proszę o sprawdzenie loga

[dammek]

podczas wykonywania kilku czynności nagle komputer sie zawiesza,ikonki z paska zadań oraz pulpitu są nieaktywne,strony lub programy nie dają się zakmnąć-jedynie wywołanie menadżera zadań komplikacją klawiszy Alt+Ctrl+Del i następnie zamknięcie go iksem powoduje odmulenie komputera i wszystko działa jak powinno,ale nie na długo,bo po kilku minutach sytuacja sie powtarza.

Kod: Zaznacz wszystko

Logfile of HijackThis v1.99.1
Scan saved at 13:41:48, on 2007-06-07
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Weather Alarm Clock\WeatherAlarmClock.exe
C:\PROGRA~1\Speed-X\SpeedX.exe
C:\Program Files\Kalendarz XP\Kalendarz.exe
C:\Program Files\Neostrada TP\NeostradaTP.exe
C:\Program Files\Neostrada TP\ComComp.exe
C:\Program Files\Neostrada TP\Watch.exe
C:\Documents and Settings\User\Pulpit\utorrent.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Opera\Opera.exe
D:\Ściągnięte\Programy\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WeatherAlarmClock] C:\Program Files\Weather Alarm Clock\WeatherAlarmClock.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [SpeedX] C:\PROGRA~1\Speed-X\SpeedX.exe
O4 - HKCU\..\Run: [zRain] C:\Program Files\Weather Alarm Clock\zRain.exe
O4 - Global Startup: Kalendarz XP.lnk = C:\Program Files\Kalendarz XP\Kalendarz.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6853AB5B-BF0B-439F-82B7-7AFB94215440}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:\Program Files\cFosSpeed\spd.exe" -service (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


[wojtas]

O4 - HKCU\..\Run: [WeatherAlarmClock] C:\Program Files\Weather Alarm Clock\WeatherAlarmClock.exe
O4 - HKCU\..\Run: [zRain] C:\Program Files\Weather Alarm Clock\zRain.exe

znasz to??

daj loga z:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

[dammek]

A tamto to od takiego programiku od pogody,przed jego instalacja też występowal ten problem,więc raczej nie on jest winny

"User" - 2007-06-07 22:45:00 Dodatek Service Pack 2 NTFS
ComboFix 07-06-3B - Running from: "D:\—ciĄgni©te\Programy\"


((((((((((((((((((((((((( Files Created from 2007-05-07 to 2007-06-07 )))))))))))))))))))))))))))))))


2007-06-07 12:45 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-06-05 18:45 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2007-06-05 15:24 <DIR> d-------- C:\Program Files\Thomson
2007-06-05 02:15 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-06-05 02:15 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-06-05 02:15 <DIR> d-------- C:\WINDOWS\srchasst
2007-06-05 02:15 <DIR> d-------- C:\WINDOWS\msagent
2007-06-05 02:15 <DIR> d-------- C:\Program Files\msn gaming zone
2007-06-05 02:15 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-06-05 02:12 <DIR> d-------- C:\WINDOWS\system32\AppData
2007-06-05 02:10 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll
2007-06-05 02:10 4,608 --a------ C:\WINDOWS\system32\W95INF32.DLL
2007-06-05 02:10 28,160 --a------ C:\WINDOWS\system32\anim.dll
2007-06-05 02:10 258,352 --a------ C:\WINDOWS\system32\unicows.dll
2007-06-05 02:10 2,272 --a------ C:\WINDOWS\system32\W95INF16.DLL
2007-06-05 02:10 <DIR> d-------- C:\Program Files\Advanced Windows Optimizer
2007-06-05 01:02 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-06-05 01:02 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-06-05 01:02 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-06-04 19:55 <DIR> d-------- C:\Program Files\Dziobas Rar Player
2007-06-04 19:26 1,771 --a------ C:\WINDOWS\mozver.dat
2007-06-04 19:26 <DIR> d-------- C:\DOCUME~1\User\DANEAP~1\Netscape
2007-06-04 19:19 <DIR> d-------- C:\Program Files\Netscape
2007-06-04 16:42 <DIR> d-------- C:\DOCUME~1\User\DANEAP~1\vlc
2007-06-03 21:47 0 --a------ C:\WINDOWS\nsreg.dat
2007-06-03 21:29 <DIR> d-------- C:\Program Files\Neostrada TP
2007-06-03 21:04 <DIR> d-------- C:\Program Files\Opera
2007-06-03 21:04 <DIR> d-------- C:\DOCUME~1\User\DANEAP~1\Opera
2007-06-03 11:20 <DIR> d-------- C:\DOCUME~1\User\DANEAP~1\Google
2007-06-03 11:16 <DIR> d-------- C:\DOCUME~1\User\DANEAP~1\Skype
2007-06-03 11:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Google
2007-06-03 11:15 <DIR> d-------- C:\Program Files\Google
2007-06-03 11:15 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Skype
2007-06-03 11:06 <DIR> d-------- C:\Program Files\SopCast
2007-06-03 11:06 <DIR> d-------- C:\DOCUME~1\User\DANEAP~1\SopCast
2007-06-03 11:00 <DIR> d-------- C:\Program Files\Kalendarz XP
2007-06-03 10:55 <DIR> d-------- C:\Program Files\CWK
2007-06-03 10:54 <DIR> d-------- C:\Program Files\BearShare
2007-06-03 09:50 <DIR> d-------- C:\Program Files\Speed-X
2007-06-03 09:26 <DIR> d-------- C:\GRY
2007-06-02 21:49 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-06-02 21:46 8,864 --a------ C:\WINDOWS\system32\drivers\CDAC15BA.SYS
2007-06-02 21:46 <DIR> d--h----- C:\C_DILLA
2007-06-02 21:40 <DIR> d-------- C:\DOCUME~1\User\DANEAP~1\ABBYY
2007-06-02 21:20 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-06-02 21:18 <DIR> d-------- C:\DOCUME~1\User\DANEAP~1\Hewlett-Packard
2007-06-02 20:17 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2007-06-02 20:15 <DIR> d-------- C:\Program Files\MSBuild
2007-06-02 20:15 <DIR> d-------- C:\Program Files\Microsoft Works
2007-06-02 20:10 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-06-02 20:09 <DIR> dr-h----- C:\MSOCache
2007-06-02 20:09 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Microsoft Help
2007-06-02 19:01 <DIR> d-------- C:\DOCUME~1\User\.javaws
2007-06-02 15:36 82,432 -ra------ C:\WINDOWS\system32\MSXML4r.dll
2007-06-02 15:36 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll
2007-06-02 15:36 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll
2007-06-02 15:36 44,544 -ra------ C:\WINDOWS\system32\MSXML4a.dll
2007-06-02 15:36 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll
2007-06-02 15:36 1,230,336 -ra------ C:\WINDOWS\system32\MSXML4.dll
2007-06-02 14:51 <DIR> d-------- C:\Program Files\InkSaver
2007-06-02 14:18 94,720 --a------ C:\WINDOWS\system32\umaxud32.dll
2007-06-02 14:18 50,688 --a------ C:\WINDOWS\system32\umaxscan.dll
2007-06-02 14:18 50,176 --a------ C:\WINDOWS\system32\umaxp60.dll
2007-06-02 14:18 22,912 --a------ C:\WINDOWS\system32\drivers\umaxpcls.sys
2007-06-02 14:11 <DIR> d-------- C:\DOCUME~1\User\DANEAP~1\ArcSoft
2007-06-02 14:07 163,840 --a------ C:\WINDOWS\system32\PhotoImpression Screen Saver.scr
2007-06-02 14:05 212,480 --a------ C:\WINDOWS\pcdlib32.dll
2007-06-02 14:05 <DIR> d-------- C:\Program Files\ArcSoft
2007-06-02 14:03 <DIR> d-------- C:\DOCUME~1\User\WINDOWS
2007-06-02 13:49 82,380 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS
2007-06-02 13:48 <DIR> d-------- C:\Program Files\HP
2007-06-02 13:43 327,168 --a------ C:\WINDOWS\IsUn0415.exe
2007-06-02 13:43 <DIR> d-------- C:\Program Files\Hewlett-Packard
2007-06-02 13:42 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-06-02 13:42 <DIR> d-------- C:\WINDOWS\Profiles
2007-06-02 13:42 <DIR> d-------- C:\DOCUME~1\User\DANEAP~1\InterTrust
2007-06-02 13:33 <DIR> d--hs---- C:\RECYCLER
2007-06-02 13:29 9,216 -ra------ C:\WINDOWS\system32\drivers\videX32.sys
2007-06-02 13:28 331,184 --------- C:\WINDOWS\system32\difxapi.dll
2007-06-02 13:28 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-06-02 13:28 <DIR> d-------- C:\Program Files\VIA
2007-06-02 13:27 917,504 -ra------ C:\WINDOWS\system\cmids3d.dll
2007-06-02 13:27 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-06-02 13:27 712,704 -ra------ C:\WINDOWS\system32\Audio3D.dll
2007-06-02 13:27 712,704 -ra------ C:\WINDOWS\system32\a3d.dll
2007-06-02 13:27 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-06-02 13:27 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-06-02 13:27 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-06-02 13:27 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-06-02 13:27 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-06-02 13:27 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-06-02 13:27 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-06-02 13:27 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-06-02 13:27 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-06-02 13:27 32,768 -ra------ C:\WINDOWS\system32\udaprop.dll
2007-06-02 13:27 28,672 -ra------ C:\WINDOWS\system32\cmirmdrv.dll
2007-06-02 13:27 233,472 -ra------ C:\WINDOWS\system32\cmirmdrv.exe
2007-06-02 13:27 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-06-02 13:27 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-06-02 13:27 167,936 -ra------ C:\WINDOWS\system32\cmuda.dll


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-03 19:36:08 47,898 ----a-w C:\WINDOWS\system32\perfc015.dat
2007-06-03 19:36:08 352,770 ----a-w C:\WINDOWS\system32\perfh015.dat
2007-05-12 09:11:51 80,256 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2007-05-12 09:11:51 8,192 ----a-w C:\WINDOWS\system32\tsbyuv.dll
2007-05-12 09:11:51 8,192 ----a-w C:\WINDOWS\system32\streamci.dll
2007-05-12 09:11:51 72,192 ----a-w C:\WINDOWS\system32\sprio800.dll
2007-05-12 09:11:51 70,656 ----a-w C:\WINDOWS\system32\sprio600.dll
2007-05-12 09:11:51 69,632 ----a-w C:\WINDOWS\system32\spnike.dll
2007-05-12 09:11:51 63,744 ----a-w C:\WINDOWS\system32\drivers\mf.sys
2007-05-12 09:11:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2007-05-12 09:11:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
2007-05-12 09:11:51 58,112 ----a-w C:\WINDOWS\system32\drivers\vdmindvd.sys
2007-05-12 09:11:51 57,856 ----a-w C:\WINDOWS\system32\dvdplay.exe
2007-05-12 09:11:51 55,296 ----a-w C:\WINDOWS\system32\dmutil.dll
2007-05-12 09:11:51 51,712 ----a-w C:\WINDOWS\system32\drivers\tosdvd.sys
2007-05-12 09:11:51 49,152 ----a-w C:\WINDOWS\system32\cnbjmon.dll
2007-05-12 09:11:51 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll
2007-05-12 09:11:51 46,592 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2007-05-12 09:11:51 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2007-05-12 09:11:51 41,088 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2007-05-12 09:11:51 40,704 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2007-05-12 09:11:51 4,352 ----a-w C:\WINDOWS\system32\drivers\swenum.sys
2007-05-12 09:11:51 39,552 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2007-05-12 09:11:51 35,328 ----a-w C:\WINDOWS\system32\pid.dll
2007-05-12 09:11:51 30,208 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2007-05-12 09:11:51 3,200 ----a-w C:\WINDOWS\system32\wowfax.dll
2007-05-12 09:11:51 262,528 ----a-w C:\WINDOWS\system32\drivers\cinemst2.sys
2007-05-12 09:11:51 25,472 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys
2007-05-12 09:11:51 23,936 ----a-w C:\WINDOWS\system32\drivers\usbcamd2.sys
2007-05-12 09:11:51 23,808 ----a-w C:\WINDOWS\system32\drivers\usbcamd.sys
2007-05-12 09:11:51 23,296 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2007-05-12 09:11:51 21,376 ----a-w C:\WINDOWS\system32\drivers\tsbvcap.sys
2007-05-12 09:11:51 20,992 ----a-w C:\WINDOWS\system32\hid.dll
2007-05-12 09:11:51 18,688 ----a-w C:\WINDOWS\system32\drivers\cdaudio.sys
2007-05-12 09:11:51 17,408 ----a-w C:\WINDOWS\system32\msyuv.dll
2007-05-12 09:11:51 16,000 ----a-w C:\WINDOWS\system32\drivers\usbintel.sys
2007-05-12 09:11:51 157,696 ----a-w C:\WINDOWS\system32\paqsp.dll
2007-05-12 09:11:51 15,488 ----a-w C:\WINDOWS\system32\drivers\mssmbios.sys
2007-05-12 09:11:51 15,360 ----a-w C:\WINDOWS\system32\pjlmon.dll
2007-05-12 09:11:51 147,968 ----a-w C:\WINDOWS\system32\mdwmdmsp.dll
2007-05-12 09:11:51 13,824 ----a-w C:\WINDOWS\system32\wowfaxui.dll
2007-05-12 09:11:51 12,416 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2007-05-12 09:11:51 12,288 ----a-w C:\WINDOWS\system32\drivers\fsvga.sys
2007-05-12 09:11:51 12,032 ----a-w C:\WINDOWS\system32\drivers\riodrv.sys
2007-05-12 09:11:51 12,032 ----a-w C:\WINDOWS\system32\drivers\rio8drv.sys
2007-05-12 09:11:51 12,032 ----a-w C:\WINDOWS\system32\drivers\nikedrv.sys
2007-05-12 09:11:51 11,776 ----a-w C:\WINDOWS\system32\drivers\cpqdap01.sys


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 16:39]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}=C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 00:48]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2006-10-22 12:22 C:\WINDOWS\system32\nwiz.exe]
"cFosSpeed"="C:\Program Files\cFosSpeed\cFosSpeed.exe" [2007-03-15 18:59]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-06-02 12:38]
"Cmaudio"="cmicnfg.cpl" []
"DeviceDiscovery"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 18:37]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38]
"WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2003-10-16 18:07]
"WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe" [2003-10-16 18:07]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-05-30 14:30]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:44]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 16:25]
"WeatherAlarmClock"="C:\Program Files\Weather Alarm Clock\WeatherAlarmClock.exe" [2007-03-31 16:52]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-04-17 13:12]
"SpeedX"="C:\PROGRA~1\Speed-X\SpeedX.exe" [2006-06-27 14:11]
"zRain"="C:\Program Files\Weather Alarm Clock\zRain.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"nltide_2"=regsvr32 /s /n /i:U shell32
"nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"=1 (0x1)
"DisableStatusMessages"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"=1 (0x1)
"NoSMMyPictures"=1 (0x1)
"NoSMConfigurePrograms"=1 (0x1)
"ClearRecentDocsOnExit"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoStartBanner"=1 (0x1)
"NoInstrumentation"=1 (0x1)
"NoStartMenuMFUprogramsList"=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)
"NoResolveTrack"=1 (0x1)
"LinkResolveIgnoreLinkInfo"=1 (0x1)
"NoResolveSearch"=1 (0x1)
"NoBandCustomize"=0 (0x0)
"NoMovingBands"=0 (0x0)
"NoCloseDragDropBands"=0 (0x0)
"NoSetTaskbar"=0 (0x0)
"NoToolbarsOnTaskbar"=0 (0x0)
"NoSaveSettings"=0 (0x0)
"LockTaskbar"=0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"=1 (0x1)
"NoSMMyPictures"=1 (0x1)
"NoSMConfigurePrograms"=1 (0x1)
"ClearRecentDocsOnExit"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoStartBanner"=1 (0x1)
"NoInstrumentation"=1 (0x1)
"NoStartMenuMFUprogramsList"=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)
"NoResolveTrack"=1 (0x1)
"LinkResolveIgnoreLinkInfo"=1 (0x1)
"NoResolveSearch"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL" [2006-10-27 00:48]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 14:29]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService WebClient LmHosts RemoteRegistry upnphost SSDPSRV

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*

*Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER
*Newly Created Service* - AVG_ANTI-SPYWARE_GUARD

Contents of the 'Scheduled Tasks' folder
2007-06-02 11:50:58 C:\WINDOWS\tasks\WebReg 20070602135057.job

**************************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-07 22:47:28
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-07 22:48:35

--- E O F ---

[wojtas]

w logach jest ok to nie wina wirusow