Jak To Usunąć?

Witam, zainstalowałem pewną grę i za chwile ja uruchomiłem i zaczęło wyskakiwać, że różne pliki są zawirusowane i do tej pory to wyskakuje

Nie działa mi znowu menedżer zadań, edycja rejestru jak kiedyś...Dodam jeszcze, że posiadam NOD 32. Proszę o pomoc bo już nie wytrzymuje nerwowo z tym komputerem :/

HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:02:00, on 2008-12-30
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\VDOTool\TBPanel.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\foobar2000\foobar2000.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] =
O4 - HKLM\..\Run: [TBPanel] C:\Program Files\VDOTool\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [RGSC] D:\Gry\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{49D7709A-EA4C-446B-BD8D-12CE3F3A9CEB}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 8606 bytes

Combofix

ComboFix 08-12-18.03 - Pablox 2008-12-30 14:04:13.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.3582.2828 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Pablox\Pulpit\ComboFix.exe
 * Utworzono nowy punkt przywracania
 * Resident AV is active


[COLOR=RED][B]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/B][/COLOR]
.
- TRYB ZREDUKOWANEJ FUNKCJONALNOŚCI -
.

(((((((((((((((((((((((((   Pliki utworzone od 2008-11-28 do 2008-12-30  )))))))))))))))))))))))))))))))
.

2008-12-30 14:01 . 2008-12-30 14:01	<DIR>	d--------	c:\program files\Trend Micro
2008-12-29 20:55 . 2008-12-29 20:55	<DIR>	d--------	c:\program files\FileZilla FTP Client
2008-12-29 20:55 . 2008-12-29 20:57	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\FileZilla
2008-12-29 18:27 . 2008-12-30 13:45	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\Sports Interactive
2008-12-19 13:09 . 2008-12-19 13:09	<DIR>	d--------	c:\program files\AC3Filter
2008-12-19 13:09 . 2008-07-09 09:05	421,888	--a------	c:\windows\system32\ac3filter.acm
2008-12-19 00:07 . 2008-12-19 00:07	<DIR>	d--------	c:\program files\Zoom Player
2008-12-15 21:46 . 2008-12-15 21:46	<DIR>	d--------	c:\program files\Common Files\Nero
2008-12-15 20:34 . 2008-12-15 20:34	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\Nero
2008-12-15 20:34 . 2008-12-15 20:34	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Nero
2008-12-14 00:06 . 2008-12-14 00:06	32	--a------	c:\windows\WDIRECT.INI
2008-12-12 17:17 . 2007-04-04 23:39	442,368	-ra------	c:\windows\system32\vp6vfw.dll
2008-12-12 15:49 . 2008-12-12 15:49	257	--a------	c:\windows\game.ini
2008-12-10 15:31 . 2008-12-10 15:31	<DIR>	d--------	c:\program files\Illustrate
2008-12-10 15:31 . 2008-12-10 15:31	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\AccurateRip
2008-12-10 15:31 . 2008-12-10 15:30	5,068,152	--a------	c:\windows\system32\SpoonUninstall.exe
2008-12-10 15:31 . 2008-12-10 15:30	33,846	--a------	c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.bmp
2008-12-10 15:31 . 2008-12-10 15:31	13,785	--a------	c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2008-12-07 02:32 . 2008-12-18 00:52	664	--a------	c:\windows\system32\d3d9caps.dat
2008-12-06 16:36 . 2008-12-06 22:11	<DIR>	d--------	c:\program files\eMule
2008-12-05 23:31 . 2008-12-05 23:31	107,888	--a------	c:\windows\system32\CmdLineExt.dll
2008-12-04 22:07 . 2008-12-04 22:07	<DIR>	d--------	c:\windows\system32\XPSViewer
2008-12-04 22:07 . 2008-12-04 22:07	<DIR>	d--------	c:\program files\Reference Assemblies
2008-12-04 22:07 . 2006-06-29 13:07	14,048	---------	c:\windows\system32\spmsg2.dll
2008-12-04 21:34 . 2008-12-04 21:34	<DIR>	dr-h-----	c:\documents and settings\Pablox\Dane aplikacji\SecuROM
2008-12-04 21:33 . 2008-12-04 21:33	<DIR>	d--------	c:\windows\system32\xlive
2008-12-04 21:33 . 2008-12-04 21:52	<DIR>	d--------	c:\program files\Microsoft Games for Windows - LIVE
2008-12-01 19:30 . 2008-12-16 17:32	139,040	--a------	c:\windows\system32\drivers\PnkBstrK.sys
2008-12-01 19:30 . 2008-12-01 19:30	22,328	--a------	c:\documents and settings\Pablox\Dane aplikacji\PnkBstrK.sys
2008-12-01 19:29 . 2008-12-01 19:29	<DIR>	d--------	c:\windows\system32\LogFiles
2008-12-01 19:29 . 2008-12-01 19:29	682,280	--a------	c:\windows\system32\pbsvc.exe
2008-12-01 19:29 . 2008-12-16 17:32	203,944	--a------	c:\windows\system32\PnkBstrB.exe
2008-12-01 19:29 . 2008-12-01 19:29	66,872	--a------	c:\windows\system32\PnkBstrA.exe
2008-12-01 19:20 . 2008-12-01 19:20	<DIR>	d--hs----	c:\windows\ftpcache
2008-12-01 18:17 . 2008-12-01 18:17	<DIR>	d--------	c:\program files\iPod
2008-12-01 18:17 . 2008-12-01 18:19	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\Apple Computer
2008-12-01 18:17 . 2008-04-17 13:12	107,368	--a------	c:\windows\system32\GEARAspi.dll
2008-12-01 18:17 . 2008-04-17 13:12	15,464	--a------	c:\windows\system32\drivers\GEARAspiWDM.sys
2008-12-01 18:16 . 2008-12-01 18:16	<DIR>	d--------	c:\program files\QuickTime
2008-12-01 18:16 . 2008-12-01 18:17	<DIR>	d--------	c:\program files\iTunes
2008-12-01 18:16 . 2008-12-01 18:16	<DIR>	d--------	c:\program files\Common Files\Apple
2008-12-01 18:16 . 2008-12-01 18:16	<DIR>	d--------	c:\program files\Apple Software Update
2008-12-01 18:16 . 2008-12-01 18:16	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Apple Computer
2008-12-01 18:16 . 2008-12-01 18:16	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Apple
2008-12-01 18:16 . 2008-12-01 18:17	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-29 12:52 . 2008-11-29 12:52	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\Disney Interactive Studios
2008-11-29 12:43 . 2008-12-29 21:56	<DIR>	d-a------	c:\documents and settings\All Users\Dane aplikacji\Sports Interactive
2008-11-29 12:43 . 2008-11-29 12:51	863	--a------	c:\windows\disney.ini
2008-11-28 20:08 . 2008-11-28 20:08	<DIR>	d--------	c:\program files\VirtualDJ
2008-11-27 19:05 . 2008-11-27 19:05	<DIR>	d--------	c:\program files\Common Files\Thraex Software
2008-11-27 16:01 . 2006-10-08 21:51	23,856	--a------	c:\windows\system32\spupdsvc.exe
2008-11-27 16:01 . 2008-11-27 16:01	0	--ah-----	c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-11-27 16:01 . 2008-11-27 16:01	0	--ah-----	c:\windows\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf
2008-11-27 15:43 . 2006-11-02 09:09	1,419,232	--a------	c:\windows\system32\wdfcoinstaller01005.dll
2008-11-27 15:43 . 2007-09-25 16:37	20,520	--a------	c:\windows\system32\drivers\ggsemc.sys
2008-11-27 15:43 . 2007-09-25 16:37	13,352	--a------	c:\windows\system32\drivers\ggflt.sys
2008-11-26 20:32 . 2008-11-26 20:32	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\FLEXnet
2008-11-26 20:27 . 2008-12-01 18:16	<DIR>	d--------	c:\program files\Bonjour
2008-11-26 20:22 . 2008-11-26 20:22	<DIR>	d--------	c:\program files\Common Files\Macrovision Shared
2008-11-25 14:00 . 2008-04-14 00:15	32,128	--a------	c:\windows\system32\drivers\usbccgp.sys
2008-11-25 13:56 . 2008-11-25 14:00	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\Teleca
2008-11-25 13:56 . 2008-11-25 13:56	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\Sony Ericsson
2008-11-25 13:55 . 2008-11-25 13:55	<DIR>	d--------	c:\program files\Sony Ericsson
2008-11-25 13:55 . 2008-11-25 13:55	<DIR>	d--------	c:\program files\Common Files\Teleca Shared
2008-11-25 13:55 . 2008-11-25 13:55	<DIR>	d--------	c:\documents and settings\All Users\Documents
2008-11-25 13:55 . 2008-11-25 13:55	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Teleca
2008-11-25 13:55 . 2008-11-25 13:55	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Sony Ericsson
2008-11-25 13:54 . 2008-11-25 13:54	<DIR>	d--------	c:\windows\Downloaded Installations
2008-11-25 13:48 . 2008-11-25 13:48	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\Uniblue
2008-11-25 13:48 . 2008-11-25 13:48	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\DriverScanner
2008-11-25 13:46 . 2008-11-25 13:48	<DIR>	d--h-c---	c:\documents and settings\All Users\Dane aplikacji\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
2008-11-24 22:44 . 2008-11-24 22:44	<DIR>	d--------	c:\program files\Switch Off
2008-11-24 19:55 . 2008-11-24 19:55	<DIR>	d--------	c:\program files\Common Files\Adobe AIR
2008-11-24 19:55 . 2008-12-29 20:35	<DIR>	d--------	c:\program files\Common Files\Adobe
2008-11-22 13:31 . 2008-11-22 13:31	<DIR>	d--------	C:\kb
2008-11-22 13:31 . 2000-11-22 14:38	532,480	--a------	c:\windows\system32\imagx5.dll
2008-11-22 13:31 . 2000-11-06 12:18	507,904	--a------	c:\windows\system32\imagr5.dll
2008-11-22 13:31 . 2002-04-26 14:14	419,488	--a------	c:\windows\system32\Vsflex7L.ocx
2008-11-22 13:31 . 1999-09-02 10:18	290,816	--a------	c:\windows\system32\sstabs2.ocx
2008-11-22 13:31 . 2000-10-20 11:21	271,216	--a------	c:\windows\system32\ImagXpr5.dll
2008-11-22 13:31 . 2000-06-14 11:04	35,328	--a------	c:\windows\system32\picn20.dll
2008-11-22 13:31 . 2001-12-24 12:05	28,672	--a------	c:\windows\system32\TimeEditkb.ocx
2008-11-22 13:25 . 2008-11-22 13:26	<DIR>	d--------	c:\program files\vanBasco's Karaoke Player
2008-11-22 13:24 . 2008-11-22 13:24	<DIR>	d--------	c:\program files\DART Karaoke Studio CDG
2008-11-22 13:24 . 2001-09-20 23:00	67,584	---------	c:\windows\system32\WNASPINT.DLL
2008-11-22 13:24 . 1996-08-20 20:37	15,840	---------	c:\windows\system32\Machnm1.exe
2008-11-21 19:48 . 2008-11-21 19:48	<DIR>	d--------	c:\program files\IrfanView
2008-11-21 19:38 . 2008-04-14 22:50	159,232	--a------	c:\windows\system32\ptpusd.dll
2008-11-21 19:38 . 2008-04-14 00:15	15,104	--a------	c:\windows\system32\drivers\usbscan.sys
2008-11-21 19:38 . 2001-10-26 17:29	5,632	--a------	c:\windows\system32\ptpusb.dll
2008-11-21 16:56 . 2008-11-21 16:56	<DIR>	d--------	c:\program files\Audacity
2008-11-21 14:46 . 2008-04-14 00:15	10,368	--a------	c:\windows\system32\drivers\hidusb.sys
2008-11-20 23:02 . 2008-11-20 23:02	<DIR>	d--------	c:\program files\ffdshow
2008-11-20 23:02 . 2008-11-21 22:41	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\BESTplayer
2008-11-20 23:02 . 2008-06-08 22:58	60,273	--a------	c:\windows\system32\pthreadGC2.dll
2008-11-20 23:02 . 2008-06-12 19:36	7,680	--a------	c:\windows\system32\ff_vfw.dll
2008-11-20 23:02 . 2008-06-12 19:37	6,144	--a------	c:\windows\system32\ff_acm.acm
2008-11-20 23:02 . 2007-07-10 17:10	547	--a------	c:\windows\system32\ff_vfw.dll.manifest
2008-11-20 23:00 . 2008-11-20 23:00	<DIR>	d--------	c:\program files\Real Alternative
2008-11-20 23:00 . 2008-11-20 23:00	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\Media Player Classic
2008-11-20 23:00 . 2003-03-19 04:14	499,712	--a------	c:\windows\system32\msvcp71.dll
2008-11-20 23:00 . 2004-01-11 23:00	348,160	--a------	c:\windows\system32\msvcr71.dll
2008-11-20 17:58 . 2008-12-13 23:00	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\skypePM
2008-11-20 17:58 . 2008-11-20 17:58	56	--ah-----	c:\windows\system32\ezsidmv.dat
2008-11-20 17:57 . 2008-11-20 17:57	<DIR>	d--------	c:\program files\Skype
2008-11-20 17:57 . 2008-11-20 17:57	<DIR>	d--------	c:\program files\Common Files\Skype
2008-11-20 17:57 . 2008-12-13 23:06	<DIR>	d--------	c:\documents and settings\Pablox\Dane aplikacji\Skype
2008-11-20 17:57 . 2008-11-20 17:57	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Skype
2008-11-20 17:12 . 2008-11-20 17:12	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\KONAMI

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-30 13:00	---------	d-----w	c:\documents and settings\Pablox\Dane aplikacji\uTorrent
2008-12-29 22:10	---------	d-----w	c:\documents and settings\Pablox\Dane aplikacji\foobar2000
2008-12-19 13:19	---------	d-----w	c:\documents and settings\Pablox\Dane aplikacji\Creative
2008-12-19 13:08	16,608	----a-w	c:\windows\gdrv.sys
2008-12-12 20:55	---------	d--h--w	c:\program files\InstallShield Installation Information
2008-12-07 18:19	---------	d-----w	c:\program files\Gadu-Gadu
2008-11-21 15:06	---------	d-----w	c:\program files\Common Files\InstallShield
2008-11-21 04:50	---------	d-----w	c:\program files\DAEMON Tools Lite
2008-11-20 15:52	---------	d--h--w	c:\program files\Zero G Registry
2008-11-20 15:45	---------	d-----w	c:\program files\MSBuild
2008-11-20 15:45	---------	d-----w	c:\program files\Microsoft Works
2008-11-20 15:45	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2008-11-20 15:41	---------	d-----w	c:\program files\Hewlett-Packard
2008-11-20 15:37	---------	d-----w	c:\program files\HP
2008-11-20 15:28	---------	d-----w	c:\program files\DAEMON Tools Toolbar
2008-11-20 15:26	717,296	----a-w	c:\windows\system32\drivers\sptd.sys
2008-11-20 15:26	---------	d-----w	c:\documents and settings\Pablox\Dane aplikacji\DAEMON Tools
2008-11-20 15:18	---------	d-----w	c:\program files\foobar2000
2008-11-20 15:14	---------	d-----w	c:\program files\uTorrent
2008-11-20 14:56	---------	d-----w	c:\documents and settings\Pablox\Dane aplikacji\Gadu-Gadu
2008-11-20 14:51	23	----a-w	c:\windows\system32\drivers\adidsl.cfg
2008-11-20 14:50	---------	d-----w	c:\program files\SAGEM
2008-11-20 14:49	---------	d-----w	c:\program files\ESET
2008-11-20 14:49	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\ESET
2008-11-20 14:45	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\Creative
2008-11-20 14:42	---------	d-----w	c:\program files\Creative
2008-11-20 14:41	---------	d--h--w	c:\program files\Creative Installation Information
2008-11-20 14:41	---------	d-----w	c:\program files\Common Files\Creative
2008-11-20 14:33	---------	d-----w	c:\program files\VDOTool
2008-11-20 14:31	---------	d-----w	c:\program files\Realtek
2008-11-20 14:31	---------	d-----w	c:\documents and settings\Pablox\Dane aplikacji\InstallShield
2008-11-20 14:29	315,392	----a-w	c:\windows\HideWin.exe
2008-11-20 14:27	---------	d-----w	c:\program files\Intel
2008-11-20 14:22	---------	d-----w	c:\program files\Usługi online
2008-11-20 14:20	---------	d-----w	c:\program files\Windows Media Connect 2
2008-10-28 16:41	14,303,392	----a-w	c:\windows\system32\xlive.dll
2008-10-28 16:41	13,643,936	----a-w	c:\windows\system32\xlivefnt.dll
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"RGSC"="d:\gry\Rockstar Games Social Club\RGSCLauncher.exe" [2008-12-13 306088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="=" [X]
"TBPanel"="c:\program files\VDOTool\TBPanel.exe" [2008-01-29 2157096]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-01-08 8523776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-01-08 81920]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2004-02-18 49152]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 c:\windows\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2008-01-08 c:\windows\system32\nwiz.exe]
"P17Helper"="P17.dll" [2005-05-03 c:\windows\system32\P17.dll]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2008-03-01 c:\windows\system32\advpack.dll]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-11-20 962661]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.avis"= ff_acm.acm
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Gry\\Football Manager 2009\\fm.exe"=
"d:\\Gry\\Valve\\hl.exe"=
"d:\\Gry\\Valve\\hlds.exe"=
"d:\\Gry\\Pro Evolution Soccer 2009\\pes2009.exe"=
"d:\\Gry\\Valve Bot\\hl.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Gry\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Gry\\Call of Duty - World at War\\CoDWaWmp.exe"=
"d:\\Gry\\Call of Duty - World at War\\CoDWaW.exe"=
"d:\\Gry\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\Gry\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"d:\\Gry\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"d:\\Gry\\COD 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Gry\\Football Manager 2008\\fm.exe"=
"c:\\WINDOWS\\Explorer.EXE"=
"c:\\WINDOWS\\VFIND.exe"=
"c:\\WINDOWS\\system32\\NOTEPAD.EXE"=

R1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2008-07-01 34312]
R2 ekrn;Eset Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" [2008-07-01 468224]
S3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\khnofn.sys []
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2008-11-27 13352]

*Newly Created Service* - IPFILTERDRIVER
.
Zawartość folderu 'Zaplanowane zadania'

2008-12-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Skan uzupełniający -------
.
uStart Page = about:blank
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: {49D7709A-EA4C-446B-BD8D-12CE3F3A9CEB} = 194.204.159.1 217.98.63.164
FF - ProfilePath - c:\documents and settings\Pablox\Dane aplikacji\Mozilla\Firefox\Profiles\5n9xiyit.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-30 14:04:34
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ... 

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ... 


c:\windows\TEMP\NOD81BA.tmp 230154 bytes

skanowanie pomyślnie ukończone
ukryte pliki: 1

**************************************************************************
.
Czas ukończenia: 2008-12-30 14:05:47
ComboFix-quarantined-files.txt  2008-12-30 13:05:44

Przed: 30 035 742 720 bajtów wolnych
Po: 30,026,620,928 bajtów wolnych

285

Aktualności

Artykuły

Reklama

#1 pawelw111

#2 ULLISSES

#3 pawelw111

#4 ULLISSES

#5 pawelw111

#6 ULLISSES

#7 pawelw111

Dodaj odpowiedź

Podobne tematy

Youtube - usunąć "Wybrane dla ciebie"

Nie moge usunac pliku.

Jak usunąć okładkę z pliku mp3?

Jak usunac klej po matach wygłuszających?

Czym usunąć ścieżkę audio z pliku .ts