proszę o sprawdzenie logów

[zeniTh]

Logfile of HijackThis v1.99.1Scan saved at 22:48:37, on 2007-06-11Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:WINDOWSSystem32smss.exeC:WINDOWSsystem32winlogon.exeC:WINDOWSsystem32services.exeC:WINDOWSsystem32lsass.exeC:WINDOWSsystem32svchost.exee:ProgramyPanda SoftwarePanda Antivirus 2007pavsrv51.exee:ProgramyPanda SoftwarePanda Antivirus 2007AVENGINE.EXEC:WINDOWSSystem32svchost.exeC:Program FilesAheadInCDInCDsrv.exeC:WINDOWSsystem32spoolsv.exeC:WINDOWSsystem32HPZipm12.exee:ProgramyPanda SoftwarePanda Antivirus 2007PsImSvc.exeC:WINDOWSSystem32svchost.exeC:WINDOWSsystem32WgaTray.exeC:WINDOWSExplorer.EXEC:Program FilesThomsonSpeedTouch USBDragdiag.exeC:PROGRA~1NEOSTR~1TaskbarIcon.exeC:Program FilesAnalog DevicesCoresmax4pnp.exeC:Program FilesAnalog DevicesSoundMAXSmax4.exeC:WINDOWSsystem32WinSys.exeE:ProgramyPanda SoftwarePanda Antivirus 2007APVXDWIN.EXEE:ProgramyrevoltecOEMDriver.exeC:Program FilesAheadInCDInCD.exeE:Programylg_fwupdatefwupdate.exeC:PROGRA~1COMMON~1PCSuiteDATALA~1DATALA~1.EXEE:ProgramyNokiaNOKIAP~1TRAYAP~1.EXEE:ProgramyA4TechMouseAmoumain.exeE:ProgramyWinampwinampa.exeC:Program FilesCommon FilesRealUpdate_OBrealsched.exeC:Program FilesSony EricssonMobile2Application LauncherApplication Launcher.exeC:WINDOWSsystem32ctfmon.exeE:ProgramyGadu-Gadugg.exeE:ProgramyDAEMON Toolsdaemon.exeC:PROGRA~1COMMON~1PCSuiteServicesSERVIC~1.EXEe:programypanda softwarepanda antivirus 2007WebProxy.exeC:Program FilesCommon FilesTeleca SharedCapabilityManager.exeC:Program FilesCommon FilesTeleca SharedGeneric.exeC:Program FilesSony EricssonMobile2Mobile Phone Monitorepmworker.exeC:Documents and SettingszeniThPulpitHijackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TPR0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = ŁączaR3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:PROGRA~1NEOSTR~1SEARCH~1.DLLO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:ProgramyAdobeAcrobat 7.0ActiveXAcroIEHelper.dllO4 - HKLM..Run: [WooCnxMon] C:PROGRA~1NEOSTR~1CnxMon.exeO4 - HKLM..Run: [speedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /iconO4 - HKLM..Run: [WOOWATCH] C:PROGRA~1NEOSTR~1Watch.exeO4 - HKLM..Run: [WOOTASKBARICON] C:PROGRA~1NEOSTR~1TaskbarIcon.exeO4 - HKLM..Run: [soundMAXPnP] C:Program FilesAnalog DevicesCoresmax4pnp.exeO4 - HKLM..Run: [soundMAX] "C:Program FilesAnalog DevicesSoundMAXSmax4.exe" /trayO4 - HKLM..Run: [JMB36X Configure] C:WINDOWSsystem32JMRaidTool.exe bootO4 - HKLM..Run: [sW20] C:WINDOWSsystem32sw20.exeO4 - HKLM..Run: [sW24] C:WINDOWSsystem32sw24.exeO4 - HKLM..Run: [WinSys] C:WINDOWSsystem32WinSys.exeO4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartupO4 - HKLM..Run: [nwiz] nwiz.exe /installO4 - HKLM..Run: [APVXDWIN] "e:ProgramyPanda SoftwarePanda Antivirus 2007APVXDWIN.EXE" /sO4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInitO4 - HKLM..Run: [High Definition Audio Property Page Shortcut] HDAShCut.exeO4 - HKLM..Run: [KBDriver] E:ProgramyrevoltecOEMDriver.exeO4 - HKLM..Run: [inCD] C:Program FilesAheadInCDInCD.exeO4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exeO4 - HKLM..Run: [LGODDFU] e:Programylg_fwupdatefwupdate.exeO4 - HKLM..Run: [DataLayer] C:PROGRA~1COMMON~1PCSuiteDATALA~1DATALA~1.EXEO4 - HKLM..Run: [PCSuiteTrayApplication] E:ProgramyNokiaNOKIAP~1TRAYAP~1.EXEO4 - HKLM..Run: [WheelMouse] e:ProgramyA4TechMouseAmoumain.exeO4 - HKLM..Run: [WinampAgent] e:ProgramyWinampwinampa.exeO4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe"  -osbootO4 - HKLM..Run: [sony Ericsson PC Suite] "C:Program FilesSony EricssonMobile2Application LauncherApplication Launcher.exe" /startoptionsO4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exeO4 - HKCU..Run: [Gadu-Gadu] "E:ProgramyGadu-Gadugg.exe" /trayO4 - HKCU..Run: [DAEMON Tools] "E:ProgramyDAEMON Toolsdaemon.exe" -lang 1033O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:ProgramyAdobeAcrobat 7.0Readerreader_sl.exeO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exeO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLLO17 - HKLMSystemCCSServicesTcpip..{5C36C1DC-8C44-4B30-A1EA-4215D81DEC10}: NameServer = 194.204.152.34 217.98.63.164O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:Program FilesCommon FilesMicrosoft SharedHelphxds.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLLO18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:PROGRA~1COMMON~1MICROS~1OFFICE12MSOXMLMF.DLLO20 - Winlogon Notify: avldr - C:WINDOWSSYSTEM32avldr.dllO20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dllO21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dllO23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program FilesAheadInCDInCDsrv.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exeO23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - e:ProgramyPanda SoftwarePanda Antivirus 2007pavsrv51.exeO23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exeO23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - e:ProgramyPanda SoftwarePanda Antivirus 2007PsImSvc.exe

bo ostatnio mi coś muli internet :/

[sitol]

wydaje się byc wszystko ok ale nie wiem co to jest :/

C:Program FilesCommon FilesTeleca SharedCapabilityManager.exeC:Program FilesCommon FilesTeleca SharedGeneric.exe no i jeszcze to:C:Program FilesAnalog DevicesCoresmax4pnp.exeC:Program FilesAnalog DevicesSoundMAXSmax4.exe

[zeniTh]

C:Program FilesAnalog DevicesSoundMAXSmax4.exe

Macierz mikrofonowa ASUS

Eliminuje zakłócenia występujące w stożku odbiorczym

Zwiększa jakość pracy w aplikacjach głosowych

Dołączony podwójny mikrofon SoundMAX Superbeam rejestruje jedynie dźwięk pochodzący z głównego źródła, pomijając dźwięki poboczne. Mechanizm ten pozwala wyeliminować wiele często spotykanych zakłóceń podczas nagrywania (odbicia, itd). Oprócz tego, korzysta on z zaawansowanych technik usuwania odbić, które wpływają pozytywnie na redukcję echa i minimalizację jego wpływu na nagrany materiał. Ta funkcja sprawia, że aplikacje przesyłające mowę ludzką (np. Skype, gry online czy konferencje wideo) nabiorą zupełnie nowej barwy

[sitol]

no to zostały te dwa pierwsze

[GoBi]

Log jest czysty.

[CatchMe]

LOG NIE JEST CZYSTY.

Proszę:

C:WINDOWSsystem32WinSys.exe

Na jednym logu się nie skończy. Proszę o logi z ComboFix i Silent Runners. Z tym, że ComboFix ma być użyty pierwszy.

Plik WinSys.exe zostanie automatycznie usunięty ale pamiętaj o wklejeniu nowych logów.

[zeniTh]

ComboFix 07-06-13 - C:Documents and SettingszeniThPulpitComboFix.exe"zeniTh" - 2007-06-12 19:17:54 - Dodatek Service Pack 2  NTFS  (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))C:WINDOWSsystem32winsys.exe(((((((((((((((((((((((((   Files Created from 2007-05-12 to 2007-06-12  )))))))))))))))))))))))))))))))2007-06-12 19:12	49,152	--a------	C:WINDOWSnircmd.exe2007-06-11 16:37	<DIR>	d--------	C:WINDOWSsystem32appmgmt2007-06-08 01:06	512	--a------	C:ScanSectorLog.dat2007-06-08 01:05	2,592	--ahs----	C:WINDOWSsystem32driversfidbox2.dat2007-06-08 01:05	152,352	--ahs----	C:WINDOWSsystem32driversfidbox.dat2007-06-08 00:52	4,212	---h-----	C:WINDOWSsystem32zllictbl.dat2007-06-08 00:52	<DIR>	d--------	C:WINDOWSInternet Logs2007-06-07 21:15	<DIR>	d--------	C:DOCUME~1DanielDANEAP~1Teleca2007-06-07 17:15	<DIR>	d--------	C:DOCUME~1zeniThDANEAP~1Teleca2007-06-07 17:14	<DIR>	d----c---	C:WINDOWSsystem32DRVSTORE2007-06-07 17:13	<DIR>	d--------	C:Program FilesSony Ericsson2007-06-07 17:13	<DIR>	d--------	C:Program FilesCommon FilesTeleca Shared2007-06-07 17:13	<DIR>	d--------	C:DOCUME~1ALLUSE~1Documents2007-06-07 17:13	<DIR>	d--------	C:DOCUME~1ALLUSE~1DANEAP~1Teleca2007-06-07 17:13	<DIR>	d--------	C:DOCUME~1ALLUSE~1DANEAP~1Sony Ericsson2007-06-07 17:12	<DIR>	d--------	C:WINDOWSDownloaded Installations2007-06-06 21:04	22,016	--a------	C:WINDOWSsystem32driversMSIRCOMM.sys2007-06-06 21:03	87,424	--a------	C:WINDOWSsystem32driversirda.sys2007-06-06 21:03	8,192	--a------	C:WINDOWSsystem32wshirda.dll2007-06-06 21:03	27,648	--a------	C:WINDOWSsystem32irmon.dll2007-06-06 21:03	26,624	--a------	C:WINDOWSsystem32driversirstusb.sys2007-06-06 21:03	19,584	--a------	C:WINDOWSsystem32driversrasirda.sys2007-06-06 21:03	153,088	--a------	C:WINDOWSsystem32irftp.exe2007-06-04 15:54	<DIR>	d--------	C:DOCUME~1DanielDANEAP~1Real2007-06-02 21:07	<DIR>	d--------	C:Program FilesCommon Filesxing shared2007-06-02 21:07	<DIR>	d--------	C:Program FilesCommon FilesReal2007-06-02 20:59	<DIR>	d--------	C:Program FilesMedia Player Classic2007-06-02 20:59	<DIR>	d--------	C:DOCUME~1zeniThDANEAP~1Real2007-06-02 20:59	<DIR>	d--------	C:DOCUME~1zeniThDANEAP~1Media Player Classic2007-06-02 20:59	<DIR>	d--------	C:DOCUME~1ALLUSE~1DANEAP~1Real2007-06-02 12:50	<DIR>	d--------	C:Program FilesSkype2007-06-02 12:50	<DIR>	d--------	C:Program FilesCommon FilesSkype2007-06-02 12:50	<DIR>	d--------	C:DOCUME~1zeniThDANEAP~1Skype2007-06-02 12:50	<DIR>	d--------	C:DOCUME~1ALLUSE~1DANEAP~1Skype2007-06-01 20:56	6,752	--a------	C:WINDOWSsystem32PfModNT.sys2007-06-01 20:56	<DIR>	d--------	C:Program FilesCreative2007-06-01 20:43	<DIR>	d--h-----	C:WINDOWSPIF2007-06-01 19:59	<DIR>	d---s----	C:DOCUME~1zeniThUserData2007-05-31 23:10	9,464	---------	C:WINDOWSsystem32driverscdralw2k.sys2007-05-31 23:10	9,336	---------	C:WINDOWSsystem32driverscdr4_xp.sys2007-05-31 23:10	43,528	---------	C:WINDOWSsystem32driversPxHelp20.sys2007-05-31 23:10	129,784	---------	C:WINDOWSsystem32pxafs.dll2007-05-31 23:09	<DIR>	d--------	C:Program FilesWinamp2007-05-30 20:26	<DIR>	d--------	C:Program FilesMicrosoft CAPICOM 2.1.0.22007-05-30 17:00	<DIR>	d--------	C:DOCUME~1DanielDANEAP~1Image Zone Express2007-05-30 14:46	178,408	--a------	C:WINDOWSsystem32muweb.dll2007-05-30 14:46	128,232	--a------	C:WINDOWSsystem32mucltui.dll2007-05-30 14:29	<DIR>	d--------	C:DOCUME~1zeniThDANEAP~1AdobeUM2007-05-30 14:13	<DIR>	d--------	C:Program FilesMicrosoft Works2007-05-30 14:12	<DIR>	d--------	C:Program FilesMicrosoft.NET2007-05-30 14:11	<DIR>	d--------	C:WINDOWSSHELLNEW2007-05-30 14:10	<DIR>	dr-h-----	C:MSOCache2007-05-30 14:10	<DIR>	d--------	C:DOCUME~1ALLUSE~1DANEAP~1Microsoft Help2007-05-28 13:42	<DIR>	d--------	C:Program FilesA4TECH2007-05-28 13:38	12,160	--a------	C:WINDOWSsystem32driversmouhid.sys2007-05-26 21:39	<DIR>	d--------	C:Program FilesCommon FilesHP2007-05-26 21:39	<DIR>	d--------	C:DOCUME~1ALLUSE~1DANEAP~1HP2007-05-26 21:36	<DIR>	d--------	C:Program FilesCommon FilesHewlett-Packard2007-05-26 21:35	94,208	--a------	C:WINDOWSsystem32HPZipt12.dll2007-05-26 21:35	69,632	--a------	C:WINDOWSsystem32HPZipm12.exe2007-05-26 21:35	61,440	--a------	C:WINDOWSsystem32HPZinw12.exe2007-05-26 21:35	57,344	--a------	C:WINDOWSsystem32HPZisn12.dll2007-05-26 21:35	278,584	--a------	C:WINDOWSsystem32HPZidr12.dll2007-05-26 21:35	204,800	--a------	C:WINDOWSsystem32HPZipr12.dll2007-05-26 21:34	<DIR>	d--------	C:Program FilesHP2007-05-26 21:33	51,120	-ra------	C:WINDOWSsystem32driversHPZid412.sys2007-05-26 21:33	16,496	-ra------	C:WINDOWSsystem32driversHPZipr12.sys2007-05-26 21:32	21,744	-ra------	C:WINDOWSsystem32driversHPZius12.sys2007-05-26 21:31	606,208	-ra------	C:WINDOWSsystem32hpotscl.dll2007-05-26 21:31	278,528	-ra------	C:WINDOWSsystem32hpgwiamd.dll2007-05-26 21:31	274,432	-ra------	C:WINDOWSsystem32HPZc3212.dll2007-05-26 21:31	258,122	-ra------	C:WINDOWSsystem32hpovst08.dll2007-05-26 21:31	15,104	--a------	C:WINDOWSsystem32driversusbscan.sys2007-05-26 21:31	<DIR>	d--------	C:DOCUME~1zeniThDANEAP~1HP2007-05-26 21:29	25,856	--a------	C:WINDOWSsystem32driversusbprint.sys2007-05-25 20:34	17,920	--a------	C:WINDOWSsystem32driverssermouse.sys2007-05-24 21:55	<DIR>	d--------	C:Program FilesMSXML 4.02007-05-24 20:24	<DIR>	d--------	C:DOCUME~1zeniThPhone Browser2007-05-24 20:17	<DIR>	d--------	C:DOCUME~1DanielDANEAP~1Nokia Multimedia Player2007-05-24 20:13	<DIR>	d--------	C:DOCUME~1DanielPhone Browser2007-05-24 20:13	<DIR>	d--------	C:DOCUME~1DanielDANEAP~1PC Suite2007-05-24 20:09	<DIR>	d--------	C:Program FilesCommon FilesPCSuite2007-05-24 20:09	<DIR>	d--------	C:Program FilesCommon FilesNokia2007-05-18 00:05	<DIR>	d--------	C:Program FilesWindows Media Connect 22007-05-18 00:04	<DIR>	d--------	C:WINDOWSsystem32LogFiles2007-05-18 00:04	<DIR>	d--------	C:WINDOWSsystem32driversUMDF2007-05-13 09:23	<DIR>	d--------	C:DOCUME~1DanielDANEAP~1Gadu-Gadu2007-05-13 09:21	<DIR>	d--------	C:DOCUME~1DanielGadu-Gadu2007-05-12 20:13	<DIR>	d--------	C:DOCUME~1DanielDANEAP~1Talkback2007-05-12 12:04	682,232	--a------	C:WINDOWSsystem32driverssptd.sys((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))2007-06-12 17:19:08	68,334	----a-w	C:WINDOWSsystem32perfc015.dat2007-06-12 17:19:08	439,326	----a-w	C:WINDOWSsystem32perfh015.dat2007-06-12 16:55:57	--------	d-----w	C:Program FilesNeostrada TP2007-06-04 12:57:00	664	----a-w	C:WINDOWSsystem32d3d9caps.dat2007-05-30 16:34:10	2,071	----a-w	C:WINDOWSmozver.dat2007-05-14 21:32:06	60,273	----a-w	C:WINDOWSsystem32pthreadGC2.dll2007-05-14 21:32:06	10,752	----a-w	C:WINDOWSsystem32ff_vfw.dll2007-05-10 17:19:30	--------	d-----w	C:Program FilesMessenger2007-05-10 15:59:31	--------	d-----w	C:DOCUME~1zeniThDANEAP~1Gadu-Gadu2007-05-10 15:44:31	271,360	----a-w	C:WINDOWSsystem32driversatksgt.sys2007-05-10 15:44:31	18,048	----a-w	C:WINDOWSsystem32driverslirsgt.sys2007-05-10 15:30:07	--------	d-----w	C:DOCUME~1zeniThDANEAP~1Talkback2007-05-10 15:29:52	0	----a-w	C:WINDOWSnsreg.dat2007-05-10 15:20:20	--------	d--h--w	C:Program FilesWindowsUpdate2007-05-10 15:07:00	--------	d-----w	C:Program FilesMarvell2007-05-10 15:06:57	--------	d-----w	C:Program FilesCommon FilesInstallShield2007-05-10 15:01:31	--------	d-----w	C:Program FilesAnalog Devices2007-05-10 14:57:06	--------	d-----w	C:Program FilesIntel2007-05-10 14:48:23	--------	d-----w	C:Program FilesCommon FilesODBC2007-05-10 14:48:20	--------	d-----w	C:Program FilesCommon FilesSpeechEngines2007-05-10 14:42:23	--------	d-----w	C:Program FilesMovie Maker2007-05-10 14:40:59	--------	d-----w	C:Program FilesWindows NT2007-05-10 14:04:51	--------	d-----w	C:Program FilesThomson2007-05-10 14:04:22	--------	d-----w	C:Program FilesJava Web Start2007-05-10 13:56:32	--------	d-----w	C:Program Filesmicrosoft frontpage2007-05-10 13:56:19	0	--sha-r	C:MSDOS.SYS2007-05-10 13:56:19	0	--sha-r	C:IO.SYS2007-05-10 13:56:19	0	----a-w	C:CONFIG.SYS2007-05-10 13:56:19	0	----a-w	C:AUTOEXEC.BAT2007-05-10 13:54:14	--------	d-----w	C:Program FilesCommon FilesMSSoap2007-05-10 13:53:50	21,856	----a-w	C:WINDOWSsystem32emptyregdb.dat2007-05-10 13:53:36	--------	d-----w	C:Program FilesUsługi online2007-05-10 13:53:23	--------	d-----w	C:Program FilesMSN Gaming Zone2007-04-18 16:14:32	2,854,400	----a-w	C:WINDOWSsystem32msi.dll2007-03-17 13:45:36	293,376	----a-w	C:WINDOWSsystem32winsrv.dll(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))*Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects]{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=E:ProgramyAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2006-01-12 20:38][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]"WooCnxMon"="C:PROGRA~1NEOSTR~1CnxMon.exe" [2003-10-16 18:07]"SpeedTouch USB Diagnostics"="C:Program FilesThomsonSpeedTouch USBDragdiag.exe" [2004-01-26 11:38]"WOOWATCH"="C:PROGRA~1NEOSTR~1Watch.exe" [2003-10-16 18:07]"WOOTASKBARICON"="C:PROGRA~1NEOSTR~1TaskbarIcon.exe" [2003-10-16 18:07]"SoundMAXPnP"="C:Program FilesAnalog DevicesCoresmax4pnp.exe" [2006-07-20 07:04]"SoundMAX"="C:Program FilesAnalog DevicesSoundMAXSmax4.exe" [2006-07-13 08:12]"nwiz"="nwiz.exe" [2006-10-22 12:22 C:WINDOWSsystem32nwiz.exe]"APVXDWIN"="e:ProgramyPanda SoftwarePanda Antivirus 2007APVXDWIN.exe" [2006-09-13 08:59]"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 15:21 C:WINDOWSsystem32HdAShCut.exe]"KBDriver"="E:ProgramyrevoltecOEMDriver.exe" [2006-07-25 20:07]"InCD"="C:Program FilesAheadInCDInCD.exe" [2005-07-08 16:25]"LGODDFU"="e:Programylg_fwupdatefwupdate.exe" [2006-02-20 12:40]"DataLayer"="C:PROGRA~1COMMON~1PCSuiteDATALA~1DATALA~1.EXE" [2004-09-23 10:33]"PCSuiteTrayApplication"="E:ProgramyNokiaNOKIAP~1TRAYAP~1.EXE" [2004-09-15 15:36]"WheelMouse"="e:ProgramyA4TechMouseAmoumain.exe" [2006-02-17 11:14]"WinampAgent"="e:ProgramyWinampwinampa.exe" [2007-05-19 11:39]"TkBellExe"="C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" [2007-06-02 21:07]"@"="" []"Sony Ericsson PC Suite"="C:Program FilesSony EricssonMobile2Application LauncherApplication Launcher.exe" [2005-10-26 17:17][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]"CTFMON.EXE"="C:WINDOWSsystem32ctfmon.exe" [2004-08-04 00:44]"Gadu-Gadu"="E:ProgramyGadu-Gadugg.exe" [2007-05-10 16:36]"DAEMON Tools"="E:ProgramyDAEMON Toolsdaemon.exe" [2007-04-04 00:29][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavldr]avldr.dll**************************************************************************catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.netRootkit scan 2007-06-12 19:19:05Windows 5.1.2600 Dodatek Service Pack 2 NTFSscanning hidden processes ...scanning hidden autostart entries ...scanning hidden files ...scan completed successfullyhidden files: 0**************************************************************************Completion time: 2007-06-12 19:19:36C:ComboFix-quarantined-files.txt ... 2007-06-12 19:19	--- E O F ---

[ Dodano: 2007-06-12, 19:22 ]

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/Operating System: Windows XP SP2Output limited to non-default values, except where indicated by "{++}"Startup items buried in registry:---------------------------------HKCUSoftwareMicrosoftWindowsCurrentVersionRun {++}"CTFMON.EXE" = "C:WINDOWSsystem32ctfmon.exe" [MS]"Gadu-Gadu" = ""E:ProgramyGadu-Gadugg.exe" /tray" ["Gadu-Gadu S.A."]"DAEMON Tools" = ""E:ProgramyDAEMON Toolsdaemon.exe" -lang 1033" ["DT Soft Ltd."]HKLMSoftwareMicrosoftWindowsCurrentVersionRun {++}"WooCnxMon" = "C:PROGRA~1NEOSTR~1CnxMon.exe" [empty string]"SpeedTouch USB Diagnostics" = ""C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon" ["THOMSON Telecom Belgium"]"WOOWATCH" = "C:PROGRA~1NEOSTR~1Watch.exe" ["France Télécom R&D"]"WOOTASKBARICON" = "C:PROGRA~1NEOSTR~1TaskbarIcon.exe" ["France Télécom R&D"]"SoundMAXPnP" = "C:Program FilesAnalog DevicesCoresmax4pnp.exe" ["Analog Devices, Inc."]"SoundMAX" = ""C:Program FilesAnalog DevicesSoundMAXSmax4.exe" /tray" ["Analog Devices, Inc."]"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]"APVXDWIN" = ""e:ProgramyPanda SoftwarePanda Antivirus 2007APVXDWIN.EXE" /s" ["Panda Software International"]"High Definition Audio Property Page Shortcut" = "HDAShCut.exe" ["Windows ® Server 2003 DDK provider"]"KBDriver" = "E:ProgramyrevoltecOEMDriver.exe" [empty string]"InCD" = "C:Program FilesAheadInCDInCD.exe" ["Nero AG"]"LGODDFU" = "e:Programylg_fwupdatefwupdate.exe" [null data]"DataLayer" = "C:PROGRA~1COMMON~1PCSuiteDATALA~1DATALA~1.EXE" ["Nokia Mobile Phones Ltd."]"PCSuiteTrayApplication" = "E:ProgramyNokiaNOKIAP~1TRAYAP~1.EXE" [empty string]"WheelMouse" = "e:ProgramyA4TechMouseAmoumain.exe" ["A4Tech Co., Ltd."]"WinampAgent" = "e:ProgramyWinampwinampa.exe" [null data]"TkBellExe" = ""C:Program FilesCommon FilesRealUpdate_OBrealsched.exe"  -osboot" ["RealNetworks, Inc."]"(Default)" = "(empty string)" [file not found]"Sony Ericsson PC Suite" = ""C:Program FilesSony EricssonMobile2Application LauncherApplication Launcher.exe" /startoptions" ["Sony Ericsson Mobile Communications AB"]HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided)  -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"				   InProcServer32(Default) = "E:ProgramyAdobeAcrobat 7.0ActiveXAcroIEHelper.dll" ["Adobe Systems Incorporated"]HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"  -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"				   InProcServer32(Default) = "deskpan.dll" [file not found]"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"  -> {HKLM...CLSID} = "HyperTerminal Icon Ext"				   InProcServer32(Default) = "C:WINDOWSSystem32hticons.dll" ["Hilgraeve, Inc."]"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"  -> {HKLM...CLSID} = "DesktopContext Class"				   InProcServer32(Default) = "C:WINDOWSsystem32nvcpl.dll" ["NVIDIA Corporation"]"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"  -> {HKLM...CLSID} = "WinRAR"				   InProcServer32(Default) = "e:ProgramyWinRARrarext.dll" [null data]"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"  -> {HKLM...CLSID} = "Desktop Explorer"				   InProcServer32(Default) = "C:WINDOWSsystem32nvshell.dll" ["NVIDIA Corporation"]"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"  -> {HKLM...CLSID} = (no title provided)				   InProcServer32(Default) = "C:WINDOWSsystem32nvshell.dll" ["NVIDIA Corporation"]"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"  -> {HKLM...CLSID} = "nView Desktop Context Menu"				   InProcServer32(Default) = "C:WINDOWSsystem32nvshell.dll" ["NVIDIA Corporation"]"{65756541-C65C-11CD-0000-4B656E696100}" = "Panda Antivirus"  -> {HKLM...CLSID} = "Panda Antivirus"				   InProcServer32(Default) = "e:ProgramyPanda SoftwarePanda Antivirus 2007ShellTit.DLL" ["Panda Software International"]"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"  -> {HKLM...CLSID} = "NVIDIA CPL Extension"				   InProcServer32(Default) = "C:WINDOWSsystem32nvcpl.dll" ["NVIDIA Corporation"]"{950FF917-7A57-46BC-8017-59D9BF474000}" = "Shell Extension for CDRW"  -> {HKLM...CLSID} = "Shell Extension for CDRW"				   InProcServer32(Default) = "C:Program FilesAheadInCDincdshx.dll" ["Nero AG"]"{40950107-FEA6-4d53-A65F-B2DCBA57DD58}" = "Nokia Phone Browser"  -> {HKLM...CLSID} = "Nokia Phone Browser"				   InProcServer32(Default) = "E:ProgramyNokiaNokia PC Suite 6PhoneBrowser.dll" ["Nokia"]"{FBFE7864-D495-41f0-B7DC-4BB601CC295E}" = "Contact View"  -> {HKLM...CLSID} = "Contact View"				   InProcServer32(Default) = "E:ProgramyNokiaNokia PC Suite 6ContactView.dll" ["Nokia"]"{C0C4375A-5B72-4efe-929D-3B848C3A1E91}" = "Message View"  -> {HKLM...CLSID} = "Message View"				   InProcServer32(Default) = "E:ProgramyNokiaNokia PC Suite 6MessageView.dll" ["Nokia"]"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"  -> {HKLM...CLSID} = "Outlook File Icon Extension"				   InProcServer32(Default) = "C:PROGRA~1MICROS~2Office12OLKFSTUB.DLL" [MS]"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"  -> {HKLM...CLSID} = "Microsoft Office Outlook"				   InProcServer32(Default) = "C:PROGRA~1MICROS~2Office12MLSHEXT.DLL" [MS]"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"  -> {HKLM...CLSID} = (no title provided)				   InProcServer32(Default) = "C:Program FilesMicrosoft OfficeOffice12msohevi.dll" [MS]"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler"  -> {HKLM...CLSID} = "Microsoft Office Metadata Handler"				   InProcServer32(Default) = "C:PROGRA~1COMMON~1MICROS~1OFFICE12msoshext.dll" [MS]"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler"  -> {HKLM...CLSID} = "Microsoft Office Thumbnail Handler"				   InProcServer32(Default) = "C:PROGRA~1COMMON~1MICROS~1OFFICE12msoshext.dll" [MS]"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"  -> {HKLM...CLSID} = "RealOne Player Context Menu Class"				   InProcServer32(Default) = "e:ProgramyRealRealPlayerrpshell.dll" ["RealNetworks, Inc."]"{A5110426-177D-4e08-AB3F-785F10B4439C}" = "Sony Ericsson File Manager"  -> {HKLM...CLSID} = "Sony Ericsson File Manager"				   InProcServer32(Default) = "C:Program FilesSony EricssonMobile2File Managerfmgrgui.dll" ["Sony Ericsson Mobile Communications AB"]HKLMSoftwareMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"  -> {HKLM...CLSID} = "WPDShServiceObj Class"				   InProcServer32(Default) = "C:WINDOWSsystem32WPDShServiceObj.dll" [MS]HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogonNotify<<!>> avldrDLLName = "avldr.dll" ["Panda Software"]HKLMSoftwareClassesPROTOCOLSFilter<<!>> text/xmlCLSID = "{807563E5-5146-11D5-A672-00B0D022E945}"  -> {HKLM...CLSID} = "Microsoft Office InfoPath XML Mime Filter"				   InProcServer32(Default) = "C:PROGRA~1COMMON~1MICROS~1OFFICE12MSOXMLMF.DLL" [MS]HKLMSoftwareClassesFoldershellexColumnHandlers{F9DB5320-233E-11D1-9F84-707F02C10627}(Default) = "PDF Column Info"  -> {HKLM...CLSID} = "PDF Shell Extension"				   InProcServer32(Default) = "E:ProgramyAdobeAcrobat 7.0ActiveXPDFShell.dll" ["Adobe Systems, Inc."]HKLMSoftwareClasses*shellexContextMenuHandlersPanda Antivirus(Default) = "{65756541-C65C-11CD-0000-4B656E696100}"  -> {HKLM...CLSID} = "Panda Antivirus"				   InProcServer32(Default) = "e:ProgramyPanda SoftwarePanda Antivirus 2007ShellTit.DLL" ["Panda Software International"]WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"				   InProcServer32(Default) = "e:ProgramyWinRARrarext.dll" [null data]HKLMSoftwareClassesDirectoryshellexContextMenuHandlersWinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"				   InProcServer32(Default) = "e:ProgramyWinRARrarext.dll" [null data]HKLMSoftwareClassesFoldershellexContextMenuHandlersPanda Antivirus(Default) = "{65756541-C65C-11CD-0000-4B656E696100}"  -> {HKLM...CLSID} = "Panda Antivirus"				   InProcServer32(Default) = "e:ProgramyPanda SoftwarePanda Antivirus 2007ShellTit.DLL" ["Panda Software International"]WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"				   InProcServer32(Default) = "e:ProgramyWinRARrarext.dll" [null data]Group Policies {GPedit.msc branch and setting}:-----------------------------------------------Note: detected settings may not have any effect.HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|Shutdown: Allow system to be shut down without having to log on}"undockwithoutlogon" = (REG_DWORD) hex:0x00000001{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|Devices: Allow undock without having to log on}Active Desktop and Wallpaper:-----------------------------Active Desktop may be disabled at this entry:HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShellStateDisplayed if Active Desktop enabled and wallpaper not set by Group Policy:HKCUSoftwareMicrosoftInternet ExplorerDesktopGeneral"Wallpaper" = "C:WINDOWSsystem32configsystemprofileUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp"Displayed if Active Desktop disabled and wallpaper not set by Group Policy:HKCUControl PanelDesktop"Wallpaper" = "C:Documents and SettingszeniThUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp"Startup items in "zeniTh" & "All Users" startup folders:--------------------------------------------------------C:Documents and SettingsAll UsersMenu StartProgramyAutostart"Adobe Reader Speed Launch" -> shortcut to: "E:ProgramyAdobeAcrobat 7.0Readerreader_sl.exe" ["Adobe Systems Incorporated"]Winsock2 Service Provider DLLs:-------------------------------Namespace Service ProvidersHKLMSystemCurrentControlSetServicesWinsock2ParametersNameSpace_Catalog5Catalog_Etries {++}000000000001LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]000000000002LibraryPath = "%SystemRoot%System32winrnr.dll" [MS]000000000003LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]Transport Service ProvidersHKLMSystemCurrentControlSetServicesWinsock2ParametersProtocol_Catalog9Catalog_Enries {++}0000000000##PackedCatalogItem (contains) DLL [Company Name], (at) ## range:e:programypanda softwarepanda antivirus 2007pavlsp.dll ["Panda Software International"], 01 - 03, 24%SystemRoot%system32mswsock.dll [MS], 04 - 06, 09 - 23%SystemRoot%system32rsvpsp.dll [MS], 07 - 08Toolbars, Explorer Bars, Extensions:------------------------------------Explorer BarsHKLMSoftwareMicrosoftInternet ExplorerExplorer BarsHKLMSoftwareClassesCLSID{01002DB2-8170-4D9B-A8B1-DDC9DD114E03}(Default) = "Volet Wanadoo"Implemented Categories{00021494-0000-0000-C000-000000000046} [horizontal bar]InProcServer32(Default) = "C:PROGRA~1NEOSTR~1audienceaudience.dll" [empty string]HKLMSoftwareClassesCLSID{3BAF4A27-C764-4E1A-A6F4-62F7A7E5E51C}(Default) = "ToolBand Class"Implemented Categories{00021494-0000-0000-C000-000000000046} [horizontal bar]InProcServer32(Default) = "C:PROGRA~1NEOSTR~1audienceaudience.dll" [empty string]HKLMSoftwareClassesCLSID{5BF498C0-931E-4A4F-B33F-456D07137EAA}(Default) = "Volet Wanadoo"Implemented Categories{00021494-0000-0000-C000-000000000046} [horizontal bar]InProcServer32(Default) = "C:PROGRA~1NEOSTR~1audienceaudience.dll" [empty string]HKLMSoftwareClassesCLSID{FF059E31-CC5A-4E2E-BF3B-96E929D65503}(Default) = "&Poszukaj"Implemented Categories{00021493-0000-0000-C000-000000000046} [vertical bar]InProcServer32(Default) = "C:PROGRA~1MICROS~2Office12REFIEBAR.DLL" [MS]Extensions (Tools menu items, main toolbar menu buttons)HKLMSoftwareMicrosoftInternet ExplorerExtensions{92780B25-18CC-41C8-B9BE-3C9C571A8263}"ButtonText" = "Research"Miscellaneous IE Hijack Points------------------------------HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks<<H>> "{08C06D61-F1F3-4799-86F8-BE1A89362C85}" = (no title provided)  -> {HKLM...CLSID} = "Search Class"				   InProcServer32(Default) = "C:PROGRA~1NEOSTR~1SEARCH~1.DLL" [empty string]Running Services (Display Name, Service Name, Path {Service DLL}):------------------------------------------------------------------InCD Helper, InCDsrv, "C:Program FilesAheadInCDInCDsrv.exe" ["Nero AG"]Panda anti-virus service, PAVSRV, ""e:ProgramyPanda SoftwarePanda Antivirus 2007pavsrv51.exe"" ["Panda Software International"]Panda IManager Service, PSIMSVC, ""e:ProgramyPanda SoftwarePanda Antivirus 2007PsImSvc.exe"" ["Panda Software"]Pml Driver HPZ12, Pml Driver HPZ12, "C:WINDOWSsystem32HPZipm12.exe" ["HP"]Print Monitors:---------------HKLMSystemCurrentControlSetControlPrintMonitorsHP Standard TCP/IP PortDriver = "HpTcpMon.dll" ["Hewlett Packard"]----------<<!>>: Suspicious data at a malware launch point.<<H>>: Suspicious data at a browser hijack point.+ This report excludes default entries except where indicated.+ To see *everywhere* the script checks and *everything* it finds,  launch it from a command prompt or a shortcut with the -all parameter.+ The search for DESKTOP.INI DLL launch points on all local fixed drives  took 11 seconds.---------- (total run time: 46 seconds)

[CatchMe]

Logi czyste. Zobacz co się dzieje u Ciebie z autostartem... :mowiciel:

[zeniTh]

Zobacz co się dzieje u Ciebie z autostartem... :mowiciel:

tzn. co masz na myśli ?

[CatchMe]

Jest przeładowany... Musisz trochę odznaczyć pozycji. START >>> URUCHOM >>> msconfig >>> URUCHAMIANIE

[zeniTh]

aha

spoko u mnie to normalka na początku ale myślę, że jakoś sobie poradzę

dzięki