Witam. Jest to mój pierwszy post tutaj, i mam nadzieję nie ostatni. Niestety jednak muszę zacząć swoją karierę na foum od - a jakże - problemu. Otóż od paru dni mój komputer… Żyje własnym zyciem. Chodzi wolniej niż powinien. Ok. co 1-2 godziny zaliczam pięknego Bluescreena. Do tego niz gruszki, ni z pietruszki program którego korzystam (np. After Effects z niezapisanym wynikiem mojej kilkugodzinnej pracy) wyłącza się, i już nie chce się z powrotem włączyć. Załączam logi z HiJackThis oraz ComboFix i baaardzo proszę o pomoc. Przecież wszyscy dobrze wiemy, że bez komputerów nie ma życia 
HiJackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:40:22, on 2009-09-20
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\V0420Mon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=13928&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
--
End of file - 6515 bytes
ComboFix
ComboFix 09-09-18.02 - spankie 2009-09-20 18:56.1.4 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.48.1045.18.3326.2263 [GMT 2:00]
Uruchomiony z: c:\users\spankie\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090812-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1335 [VPS 090812-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\windows\system32\AutoRun.inf
c:\windows\system32\AVSredirect.dll
E:\install.exe
.
((((((((((((((((((((((((( Pliki utworzone od 2009-08-20 do 2009-09-20 )))))))))))))))))))))))))))))))
.
2009-09-20 17:04 . 2009-09-20 17:05 -------- d-----w- c:\users\spankie\AppData\Local\temp
2009-09-20 17:04 . 2009-09-20 17:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-20 16:40 . 2009-09-20 16:40 -------- d-----w- c:\program files\Trend Micro
2009-09-17 20:04 . 2009-09-17 20:04 -------- d-----w- c:\program files\Acclaim
2009-09-17 16:52 . 2009-09-17 16:52 -------- d-----w- c:\programdata\Codemasters
2009-09-17 16:51 . 2009-09-17 16:51 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2009-09-17 16:51 . 2009-09-17 16:51 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2009-09-17 16:51 . 2009-09-17 16:51 -------- d-----w- c:\program files\OpenAL
2009-09-17 15:03 . 2009-09-17 15:03 -------- d-----w- c:\users\spankie\AppData\Roaming\Autodesk
2009-09-17 15:03 . 2009-09-17 15:03 -------- d-----w- c:\users\spankie\AppData\Local\Autodesk
2009-09-17 14:57 . 2009-09-17 14:57 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2009-09-17 14:56 . 2009-09-17 15:03 -------- d-----w- c:\programdata\Autodesk
2009-09-17 14:55 . 2009-09-17 14:58 -------- d-----w- c:\program files\Autodesk
2009-09-17 14:54 . 2008-07-31 08:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2009-09-17 14:54 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2009-09-17 14:54 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2009-09-17 14:54 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2009-09-17 14:54 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-09-17 14:54 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2009-09-16 17:49 . 2006-09-26 11:57 28672 ----a-w- c:\windows\system32\AVEQT.dll
2009-09-16 17:49 . 2009-09-16 17:49 -------- d-----w- c:\program files\MOV to AVI MPEG WMV Converter
2009-09-12 20:24 . 2009-09-12 20:24 -------- d-----w- C:\Live! Cam
2009-09-12 20:24 . 2007-05-31 07:32 99648 ----a-w- c:\windows\system32\drivers\V0420Vid.sys
2009-09-12 20:24 . 2007-05-30 23:00 36864 ----a-w- c:\windows\system32\V0420Pin.dll
2009-09-12 20:24 . 2007-05-13 23:00 32768 ----a-w- c:\windows\system32\V0420Hwx.dll
2009-09-12 20:24 . 2007-05-13 23:00 262144 ----a-w- c:\windows\system32\V0420CVW.dll
2009-09-12 20:24 . 2007-04-29 23:00 32768 ----a-w- c:\windows\V0420Mon.exe
2009-09-12 20:24 . 2007-04-28 23:00 24576 ----a-w- c:\windows\V0420Cfg.exe
2009-09-12 20:24 . 2007-02-12 23:00 20480 ----a-w- c:\windows\system32\V0420Srv.exe
2009-09-12 20:24 . 2007-02-12 23:00 122880 ----a-w- c:\windows\system32\V0420Vfw.dll
2009-09-12 20:24 . 2006-06-16 09:30 90112 ----a-w- c:\windows\CtDrvIns.exe
2009-09-12 20:24 . 2005-07-06 23:07 36864 ----a-w- c:\windows\system32\CtCamMgr.dll
2009-09-12 20:20 . 2009-09-18 09:57 -------- d-----w- c:\users\spankie\AppData\Roaming\skypePM
2009-09-12 20:20 . 2009-09-12 20:20 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-09-12 20:19 . 2009-09-12 20:19 -------- d-----w- c:\program files\INTERIAPL
2009-09-12 20:18 . 2009-09-18 11:56 -------- d-----w- c:\users\spankie\AppData\Roaming\Skype
2009-09-12 20:18 . 2009-09-12 20:18 -------- d-----w- c:\program files\Common Files\Skype
2009-09-12 20:18 . 2009-09-13 08:12 -------- d-----r- c:\program files\Skype
2009-09-12 20:18 . 2009-09-12 20:18 -------- d-----w- c:\programdata\Skype
2009-09-12 19:19 . 2009-09-12 19:19 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-12 19:17 . 2009-09-12 19:17 -------- d-----w- c:\program files\Winamp
2009-09-10 18:07 . 2009-09-10 18:07 -------- d-----w- c:\program files\iPhone Configuration Utility
2009-09-10 18:06 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-10 18:06 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-09-10 18:05 . 2009-09-10 18:05 -------- d-----w- c:\program files\iPod
2009-09-10 18:05 . 2009-09-12 19:16 -------- d-----w- c:\program files\iTunes
2009-09-10 18:05 . 2009-09-10 18:06 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-10 18:03 . 2009-09-10 18:03 -------- d-----w- c:\program files\QuickTime
2009-09-09 08:30 . 2009-09-09 08:31 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-09-09 08:05 . 2007-10-22 01:37 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2009-09-09 08:04 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2009-09-09 08:04 . 2007-03-15 14:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2009-09-09 08:04 . 2007-03-12 14:42 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll
2009-09-09 08:04 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2009-09-09 08:04 . 2009-09-09 08:04 -------- d-----w- c:\windows\system32\xlive
2009-09-09 08:00 . 2009-09-18 11:11 -------- d-----w- c:\program files\Metin2_PL
2009-09-09 07:30 . 2009-09-09 07:30 -------- d-----w- c:\program files\Piranha Bytes
2009-09-05 08:59 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2009-09-05 07:59 . 2009-09-05 07:59 -------- d-----w- c:\program files\LitexMedia
2009-09-03 18:07 . 2009-09-03 18:07 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-09-03 14:39 . 2004-01-24 22:00 70656 ----a-w- c:\windows\system32\yv12vfw.dll
2009-09-03 14:39 . 2004-01-24 22:00 70656 ----a-w- c:\windows\system32\i420vfw.dll
2009-09-03 14:37 . 2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll
2009-09-03 14:37 . 2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2009-09-03 14:37 . 2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2009-09-03 14:37 . 2009-09-03 14:37 -------- d-----w- c:\program files\eRightSoft
2009-09-02 15:42 . 2009-09-02 15:42 -------- d-----w- c:\program files\Xvid
2009-09-02 15:42 . 2007-06-28 16:54 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2009-09-02 15:42 . 2007-06-28 16:52 765952 ----a-w- c:\windows\system32\xvidcore.dll
2009-09-01 20:11 . 2009-09-01 20:11 -------- d-----w- c:\users\spankie\AppData\Local\www.doom9.net
2009-09-01 20:05 . 2009-09-01 20:05 -------- d-----w- c:\program files\AviSynth 2.5
2009-09-01 20:02 . 2009-09-02 16:34 -------- d-----w- c:\program files\megui
2009-09-01 19:40 . 2009-09-01 19:40 -------- d-----w- c:\users\spankie\AppData\Roaming\Publish Providers
2009-09-01 16:57 . 2009-09-01 19:40 -------- d-----w- c:\users\spankie\AppData\Roaming\Sony
2009-09-01 16:57 . 2009-09-01 16:57 -------- d-----w- c:\users\spankie\AppData\Local\Sony
2009-09-01 16:56 . 2009-09-01 16:56 -------- d-----w- c:\programdata\Sony
2009-09-01 16:55 . 2009-09-01 16:55 -------- d-----w- c:\program files\Sony
2009-09-01 15:38 . 2000-08-23 15:00 33280 ----a-w- c:\windows\system32\HUFFYUV.DLL
2009-09-01 14:40 . 2009-09-08 19:44 -------- d-----w- c:\program files\Ultraviolet MovieMaker
2009-09-01 14:32 . 2009-09-01 14:36 -------- d-----w- c:\program files\Wolfenstein - Enemy Territory
2009-09-01 08:59 . 2009-09-01 09:34 -------- d-----w- c:\program files\Kangurek Kao
2009-08-31 12:51 . 2008-04-14 03:42 506368 ----a-w- c:\windows\system32\msxml.dll
2009-08-31 12:51 . 1998-06-17 23:00 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2009-08-28 17:42 . 2009-08-28 17:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-28 17:42 . 2009-08-28 17:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-28 11:25 . 2009-09-20 14:16 -------- d-----w- c:\program files\Warsow 0.5
2009-08-28 11:25 . 2009-08-28 11:25 -------- d-----w- c:\users\spankie\AppData\Roaming\Warsow 0.5
2009-08-27 20:50 . 2009-08-27 20:50 -------- d-----w- c:\users\spankie\AppData\Roaming\Media Player Classic
2009-08-27 14:55 . 2009-08-27 14:58 -------- d-----w- c:\program files\et_lol
2009-08-27 13:33 . 2009-08-27 13:34 -------- d-----w- c:\program files\OpenVPN
2009-08-27 10:18 . 2009-08-27 10:19 -------- d-----w- c:\users\spankie\AppData\Roaming\dvdcss
2009-08-26 23:16 . 2009-08-26 23:23 -------- d-----w- C:\Boot
2009-08-25 09:25 . 2009-08-25 09:25 -------- d-----w- c:\program files\PowerISO
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-20 16:49 . 2006-12-05 05:22 661818 ----a-w- c:\windows\system32\perfh015.dat
2009-09-20 16:49 . 2006-12-05 05:22 126702 ----a-w- c:\windows\system32\perfc015.dat
2009-09-20 16:44 . 2009-08-11 15:21 33069 ----a-w- c:\programdata\nvModes.dat
2009-09-20 16:44 . 2009-08-11 14:47 -------- d-----w- c:\programdata\NVIDIA
2009-09-20 16:33 . 2009-08-11 17:08 139904 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-09-20 16:33 . 2009-08-11 17:07 189744 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-09-20 13:47 . 2009-08-11 14:31 -------- d-----w- c:\users\spankie\AppData\Roaming\Xfire
2009-09-20 13:07 . 2009-08-11 14:27 60272 ----a-w- c:\users\spankie\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-19 20:58 . 2009-08-13 15:01 -------- d-----w- c:\users\spankie\AppData\Roaming\NoNameScript
2009-09-19 09:06 . 2009-08-12 18:08 -------- d-----w- c:\users\spankie\AppData\Roaming\vlc
2009-09-17 20:04 . 2009-08-11 15:06 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-17 19:10 . 2009-08-12 14:58 -------- d-----w- c:\program files\Rockstar Games
2009-09-17 15:03 . 2009-08-20 12:14 -------- d-----w- c:\programdata\FLEXnet
2009-09-17 14:34 . 2009-08-11 14:31 -------- d-----w- c:\programdata\Xfire
2009-09-12 20:05 . 2009-08-18 11:38 -------- d-----w- c:\program files\Java
2009-09-10 18:25 . 2009-08-11 15:13 -------- d-----w- c:\users\spankie\AppData\Roaming\Apple Computer
2009-09-10 18:05 . 2009-08-11 15:08 -------- d-----w- c:\program files\Common Files\Apple
2009-09-09 09:20 . 2009-08-11 14:31 -------- d-----w- c:\program files\Xfire
2009-09-09 08:06 . 2009-09-09 08:06 -------- d-----w- c:\program files\Bethesda Softworks
2009-09-04 15:44 . 2009-09-17 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-09-04 15:44 . 2009-09-17 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-09-04 15:44 . 2009-09-17 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-09-04 15:29 . 2009-09-17 16:44 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-09-04 15:29 . 2009-09-17 16:44 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-09-04 15:29 . 2009-09-17 16:44 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-09-04 15:29 . 2009-09-17 16:44 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-09-04 15:29 . 2009-09-17 16:44 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-09-01 14:46 . 2009-08-16 20:22 -------- d-----w- c:\program files\MediaManager
2009-09-01 11:42 . 2009-08-21 08:46 -------- d-----w- c:\users\spankie\AppData\Roaming\uTorrent
2009-08-31 12:51 . 2009-08-17 16:48 -------- d-----w- c:\program files\SmireBoule
2009-08-21 15:04 . 2009-08-21 15:04 -------- d-----w- c:\program files\Ventrilo Mix
2009-08-21 15:02 . 2009-08-21 15:02 -------- d-----w- c:\program files\VentriloMIX
2009-08-21 09:37 . 2009-08-21 09:37 -------- d-----w- c:\programdata\InstallShield
2009-08-21 09:32 . 2009-08-21 09:32 -------- d-----w- c:\program files\Gravity
2009-08-21 09:32 . 2009-08-11 15:06 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-21 08:47 . 2009-08-21 08:47 -------- d-----w- c:\program files\AskBarDis
2009-08-21 08:47 . 2009-08-21 08:47 -------- d-----w- c:\program files\uTorrent
2009-08-20 20:47 . 2009-08-20 20:47 -------- d-----w- c:\program files\Common Files\INCA Shared
2009-08-20 20:41 . 2009-08-20 20:41 -------- d-----w- c:\program files\Gpotato
2009-08-20 20:14 . 2009-08-16 13:05 -------- d-----w- c:\programdata\PMB Files
2009-08-20 11:19 . 2009-08-11 20:18 -------- d-----w- c:\program files\AV VCS 3.0
2009-08-20 07:51 . 2009-08-20 07:51 -------- d-----w- c:\users\spankie\AppData\Roaming\Notepad++
2009-08-20 07:51 . 2009-08-20 07:51 -------- d-----w- c:\program files\Notepad++
2009-08-19 20:24 . 2009-08-19 20:04 -------- d-----w- c:\users\spankie\AppData\Roaming\foobar2000
2009-08-19 20:04 . 2009-08-19 20:04 -------- d-----w- c:\program files\foobar2000
2009-08-18 13:58 . 2009-08-18 13:58 -------- d-----w- c:\users\spankie\AppData\Roaming\MAXON
2009-08-17 18:01 . 2009-08-17 18:01 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-08-17 18:00 . 2009-08-13 14:17 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-17 17:50 . 2009-08-17 17:50 -------- d-----w- c:\program files\Adobe Media Player
2009-08-17 17:48 . 2009-08-17 17:48 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-08-17 17:45 . 2009-08-17 17:45 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-08-17 17:25 . 2009-08-17 17:25 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-08-17 17:24 . 2009-08-17 17:24 -------- d-----w- c:\program files\Microsoft.NET
2009-08-17 16:10 . 2009-08-11 15:14 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-17 16:05 . 2009-08-11 15:15 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2009-08-11 15:15 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:05 . 2009-08-11 15:14 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-08-17 16:04 . 2009-08-11 15:15 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2009-08-11 15:15 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:02 . 2009-08-11 15:15 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-08-17 14:27 . 2009-08-16 19:46 151477 ----a-w- c:\windows\hpoins15.dat
2009-08-17 14:27 . 2009-08-17 14:27 -------- d-----w- c:\programdata\WEBREG
2009-08-17 14:26 . 2009-08-17 14:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-08-16 19:59 . 2009-08-16 19:46 -------- d-----w- c:\programdata\HP
2009-08-16 19:58 . 2009-08-16 19:58 -------- d-----w- c:\programdata\Hewlett-Packard
2009-08-16 19:54 . 2009-08-16 19:47 -------- d-----w- c:\program files\HP
2009-08-16 19:54 . 2009-08-16 19:54 -------- d-----w- c:\programdata\HPSSUPPLY
2009-08-16 19:52 . 2009-08-16 19:52 -------- d-----w- c:\programdata\HP Product Assistant
2009-08-16 19:52 . 2009-08-16 19:52 -------- d-----w- c:\program files\Common Files\HP
2009-08-16 19:52 . 2009-08-16 19:52 -------- d-----w- c:\program files\Hewlett-Packard
2009-08-16 19:51 . 2009-08-16 19:51 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-08-16 13:05 . 2009-08-16 13:05 -------- d-----w- c:\program files\Pando Networks
2009-08-14 14:34 . 2009-08-11 17:26 -------- d-----w- c:\users\spankie\AppData\Roaming\X-Chat 2
2009-08-13 18:27 . 2009-08-11 16:59 -------- d-----w- c:\users\spankie\AppData\Roaming\Ventrilo
2009-08-13 16:10 . 2009-08-11 17:34 -------- d-----w- c:\users\spankie\AppData\Roaming\mIRC
2009-08-13 14:19 . 2009-08-13 14:19 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2009-08-13 09:27 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-12 17:25 . 2009-08-12 16:57 -------- d-----w- c:\users\spankie\AppData\Roaming\DAEMON Tools Lite
2009-08-12 17:01 . 2009-08-12 17:01 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-08-12 17:01 . 2009-08-12 17:01 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-08-12 17:01 . 2009-08-12 17:01 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-08-12 16:58 . 2009-08-12 16:58 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-12 15:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-08-12 15:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-08-12 15:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-08-12 15:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-08-12 15:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-08-12 15:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-08-12 15:44 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-08-12 15:44 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-08-12 15:09 . 2009-08-12 15:33 47560 ----a-w- c:\windows\system32\SPReview.exe
2009-08-12 15:09 . 2009-08-12 15:33 152576 ----a-w- c:\windows\system32\SPWizUI.dll
2009-08-12 11:47 . 2009-08-12 11:06 -------- d-----w- c:\programdata\nHancer
2009-08-12 11:07 . 2009-08-12 11:07 -------- d-----w- c:\users\spankie\AppData\Roaming\nHancer
2009-08-12 11:06 . 2009-08-12 11:06 -------- d-----w- c:\program files\nHancer
2009-08-12 09:21 . 2009-08-12 09:21 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-08-12 09:21 . 2009-08-12 09:21 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-08-12 09:21 . 2009-08-12 09:21 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-08-12 09:21 . 2009-08-12 09:21 272896 ----a-w- c:\windows\system32\polstore.dll
2009-08-12 09:19 . 2009-08-12 09:19 94720 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2006-05-03 09:06 . 2009-09-03 14:37 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 . 2009-09-03 14:37 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 . 2009-09-03 14:37 216064 --sh--r- c:\windows\System32\nbDX.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-04-02 10:47 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-18 1233920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-16 7547424]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-08 305440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-12 149280]
"V0420Mon.exe"="c:\windows\V0420Mon.exe" [2007-04-29 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^spankie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\users\spankie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnk.Startup
backupExtension=.Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{604E25D3-844F-4C99-8A6D-1A9328B0801C}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{7E2D8880-FDA9-42B5-AD84-20A4AA44D408}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{E2378F7B-6641-451F-B3A5-DCEE5EC36077}c:\\program files\\gadu-gadu\\gg.exe"= UDP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program główny
"UDP Query User{9FF66F95-A187-4421-941A-D3B4B373FAB6}c:\\program files\\gadu-gadu\\gg.exe"= TCP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program główny
"{A6827E55-5ABA-47FC-AC31-E834054B40E0}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{8023AF90-CF6A-4AFB-8834-A9F10B070E83}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{B0204BFB-2FC4-4C5E-BECE-536F905A709F}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"{2C9FCD73-7F04-4723-A9AE-AC6D9FC17747}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"TCP Query User{4BB4C22B-8FBF-4F0B-A39C-7E965B7480B2}k:\\enemy territory\\et.exe"= UDP:k:\enemy territory\et.exe:ET
"UDP Query User{15B04393-55F8-4457-A398-A2EFE2130644}k:\\enemy territory\\et.exe"= TCP:k:\enemy territory\et.exe:ET
"TCP Query User{17C859DA-3E73-4B84-BE28-F4B92135CE53}c:\\users\\spankie\\documents\\mirc\\mirc.exe"= UDP:c:\users\spankie\documents\mirc\mirc.exe:mirc.exe
"UDP Query User{7CA4E540-0577-48A9-85D4-DF2613B97F63}c:\\users\\spankie\\documents\\mirc\\mirc.exe"= TCP:c:\users\spankie\documents\mirc\mirc.exe:mirc.exe
"TCP Query User{8FA460B4-4099-43A6-BB02-6C50C760BFAA}e:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:e:\program files\wolfenstein - enemy territory\et.exe:ET
"UDP Query User{6EF2F75E-6EDF-4086-9024-861CAA56C40D}e:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:e:\program files\wolfenstein - enemy territory\et.exe:ET
"{F3DD5C04-0931-4321-8CD2-F5A9F6FEB8AF}"= UDP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{18E2EAA9-0C61-4C81-B16C-6F806FA2EDF5}"= TCP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"TCP Query User{2DD95FE4-4236-4485-8033-A99F67AAE1BD}c:\\games\\return to castle wolfenstein\\wolfmp.exe"= UDP:c:\games\return to castle wolfenstein\wolfmp.exe:WolfMP
"UDP Query User{F10D76DD-FEB2-473A-9533-3CD2E57B53EE}c:\\games\\return to castle wolfenstein\\wolfmp.exe"= TCP:c:\games\return to castle wolfenstein\wolfmp.exe:WolfMP
"TCP Query User{CE1377E5-3433-4474-BE73-2C1188065583}c:\\program files\\xchat\\xchat.exe"= UDP:c:\program files\xchat\xchat.exe:XChat IRC Client
"UDP Query User{99731F95-1B9C-4E51-8064-F5B6942EF913}c:\\program files\\xchat\\xchat.exe"= TCP:c:\program files\xchat\xchat.exe:XChat IRC Client
"TCP Query User{9186198E-E9AD-4DA1-8069-6A8ECD5E17E7}c:\\program files\\pando networks\\media booster\\pmb.exe"= UDP:c:\program files\pando networks\media booster\pmb.exe:Pando Media Booster
"UDP Query User{85F958E4-9526-44D6-A184-197832F8D3EB}c:\\program files\\pando networks\\media booster\\pmb.exe"= TCP:c:\program files\pando networks\media booster\pmb.exe:Pando Media Booster
"{7713BC57-A7D0-45BF-BA45-62460D53E512}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{B8E16109-EEB0-488D-9346-B410023405C7}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{2BCC1A09-5E24-4E64-AB84-72545B2E8EA6}c:\\program files\\et_lol\\et.exe"= UDP:c:\program files\et_lol\et.exe:ET
"UDP Query User{965D42B4-E192-48CE-80BB-E1AEC7724B96}c:\\program files\\et_lol\\et.exe"= TCP:c:\program files\et_lol\et.exe:ET
"TCP Query User{9707F0D7-4357-43C6-BF74-A1AAF26F77DC}c:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:c:\program files\wolfenstein - enemy territory\et.exe:ET
"UDP Query User{00B0622E-FEF7-4709-ADE9-E7460675365E}c:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:c:\program files\wolfenstein - enemy territory\et.exe:ET
"TCP Query User{280547BC-FCD8-47A2-81B9-778A91F1F67D}c:\\program files\\adobe\\adobe after effects cs4\\support files\\afterfx.exe"= UDP:c:\program files\adobe\adobe after effects cs4\support files\afterfx.exe:Adobe After Effects CS4
"UDP Query User{26AFBCBC-9694-4243-B965-1CA3A87D3880}c:\\program files\\adobe\\adobe after effects cs4\\support files\\afterfx.exe"= TCP:c:\program files\adobe\adobe after effects cs4\support files\afterfx.exe:Adobe After Effects CS4
"TCP Query User{54390CAA-ACB6-4101-8C8E-42128C76C0AA}c:\\users\\spankie\\documents\\mirc\\mirc.exe"= UDP:c:\users\spankie\documents\mirc\mirc.exe:mirc.exe
"UDP Query User{2F0A8FF9-4C1F-4C49-955F-26460D1D44FB}c:\\users\\spankie\\documents\\mirc\\mirc.exe"= TCP:c:\users\spankie\documents\mirc\mirc.exe:mirc.exe
"TCP Query User{EECE1378-BC5F-4D0A-802F-B4ADB4C6F2CC}c:\\program files\\metin2_pl\\metin2.bin"= UDP:c:\program files\metin2_pl\metin2.bin:metin2
"UDP Query User{A6226C9B-F476-4B89-A69E-9C634C7A89D6}c:\\program files\\metin2_pl\\metin2.bin"= TCP:c:\program files\metin2_pl\metin2.bin:metin2
"{5FFDF42A-B9BB-4384-ADC0-86C68527258F}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{009674A5-FCB7-448B-91AE-D2D4596C7D78}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{CA959C7A-DBC2-46BA-8229-9C36971B6FF4}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{3F03220D-7789-424C-899B-55F0ED72CC48}"= UDP:c:\program files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{DAF4BBE3-56F3-4F44-8E47-519757985BD1}"= TCP:c:\program files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{6BEECF42-BF12-4576-9DA4-93DE1688B532}"= UDP:c:\program files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{4D7FCC39-0785-4479-AB7A-9660941405BA}"= TCP:c:\program files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{11FBAF47-2D10-417E-8F63-7D3BEEB5D26C}"= UDP:c:\program files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{0373D3FF-9B1B-4A3C-AB91-2E239A3D7942}"= TCP:c:\program files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{6620BB45-0706-459D-B0A2-3DE8798CEF0D}"= UDP:c:\program files\Autodesk\3ds Max 2010\3dsmax.exe:Autodesk 3ds Max 2010 32-bit
"{AF2BA037-CBAC-493B-BA2F-736CC40564CF}"= TCP:c:\program files\Autodesk\3ds Max 2010\3dsmax.exe:Autodesk 3ds Max 2010 32-bit
"{630D7E30-762F-447E-B22C-D758AC2A5C95}"= UDP:c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe:mental ray satellite server for Autodesk 3ds Max 2010 32-bit
"{814DF536-4A96-4527-90D2-BA979930A89C}"= TCP:c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe:mental ray satellite server for Autodesk 3ds Max 2010 32-bit
"{205F8573-9132-4785-852D-AC35A3EEE774}"= UDP:c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe:mental ray satellite for Autodesk 3ds Max 2010 32-bit
"{12878F01-04CC-4491-BA13-6A4C3DEE7B51}"= TCP:c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe:mental ray satellite for Autodesk 3ds Max 2010 32-bit
"TCP Query User{F1829EBC-D3B1-44B8-936A-29F0BD64B3CB}c:\\users\\spankie\\desktop\\grid\\grid\\grid.exe"= UDP:c:\users\spankie\desktop\grid\grid\grid.exe:grid.exe
"UDP Query User{479A4E85-48FD-40A0-A18B-CD9E1E424B0A}c:\\users\\spankie\\desktop\\grid\\grid\\grid.exe"= TCP:c:\users\spankie\desktop\grid\grid\grid.exe:grid.exe
"TCP Query User{49BE06E1-405F-47DA-A694-A978C9451055}c:\\program files\\metin2_pl\\zzyt2_by_qba_96.exe"= UDP:c:\program files\metin2_pl\zzyt2_by_qba_96.exe:Zzyt2_by_QBA_96
"UDP Query User{71F92FAB-7B9C-4A69-AB0C-B39AC8637CD7}c:\\program files\\metin2_pl\\zzyt2_by_qba_96.exe"= TCP:c:\program files\metin2_pl\zzyt2_by_qba_96.exe:Zzyt2_by_QBA_96
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\xchat\\xchat.exe"= c:\program files\xchat\xchat.exe:*:Enabled:XChat IRC Client
R0 hotcore3;hotcore3;c:\windows\System32\drivers\hotcore3.sys [2009-08-11 39472]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-08-11 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-08-11 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-08-11 53328]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-07-14 239648]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-08-11 604488]
R2 Vcs;Vcs support;c:\windows\System32\drivers\Vcs.sys [2009-08-11 6852]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\System32\drivers\tap0801.sys [2006-10-01 26624]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-08-21 234888]
S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 V0420VID;Live! Cam Vista IM (VF0420);c:\windows\System32\drivers\V0420Vid.sys [2009-09-12 99648]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Zawartość folderu 'Zaplanowane zadania'
2009-09-20 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 08:54]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.ask.com/?o=13928&l=dis
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\spankie\AppData\Roaming\Mozilla\Firefox\Profiles\3vrhr82t.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (pl)
FF - prefs.js: browser.startup.homepage - hxxp://google.pl
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
FF - component: c:\users\spankie\AppData\Roaming\Mozilla\Firefox\Profiles\3vrhr82t.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}\platform\WINNT\components\ColorZilla.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - USUNIĘTO PUSTE WPISY - - - -
AddRemove-XTreme-G Drivers_is1 - c:\nvidia forceware\XTreme-G 190.15 Vista
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-20 19:05
Windows 6.0.6001 Service Pack 1 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Czas ukończenia: 2009-09-20 19:06
ComboFix-quarantined-files.txt 2009-09-20 17:06
Przed: 61 214 183 424 bajtów wolnych
Po: 61 279 367 168 bajtów wolnych
388 --- E O F --- 2009-08-17 08:11
Pozdrawiam,
spankie
– Dodane 21.09.2009 (Pn) 16:56 –
Czy nikt nie chce mi pomóc? 