Prosba o sprawdzenie logow. ponowny rozruch ?

[magic666]

Co jakis czas wszystkie programy same z siebie zamykaja sie i zostaje z pustym explorerem, zaraz przed tym da sie zauwazyc wyskakujacy dymek z jakims bledem ktory znika w ulamku sekundy.
W podgladzie zdarzen znalazlem cos takiego

Kod: Zaznacz wszystko

Proces winlogon.exe zainicjował ponowne uruchomienie WOJTEK z następującej przyczyny: Inne zadania (zaplanowane)
Pomniejsza przyczyna: 0x0
Typ zamknięcia systemu: ponowny rozruch
Komentarz:

Aby znaleźć więcej informacji, zobacz http://go.microsoft.com/fwlink/events.asp w Centrum pomocy i obsługi technicznej.

Logi:
Rist

Kod: Zaznacz wszystko

Logfile of random's system information tool 1.04 (written by random/random)
Run by Wojto at 2008-11-22 22:18:51
Microsoft Windows XP Professional Dodatek Service Pack 2
System drive C: has 4 GB (54%) free of 8 GB
Total RAM: 2047 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:19, on 2008-11-22
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\cFosSpeed\spd.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Gigabyte\ET5\GUI.exe
F:\PROGRA~1\AVG\AVG8\avgemc.exe
F:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\system32\wuauclt.exe
F:\Program Files\AVG\AVG8\avgrsx.exe
F:\Program Files\AVG\AVG8\avgrsx.exe
F:\Program Files\AVG\AVG8\avgrsx.exe
F:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINDOWS\explorer.exe
f:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Wojto\Pulpit\RSIT.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\trend micro\Wojto.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - F:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\ETcall.exe
O4 - HKLM\..\Run: [AVG8_TRAY] F:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] F:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{A851B48A-07AA-42BB-AE9D-B1A9892FBE0B}: NameServer = 208.67.222.222 208.67.220.220
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - F:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 4825 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-03-27 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - F:\Program Files\AVG\AVG8\avgssie.dll [2008-09-17 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27 501056]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EasyTuneV"=C:\Program Files\Gigabyte\ET5\ETcall.exe [2006-12-15 31552]
"AVG8_TRAY"=F:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-01 1234712]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"adiras"=adiras.exe []
"cFosSpeed"=C:\Program Files\cFosSpeed\cFosSpeed.exe [2008-07-03 867544]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-28 17331200]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-04 159744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Program Files\DNA\btdna.exe [2008-10-17 289088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HEXelon MAX]
C:\Program Files\HEXelon MAX 6\hexelon.exe [2007-06-28 2816512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-03-13 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
F:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-03-25 214360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\Program Files\AVG\AVG8\avgupd.exe"="F:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"F:\Program Files\AVG\AVG8\avgemc.exe"="F:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\O]
shell\AutoRun\command - O:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69758a20-84c4-11dd-8d0a-4d6564696130}]
shell\AutoRun\command - O:\LaunchU3.exe -a


======List of files/folders created in the last 1 months======

2008-11-22 22:18:55 ----D---- C:\Program Files\trend micro
2008-11-22 22:18:51 ----D---- C:\rsit
2008-11-22 22:15:51 ----A---- C:\WINDOWS\PSEXESVC.EXE
2008-11-22 22:15:48 ----D---- C:\WINDOWS\temp
2008-11-22 22:13:53 ----A---- C:\WINDOWS\zip.exe
2008-11-22 22:13:53 ----A---- C:\WINDOWS\VFIND.exe
2008-11-22 22:13:53 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-11-22 22:13:53 ----A---- C:\WINDOWS\SWSC.exe
2008-11-22 22:13:53 ----A---- C:\WINDOWS\SWREG.exe
2008-11-22 22:13:53 ----A---- C:\WINDOWS\sed.exe
2008-11-22 22:13:53 ----A---- C:\WINDOWS\NIRCMD.exe
2008-11-22 22:13:53 ----A---- C:\WINDOWS\grep.exe
2008-11-22 22:13:53 ----A---- C:\WINDOWS\fdsv.exe
2008-11-22 22:13:49 ----D---- C:\WINDOWS\ERDNT
2008-11-22 22:13:49 ----D---- C:\Qoobox
2008-11-22 22:13:49 ----D---- C:\ComboFix
2008-11-22 22:13:48 ----A---- C:\WINDOWS\system32\CF17961.exe
2008-11-22 17:57:03 ----D---- C:\Program Files\SystemRequirementsLab
2008-11-21 15:08:11 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters
2008-11-21 15:08:05 ----RA---- C:\WINDOWS\system32\tmp116.tmp
2008-11-21 15:08:05 ----RA---- C:\WINDOWS\system32\tmp115.tmp
2008-11-21 15:08:05 ----D---- C:\Program Files\OpenAL
2008-11-21 15:08:05 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2008-11-21 15:08:05 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2008-11-21 15:07:18 ----RA---- C:\WINDOWS\system32\tmp114.tmp
2008-11-18 21:03:53 ----D---- C:\Documents and Settings\Wojto\Dane aplikacji\HEXelon
2008-11-18 21:03:50 ----D---- C:\Program Files\HEXelon MAX 6
2008-11-15 11:41:50 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2008-11-12 11:31:36 ----D---- C:\Documents and Settings\Wojto\Dane aplikacji\Nokia Multimedia Player
2008-11-10 17:30:52 ----D---- C:\sr
2008-11-10 15:06:37 ----D---- C:\WINDOWS\system32\xlive
2008-11-10 14:47:51 ----D---- C:\NVIDIA
2008-11-10 12:21:20 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2008-11-10 12:21:20 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2008-11-10 12:21:19 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2008-11-10 12:21:19 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2008-11-10 12:21:19 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2008-11-10 12:21:18 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2008-11-10 12:21:17 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2008-11-09 12:32:29 ----D---- C:\WINDOWS\system32\LogFiles
2008-11-08 11:03:32 ----A---- C:\WINDOWS\system32\cfosspeed.dll
2008-10-29 18:39:09 ----D---- C:\Documents and Settings\Wojto\Dane aplikacji\HPAppData
2008-10-28 19:28:11 ----D---- C:\Documents and Settings\Wojto\Dane aplikacji\HP
2008-10-28 19:27:47 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\WEBREG
2008-10-28 19:12:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\HP Product Assistant
2008-10-28 19:12:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\HP
2008-10-28 19:12:27 ----D---- C:\Program Files\Common Files\HP
2008-10-28 19:12:25 ----D---- C:\Program Files\Hewlett-Packard
2008-10-28 19:12:22 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2008-10-28 19:11:39 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Hewlett-Packard
2008-10-28 19:11:32 ----RA---- C:\WINDOWS\system32\hpzids01.dll
2008-10-28 19:11:31 ----A---- C:\WINDOWS\system32\hpz3l5mu.dll
2008-10-28 19:10:55 ----RA---- C:\WINDOWS\system32\hppldcoi.dll
2008-10-28 19:10:55 ----RA---- C:\WINDOWS\system32\hpovst15.dll
2008-10-28 19:10:55 ----RA---- C:\WINDOWS\system32\hpotscl6.dll
2008-10-28 19:10:55 ----RA---- C:\WINDOWS\system32\difxapi.dll
2008-10-28 19:07:52 ----D---- C:\Program Files\HP
2008-10-28 19:07:22 ----HD---- C:\Config.Msi

======List of files/folders modified in the last 1 months======

2008-11-22 22:19:22 ----D---- C:\Program Files\cFosSpeed
2008-11-22 22:18:55 ----RD---- C:\Program Files
2008-11-22 22:17:14 ----D---- C:\WINDOWS
2008-11-22 22:17:14 ----A---- C:\WINDOWS\system.ini
2008-11-22 22:17:05 ----D---- C:\WINDOWS\system32\drivers
2008-11-22 22:15:41 ----D---- C:\WINDOWS\system32
2008-11-22 22:15:28 ----D---- C:\WINDOWS\AppPatch
2008-11-22 22:15:28 ----D---- C:\Program Files\Common Files
2008-11-22 22:14:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-22 22:13:53 ----SHD---- C:\System Volume Information
2008-11-22 22:13:53 ----D---- C:\WINDOWS\system32\Restore
2008-11-22 22:13:49 ----D---- C:\WINDOWS\Prefetch
2008-11-22 16:47:08 ----D---- C:\Documents and Settings\Wojto\Dane aplikacji\BitTorrent
2008-11-22 12:17:38 ----SH---- C:\boot.ini
2008-11-22 12:17:38 ----A---- C:\WINDOWS\win.ini
2008-11-22 12:17:37 ----D---- C:\WINDOWS\pss
2008-11-21 22:26:10 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-21 15:02:55 ----D---- C:\WINDOWS\system32\DirectX
2008-11-21 15:02:54 ----HD---- C:\WINDOWS\inf
2008-11-21 14:46:40 ----D---- C:\Documents and Settings\Wojto\Dane aplikacji\foobar2000
2008-11-20 23:46:15 ----D---- C:\Program Files\Soulseek
2008-11-20 22:37:12 ----A---- C:\WINDOWS\wincmd.ini
2008-11-20 22:28:07 ----D---- C:\Program Files\WinRAR
2008-11-18 23:00:02 ----A---- C:\WINDOWS\avisplitter.ini
2008-11-18 22:01:15 ----SD---- C:\Documents and Settings\Wojto\Dane aplikacji\Microsoft
2008-11-18 22:01:14 ----D---- C:\Documents and Settings\Wojto\Dane aplikacji\Ventrilo
2008-11-16 13:05:31 ----D---- C:\Documents and Settings\Wojto\Dane aplikacji\teamspeak2
2008-11-15 11:42:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-15 11:42:03 ----D---- C:\WINDOWS\system32\RTCOM
2008-11-14 18:04:37 ----A---- C:\WINDOWS\wcx_ftp.ini
2008-11-11 11:21:52 ----HD---- C:\$AVG8.VAULT$
2008-11-10 15:06:58 ----SHD---- C:\WINDOWS\Installer
2008-11-10 15:06:37 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2008-11-10 14:49:59 ----D---- C:\WINDOWS\nview
2008-11-10 14:49:59 ----D---- C:\WINDOWS\Help
2008-11-09 12:39:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-09 12:06:28 ----D---- C:\Documents and Settings\Wojto\Dane aplikacji\DNA
2008-11-08 11:03:48 ----A---- C:\WINDOWS\cFosSpeed_Setup_Log.txt
2008-10-28 19:14:09 ----D---- C:\WINDOWS\WinSxS
2008-10-28 19:12:28 ----D---- C:\WINDOWS\twain_32
2008-10-28 19:08:19 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-28 17:18:26 ----A---- C:\WINDOWS\RTHDCPL.EXE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-09-17 97928]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-09-17 26824]
R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320]
R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R2 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-09-17 76040]
R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2007-02-07 118552]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 cFosSpeed;cFosSpeed Miniport; C:\WINDOWS\system32\DRIVERS\cfosspeed.sys [2008-07-03 732376]
R3 ET5Drv;ET5Drv; \??\C:\WINDOWS\system32\Drivers\ET5Drv.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-18 9600]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-01-24 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-01-24 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-01-24 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-31 4942336]
R3 MarkFun_NT;MarkFun_NT; \??\C:\Program Files\Gigabyte\ET5\markfun.w32 []
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S2 ELOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2007-02-07 56088]
S3 GarenaPEngine;GarenaPEngine; \??\E:\TMP\GPEBC.tmp []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 npkcrypt;npkcrypt; \??\G:\Program Files\Lineage II\system\npkcrypt.sys []
S3 npkcusb;npkcusb; \??\G:\Program Files\Lineage II\system\npkcusb.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG8 E-mail Scanner; F:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-09-17 875288]
R2 avg8wd;AVG8 WatchDog; F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-17 231704]
R2 cFosSpeedS;cFosSpeed System Service; C:\Program Files\cFosSpeed\spd.exe [2008-07-03 314584]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]

-----------------EOF-----------------


Kod: Zaznacz wszystko

info.txt logfile of random's system information tool 1.04 2008-11-22 22:19:30

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Aktualizacja dla systemu Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
AutoIt v3.2.12.1-->C:\Program Files\AutoIt3\Uninstall.exe
AVG Free 8.0-->F:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
cFosSpeed v4.24-->"C:\Program Files\cFosSpeed\setup.exe" -uninstall
Easy Macro Recorder 3.70-->"C:\Program Files\Easy Macro Recorder\unins000.exe"
EasyTune5-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Gigabyte\ET5\Uninst.isu" -c"C:\Program Files\Gigabyte\ET5\uninstdrv.dll"
foobar2000 v0.9.5.5-->"f:\Program Files\foobar2000\uninstall.exe"
Fraps (remove only)-->"f:\Fraps\uninstall.exe"
Gadu-Gadu 7.6-->f:\Program Files\Gadu-Gadu\Setup.exe
Garena-->C:\Program Files\InstallShield Installation Information\{89C89156-A70F-4C6D-9CAE-2EA71F1396FE}\setup.exe -runfromtemp -l0x0009 -removeonly
GRID-->"C:\Program Files\InstallShield Installation Information\{5A0B7BA5-4682-4273-81C2-69B17E649103}\setup.exe" -runfromtemp -l0x0009 -removeonly
Guild Wars-->"g:\Program Files\Guild Wars\Gw.exe" -uninstall
HEXelon MAX 6.07-->"C:\Program Files\HEXelon MAX 6\unins000.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3-->C:\Program Files\HP\Digital Imaging\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}\setup\hpzscr01.exe -datfile hposcr28.dat -onestop
HP Imaging Device Functions 11.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 11.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K-Lite Codec Pack 4.1.7 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LEKsykon - Baza Leków-->"f:\Program Files\LekSeek\LEKsykon - Baza Leków\uninst.exe"
Lineage II-->C:\Program Files\InstallShield Installation Information\{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}\setup.exe -runfromtemp -l0x0009 -removeonly
Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mIRC-->"F:\Program Files\mIRC\mirc.exe" -uninstall
Mozilla Firefox (3.0.4)-->f:\Program Files\Mozilla Firefox\uninstall\helper.exe
NAPIPROJEKT 1.0.6.1-->"C:\Program Files\NAPI-PROJEKT\unins000.exe"
Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}
Nokia PC Suite-->C:\Documents and Settings\All Users\Dane aplikacji\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_EA.exe /LANG="1045"
Nokia PC Suite-->MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OCR Software by I.R.I.S. 11.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OpenAL-->"C:\Program Files\OpenAL\OalinstGridRelease.exe" /U
Pakiet sterowników systemu Windows - Nokia Modem  (11/03/2006 6.82.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
PC Connectivity Solution-->MsiExec.exe /I{066D65EA-ED53-44E4-A96A-F81B6E409D2E}
PingPlotter Standard 3.20.1s-->C:\Program Files\PingPlotter Standard\uninst.exe
Poprawka dla systemu Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Poprawka systemu Windows XP - KB884020-->C:\WINDOWS\$NtUninstallKB884020$\spuninst\spuninst.exe
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x0015 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x15  -removeonly
SAGEM F@st 800-840-->C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe -runfromtemp -l0x0015 -removeonly
SoulSeek Client 156c-->"C:\Program Files\Soulseek\uninstall.exe"
Spybot - Search & Destroy-->"f:\Program Files\Spybot - Search & Destroy\unins000.exe"
SubEdit-Player-->"f:\Program Files\SubEdit-Player\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Total Commander (Remove or Repair)-->F:\totalcmd\tcuninst.exe
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
VentriloMIX-->f:\Program Files\VentriloMIX\Uninstal.exe
Windows Driver Package - Nokia (WUDFRd) WPD  (03/19/2007 6.83.31.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33E\pccswpddriver.inf
Windows Driver Package - Nokia Modem  (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
XP Codec Pack-->C:\Program Files\XP Codec Pack\Uninstall.exe

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\PC Connectivity Solution
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0f02
"TEMP"=E:\TEMP
"TMP"=E:\TMP
"windir"=%SystemRoot%

-----------------EOF-----------------


I comboFix

Kod: Zaznacz wszystko

ComboFix 08-11-22.01 - Wojto 2008-11-22 22:15:03.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.1479 [GMT 1:00]
Uruchomiony z: C:\Documents and Settings\Wojto\Pulpit\ComboFix.exe
* Utworzono nowy punkt przywracania

[COLOR=RED][B]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\hpowiax7.dll

.
(((((((((((((((((((((((((   Pliki utworzone od 2008-10-22 do 2008-11-22  )))))))))))))))))))))))))))))))
.

2008-11-22 17:57 . 2008-11-22 17:59   <DIR>   d--------   C:\Program Files\SystemRequirementsLab
2008-11-22 17:56 . 2008-11-22 17:56   <DIR>   d--------   C:\Documents and Settings\Wojto\SystemRequirementsLab
2008-11-21 15:08 . 2008-11-21 15:08   <DIR>   d--------   C:\Program Files\OpenAL
2008-11-21 15:08 . 2008-11-21 15:08   <DIR>   d--------   C:\Documents and Settings\All Users\Dane aplikacji\Codemasters
2008-11-21 15:08 . 2008-04-28 16:53   805,400   -ra------   C:\WINDOWS\system32\tmp116.tmp
2008-11-21 15:08 . 2008-04-28 16:53   805,400   -ra------   C:\WINDOWS\system32\tmp115.tmp
2008-11-21 15:08 . 2008-11-21 15:08   444,952   --a------   C:\WINDOWS\system32\wrap_oal.dll
2008-11-21 15:08 . 2008-11-21 15:08   109,080   --a------   C:\WINDOWS\system32\OpenAL32.dll
2008-11-21 15:07 . 2008-04-28 16:53   805,400   -ra------   C:\WINDOWS\system32\tmp114.tmp
2008-11-18 21:03 . 2008-11-18 21:03   <DIR>   d--------   C:\Program Files\HEXelon MAX 6
2008-11-18 21:03 . 2008-11-18 21:03   <DIR>   d--------   C:\Documents and Settings\Wojto\Dane aplikacji\HEXelon
2008-11-15 11:41 . 2008-08-05 20:10   1,684,736   --a------   C:\WINDOWS\system32\drivers\Ambfilt.sys
2008-11-15 11:41 . 2006-01-04 15:41   1,389,056   --a------   C:\WINDOWS\system32\drivers\Monfilt.sys
2008-11-15 11:41 . 2008-10-27 18:12   34,816   --a------   C:\WINDOWS\system32\RtkCoInstXP.dll
2008-11-12 11:31 . 2008-11-12 11:31   <DIR>   d--------   C:\Documents and Settings\Wojto\Dane aplikacji\Nokia Multimedia Player
2008-11-10 17:30 . 2008-11-10 17:30   <DIR>   d--------   C:\sr
2008-11-10 15:06 . 2008-11-10 15:06   <DIR>   d--------   C:\WINDOWS\system32\xlive
2008-11-10 14:48 . 2008-10-07 13:33   201,157   --a------   C:\WINDOWS\system32\nvapps.nvb
2008-11-10 14:47 . 2008-11-10 14:47   <DIR>   d--------   C:\NVIDIA
2008-11-10 12:21 . 2008-10-10 04:52   4,379,984   --a------   C:\WINDOWS\system32\D3DX9_40.dll
2008-11-10 12:21 . 2008-10-10 04:52   2,036,576   --a------   C:\WINDOWS\system32\D3DCompiler_40.dll
2008-11-10 12:21 . 2008-10-27 10:04   514,384   --a------   C:\WINDOWS\system32\XAudio2_3.dll
2008-11-10 12:21 . 2008-10-10 04:52   452,440   --a------   C:\WINDOWS\system32\d3dx10_40.dll
2008-11-10 12:21 . 2008-10-27 10:04   235,856   --a------   C:\WINDOWS\system32\xactengine3_3.dll
2008-11-10 12:21 . 2008-10-27 10:04   70,992   --a------   C:\WINDOWS\system32\XAPOFX1_2.dll
2008-11-10 12:21 . 2008-10-27 10:04   23,376   --a------   C:\WINDOWS\system32\X3DAudio1_5.dll
2008-11-09 12:32 . 2008-11-09 12:32   <DIR>   d--------   C:\WINDOWS\system32\LogFiles
2008-11-08 11:03 . 2008-07-03 18:04   732,376   -ra------   C:\WINDOWS\system32\drivers\cfosspeed.sys
2008-11-08 11:03 . 2008-07-03 18:04   290,008   --a------   C:\WINDOWS\system32\cfosspeed.dll
2008-10-29 18:39 . 2008-10-29 18:39   <DIR>   d--------   C:\Documents and Settings\Wojto\Dane aplikacji\HPAppData
2008-10-28 19:28 . 2008-10-28 19:28   <DIR>   d--------   C:\Documents and Settings\Wojto\Dane aplikacji\HP
2008-10-28 19:27 . 2008-10-28 19:27   <DIR>   d--------   C:\Documents and Settings\All Users\Dane aplikacji\WEBREG
2008-10-28 19:12 . 2008-10-28 19:12   <DIR>   d--------   C:\Program Files\Hewlett-Packard
2008-10-28 19:12 . 2008-10-28 19:12   <DIR>   d--------   C:\Program Files\Common Files\HP
2008-10-28 19:12 . 2008-10-28 19:12   <DIR>   d--------   C:\Program Files\Common Files\Hewlett-Packard
2008-10-28 19:12 . 2008-10-28 19:12   <DIR>   d--------   C:\Documents and Settings\All Users\Dane aplikacji\HP Product Assistant
2008-10-28 19:12 . 2008-10-28 19:13   <DIR>   d--------   C:\Documents and Settings\All Users\Dane aplikacji\HP
2008-10-28 19:11 . 2008-10-28 19:11   <DIR>   d--------   C:\Documents and Settings\All Users\Dane aplikacji\Hewlett-Packard
2008-10-28 19:11 . 2008-01-24 22:23   271,704   -ra------   C:\WINDOWS\system32\hpzids01.dll
2008-10-28 19:11 . 2007-10-20 18:25   118,272   --a------   C:\WINDOWS\system32\hpz3l5mu.dll
2008-10-28 19:11 . 2008-01-24 22:22   49,920   -ra------   C:\WINDOWS\system32\drivers\HPZid412.sys
2008-10-28 19:11 . 2008-01-24 22:22   21,568   -ra------   C:\WINDOWS\system32\drivers\HPZius12.sys
2008-10-28 19:11 . 2008-01-24 22:22   16,496   -ra------   C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-10-28 19:10 . 2008-01-24 22:22   581,632   -ra------   C:\WINDOWS\system32\hpotscl6.dll
2008-10-28 19:10 . 2008-01-24 22:22   372,736   -ra------   C:\WINDOWS\system32\hppldcoi.dll
2008-10-28 19:10 . 2008-01-24 22:22   309,760   -ra------   C:\WINDOWS\system32\difxapi.dll
2008-10-28 19:10 . 2008-01-24 22:22   303,104   -ra------   C:\WINDOWS\system32\hpovst15.dll
2008-10-28 19:10 . 2004-08-03 22:58   15,104   --a------   C:\WINDOWS\system32\drivers\usbscan.sys
2008-10-28 19:10 . 2004-08-03 22:58   15,104   --a--c---   C:\WINDOWS\system32\dllcache\usbscan.sys
2008-10-28 19:07 . 2008-10-28 19:36   <DIR>   d--------   C:\Program Files\HP
2008-10-28 19:07 . 2004-08-03 23:01   25,856   --a------   C:\WINDOWS\system32\drivers\usbprint.sys
2008-10-28 19:07 . 2004-08-03 23:01   25,856   --a--c---   C:\WINDOWS\system32\dllcache\usbprint.sys
2008-10-28 19:03 . 2008-10-28 19:15   177,539   --a------   C:\WINDOWS\hpoins28.dat
2008-10-28 19:03 . 2008-07-01 05:02   796   ---------   C:\WINDOWS\hpomdl28.dat

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-22 21:17   ---------   d-----w   C:\Program Files\cFosSpeed
2008-11-22 15:47   ---------   d-----w   C:\Documents and Settings\Wojto\Dane aplikacji\BitTorrent
2008-11-21 13:46   ---------   d-----w   C:\Documents and Settings\Wojto\Dane aplikacji\foobar2000
2008-11-20 22:46   ---------   d-----w   C:\Program Files\Soulseek
2008-11-18 21:01   ---------   d-----w   C:\Documents and Settings\Wojto\Dane aplikacji\Ventrilo
2008-11-16 12:05   ---------   d-----w   C:\Documents and Settings\Wojto\Dane aplikacji\teamspeak2
2008-11-09 11:06   ---------   d-----w   C:\Documents and Settings\Wojto\Dane aplikacji\DNA
2008-10-31 10:38   4,942,336   ----a-w   C:\WINDOWS\system32\drivers\RtkHDAud.sys
2008-10-28 16:18   17,331,200   ----a-w   C:\WINDOWS\RTHDCPL.EXE
2008-10-17 07:57   ---------   d-----w   C:\Program Files\DNA
2008-10-17 07:57   ---------   d-----w   C:\Program Files\BitTorrent
2008-10-15 12:23   ---------   d-----w   C:\Program Files\Ventrilo
2008-10-15 12:23   ---------   d-----w   C:\Program Files\Common Files\Wise Installation Wizard
2008-10-13 19:36   ---------   d-----w   C:\Program Files\DIFX
2008-10-13 19:36   ---------   d-----w   C:\Documents and Settings\Wojto\Dane aplikacji\Nokia
2008-10-13 19:36   ---------   d-----w   C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
2008-10-13 19:35   ---------   d-----w   C:\Program Files\PC Connectivity Solution
2008-10-13 19:35   ---------   d-----w   C:\Program Files\Common Files\PCSuite
2008-10-13 19:35   ---------   d-----w   C:\Program Files\Common Files\Nokia
2008-10-13 19:35   ---------   d-----w   C:\Documents and Settings\Wojto\Dane aplikacji\PC Suite
2008-10-13 19:34   ---------   d-----w   C:\Documents and Settings\All Users\Dane aplikacji\Installations
2008-10-10 14:41   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
2008-10-10 14:31   2,829   ----a-w   C:\WINDOWS\War3Unin.pif
2008-10-10 14:31   139,264   ----a-w   C:\WINDOWS\War3Unin.exe
2008-10-04 20:54   ---------   d-----w   C:\Program Files\NAPI-PROJEKT
2008-10-02 09:07   453,152   ----a-w   C:\WINDOWS\system32\NVUNINST.EXE
2008-09-30 15:38   2,168,320   ----a-w   C:\WINDOWS\MicCal.exe
2008-09-30 05:29   ---------   d-----w   C:\Documents and Settings\Wojto\Dane aplikacji\Media Player Classic
2008-09-30 05:27   ---------   d-----w   C:\Program Files\XP Codec Pack
2008-09-30 05:26   ---------   d-----w   C:\Program Files\K-Lite Codec Pack
2008-09-28 17:08   ---------   d-----w   C:\Program Files\AutoIt3
2008-09-25 17:39   ---------   d-----w   C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2008-09-25 14:17   ---------   d-----w   C:\Program Files\Java
2008-09-25 14:11   ---------   d-----w   C:\Program Files\Common Files\Java
2008-09-22 19:40   ---------   d-----w   C:\Documents and Settings\Wojto\Dane aplikacji\U3
2008-09-19 16:48   1,200,128   ----a-w   C:\WINDOWS\RtlUpd.exe
2008-09-17 07:18   10,520   ----a-w   C:\WINDOWS\system32\avgrsstx.dll
2008-09-15 21:07   219,648   ----a-w   C:\WINDOWS\system32\uxtheme.dll
2008-08-26 19:11   987,136   ----a-w   C:\WINDOWS\system32\VSFilter.dll
2008-08-25 15:17   528,384   ----a-w   C:\WINDOWS\RtlExUpd.dll
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EasyTuneV"="C:\Program Files\Gigabyte\ET5\ETcall.exe" [2006-12-15 13:13 31552]
"AVG8_TRAY"="F:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-01 08:35 1234712]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-10-07 13:33 13574144]
"cFosSpeed"="C:\Program Files\cFosSpeed\cFosSpeed.exe" [2008-07-03 18:04 867544]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-10-07 13:33 86016]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 00:44 159744]
"nwiz"="nwiz.exe" [2008-10-07 13:33 1630208 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2008-10-28 17:18 17331200 C:\WINDOWS\RTHDCPL.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360]
"Nokia.PCSync"="F:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 14:58 1744896]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-09-17 15:25:02 1205840]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.FFDS"= ffdshow.ax
"msacm.ac3filter"= ac3filter.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
--a------ 2008-10-17 08:57 289088 C:\Program Files\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HEXelon MAX]
--a------ 2007-06-28 20:44 2816512 C:\Program Files\HEXelon MAX 6\hexelon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2008-03-25 21:27 49152 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
--a------ 2008-03-13 09:34 81920 C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2008-10-07 13:33 13574144 C:\WINDOWS\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2007-03-23 12:20 227328 F:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 03:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2008-10-07 13:33 1630208 C:\WINDOWS\system32\nwiz.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"F:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"F:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"C:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-09-15 22:36:25 97928]
R2 avg8emc;AVG8 E-mail Scanner;F:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-09-17 08:18:53 875288]
R2 avg8wd;AVG8 WatchDog;F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-17 08:18:54 231704]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-09-15 22:36:28 76040]
S2 ELOADER;General Purpose USB Driver (adildr.sys);C:\WINDOWS\system32\Drivers\adildr.sys [2008-09-17 15:25:01 56088]
S3 GarenaPEngine;GarenaPEngine;\??\E:\TMP\GPEBC.tmp [2008-11-18 15:57:03 4992]
S3 MarkFun_NT;MarkFun_NT;\??\C:\Program Files\Gigabyte\ET5\markfun.w32 [2008-09-15 21:43:21 13512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt   REG_MULTI_SZ      hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\O]
\Shell\AutoRun\command - O:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69758a20-84c4-11dd-8d0a-4d6564696130}]
\Shell\AutoRun\command - O:\LaunchU3.exe -a
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKLM-Run-adiras - adiras.exe


.
------- Skan uzupełniający -------
.
FireFox -: Profile - C:\Documents and Settings\Wojto\Dane aplikacji\Mozilla\Firefox\Profiles\c619aysd.default\
FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll
FF -: plugin - f:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
FF -: plugin - f:\Program Files\Mozilla Firefox\plugins\npnul32.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-22 22:17:08
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\E:\TMP\GPEBC.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MarkFun_NT]
"ImagePath"="\??\C:\Program Files\Gigabyte\ET5\markfun.w32"
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
C:\Program Files\cFosSpeed\spd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Gigabyte\ET5\GUI.exe
C:\WINDOWS\system32\rundll32.exe
F:\Program Files\AVG\AVG8\avgrsx.exe
F:\Program Files\AVG\AVG8\avgrsx.exe
F:\Program Files\AVG\AVG8\avgrsx.exe
F:\Program Files\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Czas ukończenia: 2008-11-22 22:18:16 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2008-11-22 21:18:09

Przed: 4 568 682 496 bajtów wolnych
Po: 4,569,767,936 bajtów wolnych

233


[Okocza]

magic666, popraw nazwę tematu na taką która powie coś o Twoim problemie

[wojtas]

1. Ściągnij OTMoveIt i go włacz i odpal go z opcji CleanUp oraz skasuj folder C:\Qoobox
2. wykonaj optymalizację windowsa
3.sciagnij ATF_Cleaner
zaznacz
Windows Temp
All users Temp
Temporary internet files
Recycle Bin
i wcisnij EMPTY SELECTED
4.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
5.Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

i tym:

FixIEDef.