 - Hosts: .com
backup-20070320-211351-318 O1 - Hosts: .com
backup-20070320-211351-394 O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
backup-20070320-211351-397 O1 - Hosts: .com
backup-20070320-211351-401 O1 - Hosts: .com
backup-20070320-211351-475 O4 - HKLM\..\Run: [lnwin.exe] C:\WINDOWS\system32\lnwin.exe
backup-20070320-211351-493 O1 - Hosts: .com
backup-20070320-211351-596 O1 - Hosts: .com
backup-20070320-211351-702 O4 - HKLM\..\Run: [sysinter] C:\WINDOWS\system32\adirss.exe
backup-20070320-211351-749 O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file)
backup-20070320-211351-750 O4 - HKCU\..\Run: [adirka] C:\WINDOWS\system32\adirka.exe
backup-20070322-190357-309 O21 - SSODL: XLXNrZnWS - {10F9C584-BA53-6F2E-3FC7-0E485212E594} - C:\WINDOWS\system32\oi.dll (file missing)
backup-20070322-190357-540 O21 - SSODL: DCOM Server 60787 - {2C1CD3D7-86AC-4068-93BC-A02304B60787} - C:\WINDOWS\system32\ccnybdo.dll (file missing)
backup-20070322-190357-593 O21 - SSODL: Internet Explorer - {F28A40D7-AD0E-034A-C651-5F0ED76232E6} - C:\WINDOWS\system32\Ocpjgg32.dll (file missing)
backup-20070322-190357-761 O4 - HKLM\..\Run: [sysexec] c:\windows\webal.exe
backup-20070322-190357-843 O4 - HKLM\..\Run: [sysxp] c:\windows\bfxtray.exe
backup-20070322-203643-300 O4 - HKLM\..\Run: [Svcs] C:\DOCUME~1\Damian\USTAWI~1\Temp\28776\explorer.exe
-- File Associations -----------------------------------------------------------
.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
[COLOR=red].scr - AutoCADScriptFile - "C:\WINDOWS\system32\notepad.exe" "%1"[/COLOR]
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
3S aksusb (Aladdin USB Key) - C:\WINDOWS\system32\drivers\aksusb.sys
3S ALCXWDM (Service for Realtek AC97 Audio (WDM)) - C:\WINDOWS\system32\drivers\alcxwdm.sys
0S AmdAcpi (AmdAcpi Bus Filter Driver) - C:\WINDOWS\system32\DRIVERS\AmdAcpi.sys (not found)
1S amdtools (AMD Special Tools Driver) - C:\WINDOWS\system32\DRIVERS\amdtools.sys (not found)
3S ati2mtag - C:\WINDOWS\system32\drivers\ati2mtag.sys
3S AVCamUSB20 (AVerTV USB 2.0) - C:\WINDOWS\system32\drivers\AVTVCsMini20.sys
3S CCDECODE (Dekoder napisów) - C:\WINDOWS\system32\drivers\CCDECODE.sys
3S cportclm - C:\DOCUME~1\Damian\USTAWI~1\Temp\cportclm.sys (not found)
0R d347bus - C:\WINDOWS\system32\drivers\d347bus.sys
0R d347prt - C:\WINDOWS\system32\drivers\d347prt.sys
2S driverpp (Plug and Play Support Driver) - C:\WINDOWS\system32\msdrives\driverpp.sys (not found)
3S ENTECH - C:\WINDOWS\system32\drivers\Entech.sys
3S HidUsb (Sterownik Microsoft klasy HID) - C:\WINDOWS\system32\drivers\hidusb.sys
0S kl1 - C:\WINDOWS\system32\drivers\kl1.sys
3S klif - C:\WINDOWS\system32\drivers\klif.sys
2S MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - C:\WINDOWS\system32\drivers\mdc8021x.sys
3S mouhid (Sterownik myszy HID) - C:\WINDOWS\system32\drivers\mouhid.sys
3S MSTEE (Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming) - C:\WINDOWS\system32\drivers\MSTEE.sys
3S ms_mpu401 (Sterownik portu MIDI UART Microsoft MPU-401) - C:\WINDOWS\system32\drivers\msmpu401.sys
3R MTsensor (ATK0110 ACPI UTILITY) - C:\WINDOWS\system32\drivers\ASACPI.sys
3S NABTSFEC (Koder-dekoder NABTS/FEC VBI) - C:\WINDOWS\system32\drivers\NABTSFEC.sys
3S NdisIP (Połączenie TV/wideo firmy Microsoft) - C:\WINDOWS\system32\drivers\ndisip.sys
3S NPDriver (Norton Unerase Protection Driver) - C:\WINDOWS\system32\drivers\NPDRIVER.SYS
0R nvata - C:\WINDOWS\system32\drivers\nvata.sys
3S NVENETFD (NVIDIA nForce Networking Controller Driver) - C:\WINDOWS\system32\drivers\NVENETFD.sys
3R nvnetbus (NVIDIA Network Bus Enumerator) - C:\WINDOWS\system32\drivers\nvnetbus.sys
0R PxHelp20 - C:\WINDOWS\system32\drivers\PxHelp20.sys
3R RT2400 (RT2400 Wireless Driver) - C:\WINDOWS\system32\drivers\RT2400.sys
3S SDdriver - C:\WINDOWS\system32\drivers\SdDriver.SYS
0R sfsync04 (StarForce Protection Synchronization Driver (version 4.x)) - C:\WINDOWS\system32\drivers\sfsync04.sys
3S SLIP (BDA Slip De-Framer) - C:\WINDOWS\system32\drivers\slip.sys
3S streamip (BDA IPSink) - C:\WINDOWS\system32\drivers\streamip.sys
3S SymEvent - C:\Program Files\Symantec\SYMEVENT.SYS
3S TSP - C:\WINDOWS\system32\drivers\klif.sys
3S Usb20Scan (USB 2.0 Still Image) - C:\WINDOWS\system32\drivers\cresscan.sys
3S usbaudio (Sterownik audio USB (WDM)) - C:\WINDOWS\system32\drivers\USBAUDIO.sys
3S usbccgp (Rodzajowy sterownik nadrzędny USB Microsoft) - C:\WINDOWS\system32\drivers\usbccgp.sys
3R usbehci (Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft) - C:\WINDOWS\system32\drivers\usbehci.sys
3R usbohci (Sterownik Miniport otwartego kontrolera hosta USB Microsoft) - C:\WINDOWS\system32\drivers\usbohci.sys
3S usbscan (Sterownik skanera USB) - C:\WINDOWS\system32\drivers\usbscan.sys
3S USBSTOR (Sterownik magazynu masowego USB) - C:\WINDOWS\system32\drivers\usbstor.sys
0R Vax347b - C:\WINDOWS\system32\drivers\Vax347b.sys
0R Vax347s - C:\WINDOWS\system32\drivers\Vax347s.sys
3S WFIOCTL - C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS (not found)
2S wincom32 - C:\WINDOWS\system32\wincom32.sys
1R WS2IFSL (Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0) - C:\WINDOWS\system32\drivers\ws2ifsl.sys
3S WSTCODEC (Kodery-dekodery teletekstu w standardzie światowym) - C:\WINDOWS\system32\drivers\WSTCODEC.SYS
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
3S aspnet_state (Usługa stanu ASP.NET) - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
2S Ati HotKey Poller - C:\WINDOWS\system32\Ati2evxx.exe
2S ATI Smart - C:\WINDOWS\system32\ati2sgag.exe
3S Autodesk Licensing Service - "C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"
2S AVP (Kaspersky Anti-Virus 6.0) - "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r
2S NProtectService (Norton Unerase Protection) - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
3S SCardDrv (Pomocnik karty inteligentnej) - C:\WINDOWS\System32\SCardSvr.exe
2S Speed Disk service - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
2S StarWindService (StarWind iSCSI Service) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
2S UleadBurningHelper (Ulead Burning Helper) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
3S UMWdf (Struktura sterowników trybu użytkownika w systemie Windows) - C:\WINDOWS\system32\wdfmgr.exe
-- Scheduled Tasks -------------------------------------------------------------
2007-03-22 21:03:44 414 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2007-03-11 00:00:00 310 --a------ C:\WINDOWS\Tasks\Symantec Drmc.job
2006-12-15 23:14:13 282 --a------ C:\WINDOWS\Tasks\Funkcja One Button Checkup pakietu Norton SystemWorks.job
-- Files created between 2007-02-22 and 2007-03-22 -----------------------------
2007-03-22 19:04:26 0 d-------- C:\!KillBox
2007-03-20 19:55:48 58557 --a------ C:\WINDOWS\system32\via.exe
2007-03-20 19:54:09 46592 --a------ C:\WINDOWS\system32\zlbw.dll
2007-03-20 19:08:04 79360 --a------ C:\WINDOWS\system32\swxcacls.exe
2007-03-20 19:08:04 40960 --a------ C:\WINDOWS\system32\swsc.exe
2007-03-20 19:08:04 135168 --a------ C:\WINDOWS\system32\swreg.exe
2007-03-20 19:08:04 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-03-20 19:08:04 53248 --a------ C:\WINDOWS\system32\Process.exe
2007-03-20 19:08:04 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-03-19 19:40:47 7357 --a------ C:\WINDOWS\system32\dd.exe
2007-03-19 19:40:46 7416 --a------ C:\WINDOWS\system32\adirss.exe
2007-03-19 19:40:45 7357 --a------ C:\WINDOWS\system32\sm.exe
2007-03-19 19:40:10 58616 --a------ C:\WINDOWS\system32\adirka.exe
2007-03-19 19:39:53 55424 --a------ C:\WINDOWS\system32\wincom32.sys
2007-03-18 14:34:39 3374 --a------ C:\WINDOWS\system32\tmp.reg
2007-03-18 00:54:02 0 d-------- C:\VundoFix Backups
2007-03-17 23:36:32 0 d-------- C:\WINDOWS\system32\msdrives
2007-03-17 23:28:04 15136 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-03-17 23:28:04 1399584 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-03-17 23:18:17 7416 --a------ C:\WINDOWS\system32\lnwin.exe
2007-03-17 23:18:06 3 --a------ C:\WINDOWS\system32\sfxzmtwbmail.dll
2007-03-17 23:18:06 3 --a------ C:\WINDOWS\system32\sfxzmtsmtspm.dll
2007-03-17 23:18:06 3 --a------ C:\WINDOWS\system32\sfxzmtsmt.dll
2007-03-17 23:18:06 3 --a------ C:\WINDOWS\system32\sfxzmtforum.dll
2007-03-17 23:18:06 47 --a------ C:\WINDOWS\system32\pfxzmtymsg.dll
2007-03-17 23:18:06 47 --a------ C:\WINDOWS\system32\pfxzmtwbmail.dll
2007-03-17 23:18:06 3 --a------ C:\WINDOWS\system32\pfxzmtsmtspm.dll
2007-03-17 23:18:06 3 --a------ C:\WINDOWS\system32\pfxzmtsmt.dll
2007-03-17 23:18:06 47 --a------ C:\WINDOWS\system32\pfxzmticq.dll
2007-03-17 23:18:06 47 --a------ C:\WINDOWS\system32\pfxzmtgtal.dll
2007-03-17 23:18:06 47 --a------ C:\WINDOWS\system32\pfxzmtforum.dll
2007-03-17 23:18:06 47 --a------ C:\WINDOWS\system32\pfxzmtaim.dll
2007-03-17 23:18:04 58557 --a------ C:\WINDOWS\via.exe
2007-03-17 23:18:01 37565 --a------ C:\WINDOWS\pp.exe
2007-03-17 23:17:57 8704 --a------ C:\WINDOWS\system32\sporder.dll
2007-03-04 21:32:50 0 d-------- C:\Program Files\Scan2CADv7
2007-03-04 21:32:41 0 d-------- C:\WINDOWS\Scan2CAD v7
2007-03-04 17:16:51 17408 --a------ C:\WINDOWS\system32\drivers\aksusb.sys
2007-03-04 17:16:42 0 d-------- C:\Program Files\Integram
2007-03-04 17:13:57 284160 --a------ C:\WINDOWS\unin0415.exe
-- Find3M Report ---------------------------------------------------------------
2007-03-20 21:50:41 0 d-------- C:\Program Files\Deluxe Ski Jump 3
2007-03-20 21:46:58 0 d-------- C:\Program Files\Kaspersky Lab
2007-03-20 21:24:51 0 d-------- C:\Program Files\Mozilla Firefox
2007-03-20 20:46:02 0 d-------- C:\Documents and Settings\Damian\Dane aplikacji\Azureus
2007-03-19 20:45:19 0 d-------- C:\Documents and Settings\Damian\Dane aplikacji\Adobe
2007-03-18 16:13:43 0 d-------- C:\Program Files\GetRight
2007-03-18 16:13:42 0 d-------- C:\Program Files\Morpheus
2007-03-18 16:13:42 0 d-------- C:\Program Files\Messenger
2007-03-18 00:50:15 0 d-------- C:\Documents and Settings\Damian\Dane aplikacji\Webroot
2007-03-18 00:03:46 0 d-------- C:\Program Files\Tweak-XP Pro 4
2007-03-17 23:18:51 0 d---s---- C:\Documents and Settings\Damian\Dane aplikacji\Microsoft
2007-02-26 20:39:30 0 d-------- C:\Program Files\Gadu-Gadu
2007-02-14 20:49:27 0 d-------- C:\Program Files\Test Inteligencji
2007-02-05 21:49:32 0 d-------- C:\Program Files\Słownik
2007-02-01 20:37:41 0 d-------- C:\Program Files\MediMedia
-- Registry Dump ---------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"SunJavaUpdateSched"="C:\\Program Files\\Java\\j2re1.4.2_01\\bin\\jusched.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1045 -noicon"
"\\\\Kuba\\EPSON Stylus D88 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIABE.EXE /P30 \"\\\\Kuba\\EPSON Stylus D88 Series\" /O6 \"USB001\" /M \"Stylus D88\""
"SoundMan"="SOUNDMAN.EXE"
"kav"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\""
@=""
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{2C1CD3D7-86AC-4068-93BC-A02304B60787}"="DCOM Server 60787"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G]
Shell\AutoRun\command G:\CDStart.Exe
Shell\Install\Command G:\navsetup.exe
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{20e5d5cf-3e63-11da-aba8-806d6172696f}]
Shell\AutoRun\command F:\ASUSACPI.exe
-- End of ComboScan: finished at 2007-03-22 at 21:21:20 ------------------------
Za chwile postaram sie wrzucic zawartosc pliku minidump. Moge miec z tym pewne problemy, bo program nie chce sie zainstalowac w trybie awaryjnym, a w trybie normalnym czasami nie potrafie nic zrobic bo od razu mi sie wykaszania…
Podaje jeszcze nr bledu ktory wyskakuje: ***STOP: 0x00000050 (0xE116C00, 0x00000000, 0x80537002, 0x00000001)