Co jakis czas internet spada do zera

[wojtek24]

Co jakis czas internet spada do zera i nie da si otwierac stronek lecz po jakims czasie ustepuje, kiedy to sie dzieje czesc stronek sie nie laduje i filmiki na stronkach sie nie buforuja. Jak by ktos mogl sprawdzic te logi czy cos jest nie to to bede wdzieczny.
ps. musialem skrocic te cyfry w tym (combofix) bo bylo za duzo znakow "[HKEY_USERS\S-1-5-21-1202660629-926492609-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Warner Bros. Interactive Entertainment\L*NULL*E*NULL*G*NULL*O*NULL*®*NULL* *NULL*B*NULL*a*NULL*t*NULL*m*NULL*a*NULL*n*NULL*"!]
"Order"=hex:08,00,00,00,02,00,00,00,da,02,00,00,01,00,00,00,05,00,00,00,92,00,\
00,00,00,00,00,00,84,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,72,00,32,\
00,96,02,00,00,3a,39,e3,58,20,00,4c,41,55,4e,43,48,7e,31,2e,4c,4e,4b,00,00,\
48,00,03,00,04,00,ef,be,3a,39,e3,58,51,39,c9,a5,14,00,00,00,4c,00,61,00,75,\"
itd.

Kod: Zaznacz wszystko

ComboFix 09-01-07.02 - Woytas 2009-01-08 14:17:19.27 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.2047.1611 [GMT 1:00]
Uruchomiony z: e:\pobieralnia\download.bleepingcomputer.com\ComboFix.exe
* Utworzono nowy punkt przywracania

[COLOR=RED][B]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/B][/COLOR]
.

(((((((((((((((((((((((((   Pliki utworzone od 2008-12-08 do 2009-01-08  )))))))))))))))))))))))))))))))
.

2009-01-07 17:51 . 2009-01-07 17:51   56,737   --a------   C:\Pineapple.Express[2008]DvDrip-aXXo [mininova].torrent
2009-01-06 22:56 . 2009-01-06 22:56   74,401   --a------   C:\nomercy.jpg
2009-01-06 22:56 . 2009-01-06 22:56   64,255   --a------   C:\nuts.jpg
2009-01-04 22:01 . 2009-01-04 22:01   40   --a------   c:\windows\RUNAWAY2.INI
2009-01-02 21:41 . 2009-01-02 21:41   <DIR>   d--------   c:\documents and settings\All Users\Dane aplikacji\Bluetooth
2009-01-02 21:40 . 2004-08-04 00:44   54,784   --a------   c:\windows\system32\drivers\vfwwdm32.dll
2008-12-28 17:25 . 2008-12-30 11:48   <DIR>   d--------   c:\documents and settings\Woytas\Dane aplikacji\Moyea
2008-12-28 17:25 . 2008-08-06 16:39   577,536   --a------   c:\windows\system32\rtl4.dat
2008-12-28 17:25 . 2008-06-30 13:32   434,176   --a------   c:\windows\system32\rtl2.dat
2008-12-28 15:07 . 2008-12-28 15:26   613   --a------   c:\windows\mp3wavcon.ini
2008-12-28 15:06 . 2008-12-28 15:06   <DIR>   d--------   c:\program files\AudioToolsFactory
2008-12-28 15:06 . 2003-12-15 12:43   1,871,872   --a------   c:\windows\system32\NCTAudioFile2.dll
2008-12-28 15:06 . 2003-12-08 12:19   425,984   --a------   c:\windows\system32\NCTAudioTransform2.dll
2008-12-28 15:06 . 2003-08-07 14:01   237,568   --a------   c:\windows\system32\lame_enc.dll
2008-12-28 15:06 . 2003-12-15 12:24   196,608   --a------   c:\windows\system32\NCTWMAFile2.dll
2008-12-28 15:06 . 2003-12-08 12:49   116,304   --a------   c:\windows\system32\NCTWMAProfiles.prx
2008-12-28 15:06 . 2008-12-28 15:26   5   --a------   c:\windows\system32\SySmp3con.dat
2008-12-26 14:55 . 2008-12-26 14:55   <DIR>   d--------   c:\program files\TechSmith
2008-12-26 14:55 . 2008-12-26 14:55   <DIR>   d--------   c:\documents and settings\All Users\Dane aplikacji\TechSmith
2008-12-23 19:02 . 2008-12-23 19:03   <DIR>   d--------   c:\windows\system32\drivers\umdf
2008-12-23 19:01 . 2008-12-23 19:20   <DIR>   d--------   c:\program files\Microsoft Games for Windows - LIVE
2008-12-20 22:24 . 2008-12-20 22:25   285   --a------   c:\windows\wcx_ftp.ini
2008-12-20 21:59 . 2008-12-20 21:59   <DIR>   d--------   c:\program files\Google
2008-12-19 20:05 . 2008-12-19 20:05   <DIR>   d--------   c:\program files\Common Files\Skype
2008-12-19 20:05 . 2008-12-19 20:05   48   --ah-----   c:\windows\system32\ezsidmv.dat
2008-12-13 23:51 . 2008-10-28 18:55   239,863   --a------   c:\windows\system32\ati2sgav.exe
2008-12-13 23:49 . 2008-12-13 23:49   <DIR>   d--------   c:\program files\MSBuild
2008-12-13 23:47 . 2008-12-13 23:47   <DIR>   d--------   c:\windows\system32\XPSViewer
2008-12-13 23:46 . 2008-12-13 23:46   <DIR>   d--------   c:\program files\Reference Assemblies
2008-12-13 23:46 . 2006-06-29 13:07   14,048   ---------   c:\windows\system32\spmsg2.dll
2008-12-11 13:48 . 2008-07-12 08:18   3,851,784   --a------   c:\windows\system32\D3DX9_39.dll
2008-12-11 13:48 . 2008-07-12 08:18   1,493,528   --a------   c:\windows\system32\D3DCompiler_39.dll
2008-12-11 13:48 . 2008-07-31 10:40   509,448   --a------   c:\windows\system32\XAudio2_2.dll
2008-12-11 13:48 . 2008-07-12 08:18   467,984   --a------   c:\windows\system32\d3dx10_39.dll
2008-12-11 13:48 . 2008-07-31 10:41   238,088   --a------   c:\windows\system32\xactengine3_2.dll
2008-12-11 13:48 . 2008-07-31 10:41   68,616   --a------   c:\windows\system32\XAPOFX1_1.dll
2008-12-09 20:58 . 2008-12-09 20:58   <DIR>   d--------   c:\program files\SystemRequirementsLab
2008-12-09 20:57 . 2008-12-09 20:58   <DIR>   d--------   c:\documents and settings\Woytas\SystemRequirementsLab

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-08 11:47   ---------   d-----w   c:\documents and settings\Woytas\Dane aplikacji\MegauploadToolbar
2009-01-08 00:02   ---------   d-----w   c:\documents and settings\Woytas\Dane aplikacji\uTorrent
2009-01-07 14:15   ---------   d-----w   c:\documents and settings\Woytas\Dane aplikacji\GetRight
2009-01-07 13:57   ---------   d-----w   c:\documents and settings\Woytas\Dane aplikacji\skypePM
2009-01-07 13:57   ---------   d-----w   c:\documents and settings\Woytas\Dane aplikacji\Skype
2009-01-04 21:01   ---------   d--h--w   c:\program files\InstallShield Installation Information
2009-01-04 19:11   ---------   d-----w   c:\program files\ParadisePoker
2008-12-30 13:55   ---------   d-----w   c:\program files\K-Lite Codec Pack
2008-12-26 13:54   ---------   d-----w   c:\program files\Common Files\Wise Installation Wizard
2008-12-22 15:04   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\2DBoy
2008-12-07 12:46   ---------   d-----w   c:\program files\Java
2008-11-20 20:53   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\BVRP Software
2008-11-20 20:44   ---------   d-----w   c:\program files\Motorola Phone Tools
2008-11-20 20:44   ---------   d-----w   c:\program files\Avanquest update
2008-11-20 20:43   0   ---ha-w   c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-11-20 20:43   0   ---ha-w   c:\windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2008-11-20 20:43   ---------   d-----w   c:\program files\Common Files\Motorola Shared
2008-11-20 13:08   ---------   d-----w   c:\program files\AGEIA Technologies
2008-11-20 01:09   ---------   d-----w   c:\program files\Futuremark
2008-11-13 21:17   ---------   d-----w   c:\program files\mp3DirectCut
2008-11-13 16:05   ---------   d-----w   c:\program files\AIDA32 - Personal System Information
2008-11-12 20:26   ---------   d---a-w   c:\documents and settings\All Users\Dane aplikacji\TEMP
2008-11-12 20:26   ---------   d-----w   c:\program files\DAP
2008-11-12 20:25   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\SpeedBit
2008-11-10 12:11   ---------   d-----w   c:\documents and settings\Woytas\Dane aplikacji\Red Alert 3
2008-11-10 04:43   410,984   ----a-w   c:\windows\system32\deploytk.dll
2008-10-28 16:41   14,303,392   ----a-w   c:\windows\system32\xlive.dll
2008-10-28 16:41   13,643,936   ----a-w   c:\windows\system32\xlivefnt.dll
2008-10-16 17:26   50,688   ----a-w   c:\windows\system32\wbhelp2.dll
2008-10-13 18:06   7,118   ----a-w   c:\windows\system32\ealregsnapshot1.reg
2008-05-25 17:31   22,328   ----a-w   c:\documents and settings\Woytas\Dane aplikacji\PnkBstrK.sys
2007-11-18 19:04   32   ----a-w   c:\documents and settings\All Users\Dane aplikacji\ezsid.dat
2008-11-12 20:25   251,392   ----a-w   c:\program files\opera\program\plugins\dapop.dll
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{F4F10C1D-87C7-404A-B4B3-000000000000}"= "c:\progra~1\DAP\SBSearch.dll" [2008-11-12 38384]

[HKEY_CLASSES_ROOT\clsid\{f4f10c1d-87c7-404a-b4b3-000000000000}]
[HKEY_CLASSES_ROOT\SearchHook.SrchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}]
[HKEY_CLASSES_ROOT\SearchHook.SrchHook]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"ati2sgav"="c:\windows\system32\ati2sgav.exe" [2008-10-28 239863]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-03-07 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
"msacm.ac3filter"= ac3filter.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^SnagIt 8.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\SnagIt 8.lnk
backup=c:\windows\pss\SnagIt 8.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
--a------ 2007-06-11 10:25 6731312 c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
--a------ 2008-12-16 16:23 6782976 c:\program files\DAP\DAP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2005-05-11 23:12 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-11-18 16:31 21633320 c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2005-10-26 16:17 159744 c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\e\\utorrent.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\All Users\\Dane aplikacji\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\DAP\\DAP.exe"=
"e:\\Gry\\GTA4\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"e:\\Gry\\GTA4\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"e:\\Gry\\GTA4\\Grand Theft Auto IV\\GTAIV.exe"=
"e:\\Gry\\fifja 08\\FIFA08.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3478:UDP"= 3478:UDP:stun
"3479:UDP"= 3479:UDP:stun 2
"6112:UDP"= 6112:UDP:stun 3
"5730:UDP"= 5730:UDP:game
"5739:UDP"= 5739:UDP:game 1
"9001:TCP"= 9001:TCP:game 2
"11881:TCP"= 11881:TCP:game 3
"8461:TCP"= 8461:TCP:GoD High Port
"8462:TCP"= 8462:TCP:GoD Low Port

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-09-04 111184]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-09-04 20560]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [2008-01-20 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\drivers\k510mdfl.sys [2008-01-20 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\drivers\k510mdm.sys [2008-01-20 94064]
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\k510mgmt.sys [2008-01-20 85408]
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\drivers\k510obex.sys [2008-01-20 83344]
S4 gupdate1c962e5d00de858;Google Update Service (gupdate1c962e5d00de858);c:\program files\Google\Update\GoogleUpdate.exe [2008-12-20 133104]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fdaac578-e913-11dc-a865-000e50f4bcb8}]
\Shell\AutoRun\command - F:\Autorun.exe /run
\Shell\Shell00\Command - F:\Autorun.exe /run
\Shell\Shell01\Command - F:\Autorun.exe /action
\Shell\Shell02\Command - F:\Autorun.exe /uninstall
.
Zawartość folderu 'Zaplanowane zadania'

2009-01-08 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-20 21:59]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)


.
------- Skan uzupełniający -------
.
uStart Page = hxxp://search.speedbit.com/
mStart Page = about:blank
uInternet Connection Wizard,ShellNext = iexplore
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download with GetRight - c:\program files\GetRight\GRdownload.htm
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Open with GetRight Browser - c:\program files\GetRight\GRbrowse.htm
LSP: %SystemRoot%\system32\PrxerDrv.dll
TCP: {38FBEEF6-FD6D-44EE-BD2C-9DE546F7D68F} = 194.204.159.1 217.98.63.164
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll

c:\windows\Downloaded Program Files\weblive.exe - O16 -: {070CA17A-4BD2-4612-83B4-32B1B9159B47}
hxxp://uc.sina.com.cn/download/live/weblive2.4.0.0.cab
c:\windows\Downloaded Program Files\setup.inf

c:\windows\system32\SkanerOnlineUninstall.exe - c:\windows\system32\SkanerOnline.dll
O16 -: {68282C51-9459-467B-95BF-3C0E89627E55}
hxxp://www.mks.com.pl/skaner/SkanerOnline.cab
c:\windows\Downloaded Program Files\SkanerOnline.inf

c:\windows\Downloaded Program Files\iaplayer.dll - O16 -: {DB7BF79A-FC51-4B5A-92BC-A65731174380}
hxxp://www.instantaction.com/download/iaplayer.cab
c:\windows\Downloaded Program Files\cab.inf
FF - ProfilePath - c:\documents and settings\Woytas\Dane aplikacji\Mozilla\Firefox\Profiles\hiagxd7g.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.speedbit.com/
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=
FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - component: c:\program files\Google\Google Gears\Firefox\components\gears.dll
FF - plugin: c:\program files\Google\Update\1.2.133.33\npGoogleOneClick7.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-08 14:18:45
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...


**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1202660629-926492609-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*NULL*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1202660629-926492609-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Warner Bros. Interactive Entertainment\L*NULL*E*NULL*G*NULL*O*NULL*®*NULL* *NULL*B*NULL*a*NULL*t*NULL*m*NULL*a*NULL*n*NULL*"!]
"Order"=hex:08,00,00,00,02,00,00,00,da,02,00,00,01,00,00,00,05,00,00,00,92,00,\
  00,00,00,00,00,00,84,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,72,00,32,\
  00,96,02,00,00,3a,39,e3,58,20,00,4c,41,55,4e,43,48,7e,31,2e,4c,4e,4b,00,00,\
  48,00,03,00,04,00,ef,be,3a,39,e3,58,51,39,c9,a5,14,00,00,00,4c,00,61,00,75,\
  00,6e,00,63,00,68,00,20,00,4c,00,45,00,47,00,4f,00,ae,00,20,00,42,00,61,00,\
  74,00,6d,00,61,00,6e,00,22,21,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,\
  00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,94,00,00,00,01,00,\
  00,00,86,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,74,00,32,00,37,00,00,\
  00,3a,39,e3,58,20,00,4c,45,47,4f,42,41,7e,31,2e,55,52,4c,00,00,4a,00,03,00,\
  04,00,ef,be,3a,39,e3,58,51,39,c9,a5,14,00,00,00,4c,00,45,00,47,00,4f,00,ae,\
  00,20,00,42,00,61,00,74,00,6d,00,61,00,6e,00,22,21,20,00,57,00,65,00,62,00,\
  73,00,69,00,74,00,65,00,2e,00,75,00,72,00,6c,00,00,00,1c,00,0e,00,00,00,0a,\
  00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,98,00,00,00,02,00,00,00,\
  8a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,78,00,32,00,bf,03,00,00,3a,\
  39,e4,58,20,00,55,4e,49,4e,53,54,7e,31,2e,4c,4e,4b,00,00,4e,00,03,00,04,00,\
  ef,be,3a,39,e4,58,51,39,c9,a5,14,00,00,00,55,00,6e,00,69,00,6e,00,73,00,74,\
  00,61,00,6c,00,6c,00,20,00,4c,00,45,00,47,00,4f,00,ae,00,20,00,42,00,61,00,\
  74,00,6d,00,61,00,6e,00,22,21,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,\
  00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,86,00,00,00,03,00,\
  00,00,78,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,66,00,32,00,42,02,00,\
  00,3a,39,e3,58,20,00,56,49,45,57,45,55,7e,31,2e,4c,4e,4b,00,00,3c,00,03,00,\
  04,00,ef,be,3a,39,e3,58,51,39,c9,a5,14,00,00,00,56,00,69,00,65,00,77,00,20,\
  00,45,00,55,00,4c,00,41,00,20,00,46,00,69,00,6c,00,65,00,2e,00,6c,00,6e,00,\
  6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
  00,00,00,8a,00,00,00,04,00,00,00,7c,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
  00,00,6a,00,32,00,4e,02,00,00,3a,39,e3,58,20,00,56,49,45,57,52,45,7e,31,2e,\
  4c,4e,4b,00,00,40,00,03,00,04,00,ef,be,3a,39,e3,58,51,39,c9,a5,14,00,00,00,\
  56,00,69,00,65,00,77,00,20,00,52,00,65,00,61,00,64,00,6d,00,65,00,20,00,46,\
  00,69,00,6c,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,\
  ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00

[HKEY_USERS\S-1-5-21-1202660629-926492609-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*NULL*]
"??"=hex:ad,f0,8c,e6,69,e2,b3,dd,9e,62,48,81,4d,cc,dd,2a,7c,55,69,a7,af,94,25,\
  d8,c5,e6,b6,0f,92,40,01,f3,d3,81,18,a6,10,b9,54,02,fd,7a,d7,0d,7b,21,05,0e,\
  67,32,5a,15,8f,5b,a3,8a,c0,7a,12,8e,38,b2,68,a6,ad,45,1a,1f,35,6f,d8,b4,c8,\
  e6,70,23,27,79,b0,79,d5,5e,af,a3,10,17,37,4c,59,9a,ca,57,d7,cc,21,76,22,4c,\
  a5,0c,8c,2b,a1,ba,38,c0,38,61,78,ed,33,3f,22,6e,88,21,0e,8a,0c,64,58,ab,49,\
  7d,26,32,c8,a7,aa,e6,15,64,fe,3c,b0,0e,1a,58,d4,73,a7,01,b5,50,41,47,c1,82,\
  49,35,de,ca,27,7a,bd,c8,48,17,8d,04,64,66,39,b4,3d,b8,b5,1c,a4,42,22,8f,51,\
  69,51,18,78,40,4c,ca,10,e2,0f,f9,73,59,9e,11,ab,77,00,29,8b,ae,79,d2,a1,b0,\
  4b,ec,87,62,4a,2f,13,05,9e,8c,4c,55,38,35,9a,76,21,97,95,cd,6a,2e,7b,07,d5,\
  57,34,61,b8,fa,28,ea,5d,be,7e,3d,41,ab,4d,5f,07,93,f3,37,63,16,60,21,46,03,\
  ec,59,85,20,20,47,65,e6,6b,f0,fe,f1,2a,c7,31,b5,67,db,51,83,2e,a7,99,6f,64,\
  c7,25,2b,09,25,56,e3,8e,3a,b2,af,3e,b5,2a,9d,0f,b1,88,46,b4,86,d4,55,2e,5b,\
  a6,e4,ec,64,88,61,a6,a2,4b,cb,58,4c,ab,30,95,20,01,31,4e,bc,23,c3,47,35,b2,\
  57,06,50,f9,4c,27,90,8f,27,db,80,c0,24,22,17,74,dc,58,59,8a,32,0d,66,7b,a3,\
  f9,c0,52,3d,47,90,44,8d,e8,33,cc,b8,2d,14,69,99,4a,ba,58,f4,c8,5d,83,9b,34,\
  49,d6,9d,ed,3c,7b,4f,f7,ac,d6,d1,e3,28,7d,d5,10,6b,e9,94,d2,45,e2,ee,c1,42,\
  ee,d4,53,53,8f,97,c5,cb,25,da,35,3d,6a,3c,b0,10,56,85,94,63,dc,23,1f,d0,de,\
  d7,ee,eb,b6,a6,63,10,62,88,c7,a2,e7,b8,90,86,fd,e7,24,07,76,11,7d,82,1b,d3,\
  aa,de,73,b7,39,e1,f0,e2,e6,5b,c5,98,72,7f,eb,5e,4a,ae,51,f2,9e,21,8b,5e,36,\
  34,3c,08,7a,98,8d,ac,aa,2a,44,92,cf,e7,9e,1c,09,9d,15,ad,6a,f6,91,98,eb,03,\
  e4,da,24,44,ee,0e,20,53,d4,a0,9c,be,44,cc,40,cc,4f,24,00,34,af,1d,6d,1c,7d,\
  e3,9a,2a,2a,0d,1b,09,95,be,39,74,ac,67,07,c0,2d,fb,2d,62,9e,3e,b1,92,ff,25,\
  39,08,96,61,58,b7,bf,92,48,de,b6,8c,a1,dd,7c,58,eb,94,0d,73,2b,71,43,1d,67,\
  c3,47,28,0f,d7,5f,90,fa,62,01,18,6a,17,ad,8a,43,15,92,6c,8d,c8,19,88,49,64,\
  e5,d3,42,39,db,af,bc,20,50,72,c3,eb,40,bb,ee,49,05,c1,c0,e1,52,ba,78,d7,63,\
  38,94,7f,ce,72,ea,ab,f4,7c,30,2d,98,4b,62,02,51,da,26,98,60,de,3d,c0,e2,8c,\
  62,bb,92,cc,ce,f9,06,e6,d5,bc,45,c7,a3,5e,ea,f3,4b,13,f3,05,0a,b4,b9,c6,0b,\
  49,e6,09,28,2a,24,31,a7,c6,d3,dd,14,d7,66,e2,81,19,c3,27,dd,68,23,da,c7,b5,\
  42,49,d2,fe,ec,df,20,65,91,64,68,f7,67,06,0d,bd,a4,b0,a9,b4,6a,de,86,43,22,\
  87,cf,51,d1,c4,12,cb,20,3c,05,6a,4a,74,4e,7e,81,91,1c,e8,c2,fa,32,53,2a,c9,\
  c3,90,6b,cc,ff,24,49,e9,b7,08,62,5d,e8,0f,5e,d6,5e,f5,d6,30,a1,51,4d,3c,c7,\
  f1,08,1f,a3,9e,43,2a,92,38,f4,1f,e9,48,ba,9f,57,f1,30,48,ba,6c,b1,33,6c,84,\
  6c,10,57,ef,89,88,15,00,0f,47,f0,8a,f0,6b,c3,91,b3,ed,50,9a,f3,5d,ff,3d,e5,\
  22,df,69,91,46,0f,17,79,2a,a3,2b,f0,ee,73,2b,59,18,9d,a4,9b,be,28,e0,f7,59,\
  0f,c4,47,6c,0b,7d,1c,21,f4,6b,c1,1c,0e,b7,9d,ad,97,52,d8,54,61,a8,9d,f9,bd,\
  95,7c,61,d5,9e,7a,27,a3,c9,68,17,a3,cb,06,73,73,ff,b9,59,ea,c1,a9,34,55,71,\
  1a,4f,d3,10,eb,8c,bd,21,33,d7,a3,fe,d7,02,28,96,09,e0,20,06,c7,9e,1f,6f,48,\
  a7,a0,af,d7,22,93,b4,cb,c7,29,a7,c3,3b,09,a9,b8,77,3c,da,95,15,6b,63,39,0d,\
  8f,0d,72,ab,d4,55,5a,ac,07,fc,df,c9,a0,d4,30,3c,78,ea,94,d7,00,3d,ed,0b,03,\
  ff,50,cd,33,9c,ea,a9,82,81,33,95,20,20,26,30,ef,68,2b,ad,f2,2c,80,2e,d6,12,\
  e6,20,40,9c,3a,97,0d,7e,bd,82,fe,1b,17,05,5a,32,16,6d,ab,f1,5e,17,2b,ef,ad,\
  3a,b3,5c,f4,d0,a3,81,35,94,b9,70,f5,e3,e4,94,e4,0c,cd,9e,7d,14,3e,39,76,ec,\
  ca,94,20,34,4f,c7,c9,84,04,6b,c7,c9,ee,0c,46,f2,81,dd,53,10,1b,9d,d0,b2,d0,\
  41,e0,d4,a1,81,1a,66,05,c7,33,c6,5f,0e,24,64,dd,88,2d,38,ce,22,40,a7,1b,d6,\
  37,df,26,14,5a,9e,65,8d,5a,fd,11,72,40,2c,74,35,2f,b4,82,50,e8,ae,67,24,30,\
  c0,d7,6b,1f,9d,1a,f0,04,2c,16,65,97,f3,45,a4,d9,fd,9f,11,da,c1,78,b9,a2,20,\
  dc,c7,f9,ee,28,6f,e8,18,b8,a3,98,16,ef,f7,e1,42,4d,38,6f,83,f4,cf,59,16,8c,\
  c0,3a,2a,15,a3,dd,6b,e4,5e,f6,f1,20,fa,d2,d4,53,28,9b,e7,8e,5c,70,17,ff,14,\
  38,28,22,da,6b,9d,eb,b4,cc,f8,c0,23,30,b1,25,1f,ca,a6,87,8f,e2,9e,df,9c,b7,\
  d0,98,e7,42,48,d4,02,5b,83,92,a5,3d,dd,cb,99,90,6e,6f,3e,c7,95,40,96,02,58,\
  e5,85,92,e9,88,ad,4b,0a,b6,ce,00,91,9d,6b,f1,5a,cf,83,36,ec,b5,0c,7c,a3,38,\
  6b,6d,5c,d3,be,06,cc,d3,ec,6f,37,9d,cf,81,e3,5f,fa,6e,8b,bc,e8,55,1b,d5,6b,\
  90,5b,48,f9,c2,f0,37,e4,bf,85,42,eb,2b,78,28,bc,69,cb,7b,04,02,4d,4f,5e,7c,\
  e2,11,54,8c,8a,d5,b6,dd,46,94,42,35,a9,18,82,7b,f8,22,a7,8c,6a,74,ac,5e,8f,\
  a1,74,94,d4,c9,5e,57,e7,99,ac,43,a1,aa,e2,3b,0b,09,b1,14,35,48,1e,29,36,4b,\
  0d,1a,94,dd,32,1c,5a,e2,77,99,0a,66,48,c1,15,17,8d,e6,01,05,18,23,98,93,e2,\
  fe,d6,30,34,ab,d1,92,91,48,c3,e8,4d,00,63,fe,00,a2,0a,91,44,22,e2,9a,4d,72,\
  a8,ed,50,78,44,02,2f,25,3b,94,b3,8c,53,5c,cf,2c,29,9c,4b,ac,df,63,09,6d,3c,\
  57,9c,97,9a,81,f5,b8,dc,04,c6,00,d3,ef,e9,77,82,ca,c4,5f,e9,91,bc,15,6a,3d,\
  7c,6a,8c,ad,37,55,b9,a7,01,ae,68,6c,1b,a2,76,10,bf,31,54,64,bf,ed,40,07,42,\
  6f,83,83,2f,ee,c3,5f,32,6d,c5,e2,d1,34,ec,43,fe,16,3c,8b,55,f7,1b,c3,39,bf,\
  de,ee,ba,29,a6,97,ed,f3,a6,d0,ea,e0,e4,40,4b,fe,c6,cb,52,3d,9b,b6,27,4f,9d,\
  a0,c2,84,66,93,a7,9a,a9,ab,96,ad,f0,65,d3,b1,3e,67,51,c9,80,cb,09,ba,2e,6d,\
  cb,b6,0f,d2,fb,21,7c,b7,41,86,67,ec,6f,ba,9f,3b,7c,0f,a7,a2,af,bf,bd,c9,cf,\
  f3,a2,5d,f9,7a,ce,02,79,4e,ad,38,c3,e0,c7,d8,2c,5a,75,58,76,d9,68,04,d8,b0,\
  8a,59,78,80,96,03,39,a4,e9,12,0e,ba,33,8b,71,aa,75,12,a1,ea,df,0b,b0,34,4d,\
  fd,62,9d,c0,83,0a,bc,43,bc,61,1c,ae,d8,08,77,cf,5f,92,a6,d6,6b,1e,21,a4,43,\
  47,bd,a8,f9,f9,cf,60,12,81,ec,ba,54,e0,60,b2,8f,8a,8b,78,1e,a4,f8,14,d2,7f,\
  2e,4d,e0,b0,8b,21,95,28,ee,f3,b5,a2,58,af,cd,a5,58,27,0e,aa,b2,95,d3,4d,bd,\
  9f,6b,26,36,18,53,13,a8,7e,e7,a5,8c,37,f4,ab,cc,f0,10,32,54,5b,3e,5a,10,8b,\
  ef,0d,5e,4c,12,f5,30,a6,5f,a1,18,ce,a7,f3,c6,bf,5a,a1,01,f0,7e,b9,db,16,86,\
  c4,2f,42,8a,53,8a,f8,ad,88,45,57,df,7b,d2,ff,4d,59,3b,28,25,fd,31,42,1b,a2,\
  45,6b,ca,24,15,66,8b,e5,fa,51,dc,bd,fe,81,b0,02,48,55,55,bd,34,5b,1f,cf,c2,\
  a8,b8,ea,80,4c,a4,8b,4a,04,8f,68,da,cd,b9,00,22,26,b0,c5,11,6d,99,b6,89,d7,\
  ec,6a,74,f8,81,2f,c3,fe,e6,cd,ea,2c,a7,5c,67,53,1d,1b,f9,17,3c,38,17,b7,77,\
  aa,72,f2,40,0d,0b,dc,dc,63,42,10,0c,31,2e,65,c3,a5,f5,df,5f,ab,15,00,ec,18,\
  d8,80,de,62,4e,6d,3e,f6,c8,23,57,49,04,b3,07,52,d2,7b,60,7c,9f,40,9b,50,66,\
  aa,61,41,6b,19,a0,43,ec,56,a2,b0,2b,91,62,72,04,4b,7a,e4,57,93,53,f9,83,5f,\
  c5,fa,ac,c0,4f,31,73,fc,57,f5,54,58,58,c5,29,ca,ac,a0,22,ac,3c,4d,4b,40,17,\
  89,a1,7c,69,92,12,56,76,43,04,23,2c,00,e2,f5,21,1b,49,90,4f,ba,b7,7d,00,ff,\
  90,30,ed,66,6c,2e,8c,b1,a7,0d,ee,81,62,f9,f5,28,b7,dd,1b,d3,44,76,e2,13,b1,\
  e4,a9,ba,8e,b9,fa,73,38,f4,3f,bf,b0,24,b0,3b,08,b8,46,3e,53,52,ea,0e,dc,1e,\
  7c,70,51,5d,9c,54,16,f1,10,69,5b,bd,ee,3c,64,c2,36,4a,97,3c,cd,4a,bc,34,3a,\
  18,c9,a2,24,8a,53,02,90,43,38,a1,25,e3,9b,bd,31,76,e0,1c,c0,c9,1e,e7,80,2d,\
  84,00,b2,67,4a,34,e3,c4,72,e1,49,7f,d4,0a,65,da,38,6a,17,99,4f,03,25,29,a0,\
  5e,a4,de,53,40,06,b4,88,3c,bd,1a,47,15,95,d3,eb,0f,69,22,bb,6c,1b,d2,f5,12,\
  c9,cf,42,1a,57,00,87,4e,b8,50,4f,74,fe,8b,8c,e2,6b,0c,f4,f7,52,13,8d,9a,c0,\
  b1,d8,be,49,ae,af,1a,d0,9b,31,51,9e,3c,8a,96,76,5c,35,8c,bc,3f,e2,04,01,ab,\
  78,06,2f,d3,2a,fe,0d,f3,7a,b8,44,83,0b,a8,a0,48,f8,87,34,e3,e3,33,55,ed,7b,\
  2c,73,76,06,74,7d,7b,34,44,19,b7,0d,17,4c,cf,d8,50,b8,3e,fa,95,a3,04,5f,4a,\
  5d,95,e3,26,3d,93,46,9a,f6,71,2f,c9,c6,8d,fa,2b,fd,b6,33,64,62,2e,43,80,03,\
  b0,54,57,e3,0f,be,1f,98,7b,91,ef,a7,28,f9,7c,71,91,bb,2c,9f,7b,ca,38,12,16,\
  fb,1a,2e,c9,da,8f,53,8d,25,cb,1a,29,44,28,d7,25,2b,18,c4,21,23,89,66,cc,ed,\
  2d,b0,95,54,c5,e6,18,cd,0a,a7,f6,61,80,f2,34,42,2f,4a,96,c7,b5,be,22,c7,b6,\
  0a,54,b3,3c,fa,36,71,2e,ea,b5,a4,f7,75,82,f9,a2,46,61,a2,dc,39,fc,28,e4,6c,\
  3d,21,7b,37,1e,3b,07,4c,4d,88,d3,fc,e2,75,3e,e6,d1,db,7b,df,14,19,28,af,c9,\
  b8,eb,77,57,34,da,5e,fe,5c,fa,b6,f5,59,f2,b4,56,43,32,78,8c,8d,3a,b9,9c,30,\
  e1,93,c0,b6,ae,26,a1,08,00,73,24,6e,d3,67,9a,49,93,80,fe,2e,7c,df,9c,e4,d8,\
  e2,7c,9d,95,5a,c7,5f,f8,49,84,ec,7f,27,1b,53,5c,82,ad,37,7b,a9,8a,f3,39,ee,\
  2f,7b,c2,c2,29,2c,b0,a7,6a,0e,4e,66,a1,dd,21,33,8a,13,5a,18,a6,a5,ec,6d,dd,\
  49,0f,5c,46,f7,d2,2a,d4,30,eb,49,d7,0a,75,7d,28,ad,e5,8c,e4,80,ce,4a,29,f3,\
  3f,b7,fc,fa,5a,2f,e9,1b,5f,e1,02,29,cf,51,ad,b1,00,e3,ae,f6,f4,69,2d,d7,23,\
  b8,f7,1f,dc,7b,58,c5,f1,84,d6,12,81,a3,63,71,1e,bd,c9,aa,39,89,19,4a,5f,b8,\
  f2,57,d3,00,67,51,4e,1a,90,e1,7f,0e,1c,75,14,41,19,29,88,50,be,37,a2,fe,7c,\
  ba,06,18,12,e9,11,a6,49,8f,1d,fc,3b,1c,fd,88,0b,30,ae,f7,fc,41,fd,52,c1,93,\
  f2,46,12,4e,ff,ce,f0,cb,77,ca,97,62,23,dd,e0,98,cc,39,4a,62,88,db,13,ac,b4,\
  15,e4,f8,b5,8f,25,e9,40,21,40,5d,f6,2d,27,12,9b,25,5a,1c,50,3c,1d,8d,b1,62,\
  d6,7a,7a,31,ff,be,b6,0b,7a,45,98,32,81,40,dd,7f,8e,4e,58,6a,fa,81,d6,d3,ff,\
  a5,fc,2f,f8,90,33,d3,50,98,2b,8c,0d,8d,c9,9c,31,a2,ea,41,90,3a,0d,5f,31,09,\
  f3,d6,ad,a3,0e,23,45,fd,81,63,67,d6,94,49,fd,26,2d,37,dd,67,2e,56,c0,00,f1,\
  cb,35,3d,e4,da,bb,bc,5a,81,dd,29,55,dc,bf,ab,bc,78,48,71,8c,1c,1f,c7,ad,dd,\
  22,e6,34,32,ae,af,b8,2f,12,1f,01,48,c9,d6,0b,38,2d,6d,dc,cc,b7,10,1e,2a,e8,\
  8f,61,c4,15,de,91,38,bb,9f,2d,62,34,dd,29,fc,c0,b7,ef,22,5d,10,84,54,dd,e9,\
  70,30,23,02,8b,83,f2,e9,f3,2d,89,3d,71,72,0b,e5,16,1d,4c,c5,c1,1e,eb,ce,01,\
  61,71,44,60,d9,60,c1,27,92,51,e6,88,e9,c2,96,0e,30,77,41,3f,fa,17,fd,04,d1,\
  bb,22,43,1d,b3,d8,f1,25,72,69,85,88,e4,a5,e6,45,39,17,8b,1e,4a,cf,7c,42,6f,\
  94,9b,e5,8e,60,c5,2d,ab,55,7a,4d,aa,e9,62,b4,c6,b5,b6,bb,5d,0e,09,f7,c4,3a,\
  f4,8e,bc,82,6c,45,ee,4c,f7,0b,ce,25,54,98,0a,19,9b,68,28,93,b1,9b,c9,88,c6,\
  5f,f1,17,1b,7a,a4,74,a3,a9,06,f3,58,81,1a,7a,a8,61,3c,4c,64,e6,5e,b8,22,aa,\
  10,01,46,b1,66,4b,b3,7d,99,89,ed,98,9f,ac,b0,45,d9,c3,13,c9,23,ec,af,c9,96,\
  4f,79,2b,e6,9d,f1,bc,08,7d,4c,26,60,2d,07,fa,17,9a,a0,1d,2f,df,00,25,be,4d,\
  26,2c,f4,61,77,8b,51,e8,a9,d6,4b,26,a8,5e,95,1a,7f,0a,1c,cf,47,ef,ad,e9,4e,\
  27,8d,95,39,3a,f0,1d,13,bd,63,3b,f5,b3,8c,d1,05,02,7d,7f,ac,3d,a9,fa,44,b8,\
  89,3b,c4,f8,73,dc,37,de,75,a5,7c,73,3e,1f,55,07,44,fb,97,48,e3,90,10,0e,d3,\
  ed,94,ce,42,1f,3e,6d,fc,c2,b7,7e,7e,d7,fd,b9,b8,28,c2,c1,66,a1,60,43,28,be,\
  36,02,3c,41,25,f7,a7,8d,ae,fe,4b,a6,69,86,8b,fb,d8,4a,6b,9f,18,78,db,e9,e0,\
  d5,9e,d5,57,e1,34,8c,04,8f,3a,0c,db,08,99,02,07,f3,42,55,38,06,f1,00,a6,71,\
  b0,97,c4,d5,70,ff,af,21,3b,49,1d,07,99,65,a5,68,89,bf,ad,3b,9a,60,a6,dc,0b,\
  df,0b,03,c5,54,42,8b,e7,46,28,9b,72,79,15,72,4d,df,82,ad,8d,45,28,d5,b4,aa,\
  b6,2f,20,14,74,dd,48,80,b8,b4,63,28,d0,22,22,7a,18,46,1c,14,34,b9,60,9d,86,\
  55,d6,49,71,35,28,8f,82,98,4b,82,7d,1a,b3,4a,b7,bd,84,25,c5,cd,db,1f,73,2c,\
  44,15,95,9f,c2,25,49,f9,e4,34,34,c8,e1,80,11,a6,48,7f,3c,c3,05,ff,d7,6d,8c,\
  c1,62,fb,e0,fb,f1,0d,fc,9e,a8,20,ed,22,af,5c,5b,18,c6,4b,8b,19,7c,f5,fe,cf,\
  b3,d8,18,3c,b3,4c,3e,de,8f,41,d4,45,3d,c8,f3,6f,5e,c6,e2,44,6c,57,9f,8e,ea,\
  03,ce,ce,4f,fd,70,37,cc,69,e9,fa,1c,35,94,d4,66,88,5e,71,ea,82,5d,94,ba,e9,\
  42,f8,d2,e2,6d,80,db,bf,f7,82,61,c4,76,7d,ab,5b,9c,f8,b9,59,f2,fb,e1,c6,28,\
  08,f9,29,09,21,24,08,4a,9d,43,72,55,15,b8,25,52,56,e8,4c,e4,42,8e,a7,f2,ec,\
  f0,9c,f7,67,6a,8e,e3,d0,68,0f,12,f3,0c,db,85,a4,24,26,27,05,ee,54,5b,3b,a7,\
  b2,68,5f,f3,b7,b4,54,a5,eb,3f,d7,21,f5,39,11,e0,04,0a,a0,bb,11,ed,6b,bc,01,\
  a9,11,85,cf,06,1b,52,63,ea,f9,fe,3f,05,4d,eb,19,0c,53,f0,10,58,e8,f7,30,9c,\
  82,9d,eb,7b,fd,8c,df,6b,5a,60,25,4e,cd,fe,ab,9b,81,10,6d,20,68,b5,ca,84,9c,\
  75,d0,45,8e,a4,c9,d1,da,02,62,0a,e6,4a,a3,4d,02,68,f9,67,d8,47,b1,76,26,98,\
  23,8b,2f,fe,06,e7,f7,ee,73,7e,60,45,33,86,03,00,03,79,fd,c1,95,a0,ab,b9,41,\
  55,dc,79,b2,d4,4d,b0,17,f6,d7,a5,4c,62,2e,8d,00,3d,53,03,73,fb,f6,99,9a,92,\
  48,c6,20,25,c9,fc,bb,a4,68,28,da,2f,6f,89,87,98,fb,80,2d,52,74,b6,da,f4,28,\
  18,61,89,46,d8,9f,69,1d,52,4a,42,f9,72,ba,bc,06,80,8b,79,86,c5,ab,75,14,9e,\
  d1,2a,1b,33,d4,cd,d8,04,2a,f2,c3,b7,43,0b,d1,48,e3,26,c5,ee,dc,a5,1d,90,7e,\
  9d,86,36,93,93,7b,86,58,9b,8a,14,a3,3c,f4,24,8f,32,1a,17,d4,75,9e,cc,af,2a,\
  03,38,1b,8f,72,8c,34,c3,3f,7a,d5,dc,45,97,42,96,33,62,4a,34,a2,b2,89,6c,c6,\
  00,31,dd,32,b8,ec,53,29,dd,e0,07,56,c7,b1,09,cd,bc,27,68,1c,72,5b,25,78,ca,\
  ca,d8,2a,ba,20,5f,08,de,33,5e,4e,c0,ca,27,7e,71,37,6b,4c,d4,ed,e6,9d,6c,70,\
  cd,09,fd,01,db,23,da,32,7b,2e,82,b6,a4,a9,e2,de,66,2d,53,30,ae,d1,83,e7,a4,\
  da,87,da,4f,17,24,31,39,24,5b,27,1c,36,d3,7b,e6,88,1c,c9,29,7c,03,76,41,29,\
  06,e2,9b,75,82,b2,3e,0d,63,07,1c,17,27,0d,1a,3b,85,87,76,d0,98,bc,2e,f6,27,\
  91,69,59,4c,94,06,00,9d,39,eb,6d,b9,6d,1c,f1,c2,a1,99,54,3a,3a,14,05,b7,3f,\
  ed,70,0e,ca,c8,d6,e0,a3,6e,9a,19,d4,2d,c7,54,07,44,8a,da,0f,ac,1d,40,1b,f3,\
  72,70,d8,ee,c9,c1,2b,ce,97,32,5b,46,16,5a,3f,96,d8,d6,84,b0,ee,6e,98,10,c2,\
  61,af,3d,f1,ad,5f,7b,be,28,05,de,18,1a,2a,3d,cd,70,45,08,65,73,9a,c7,be,fb,\
  a8,55,7e,67,e9,34,21,16,ad,e4,0c,9e,1c,bb,68,2b,e3,e7,97,e9,ee,36,30,31,04,\
  3f,7c,d1,f6,dc,5b,ab,3d,67,b3,26,0c,66,9c,7d,05,60,d6,75,bb,d9,c9,1b,9e,01,\
  ad,49,44,ac,89,1c,25,39,40,8a,1b,36,a4,21,0e,d7,78,ba,99,fa,72,50,2e,1a,c0,\
  20,e1,56,74,82,d1,81,a8,b9,97,51,63,3b,24,e8,83,56,4f,24,9e,7f,94,93,6f,39,\
  b8,a4,88,01,a0,b0,83,bb,fb,c4,a3,33,a5,7b,b9,82,79,a8,7d,66,4b,4d,48,cd,16,\
  8e,2d,c7,11,19,7f,6f,90,f9,5b,79,5b,24,51,f7,b3,d9,8b,de,62,ca,24,5b,6e,8d,\
  41,1b,03,e2,7d,3f,ad,25,03,4a,c9,44,23,e9,3d,47,8b,cc,7e,ee,64,14,06,18,67,\
  61,3e,5c,cc,d7,42,b0,2e,ff,a5,51,d6,7d,d8,62,fb,6f,88,a5,2f,73,80,7a,7e,3a,\
  ec,e1,93,68,3a,99,d9,4f,9f,d2,5e,19,22,aa,4d,b8,44,31,9f,8b,74,d3,82,4e,83,\
  73,23,50,cb,f6,88,2a,81,43,85,6d,1a,71,b3,8f,53,db,db,c2,de,e7,ae,d7,54,4b,\
  19,56,0b,64,e9,d1,83,5c,7b,76,44,7d,b0,68,c1,55,03,1a,9f,89,c3,04,34,6f,63,\
  31,1a,e1,65,de,db,fa,a3,3d,8b,8f,29,14,a0,45,a9,7f,4b,17,f8,26,7a,cb,f0,68,\
  33,21,a7,05,2f,75,36,03,44,ea,2b,b0,f8,b7,0e,63,b2,74,35,86,00,a8,d2,74,c5,\
  70,3e,b1,ed,a6,f5,bd,0e,2b,7c,5e,d1,ae,3d,27,4c,0e,63,53,b7,2d,24,a8,e2,84,\
  62,93,eb,1a,3e,05,bb,51,cd,bf,03,1d,09,81,fd,2d,c4,b8,29,e4,d5,eb,55,1d,a3,\
  2d,2a,c2,98,38,66,59,b0,34,f3,11,8e,70,1b,90,70,0f,b3,1c,01,cb,6b,8d,38,3a,\
  6a,64,c9,97,a6,f7,b9,00,83,3e,a1,68,a8,10,22,9a,4f,dc,2e,b7,db,c7,46,77,68,\
  9a,27,a9,48,e5,13,28,60,04,e4,21,42,1b,0f,ac,e9,5c,12,cc,45,00,db,7a,2c,f0,\
  bc,02,60,7f,20,b6,4e,f1,d8,6e,23,f4,56,1f,d7,5e,0a,c1,f8,13,d5,19,17,aa,c6,\
  a6,87,5c,ed,1f,fc,f9,aa,e0,fc,4f,95,dd,74,d1,cd,8b,3c,aa,ab,58,9b,cb,e0,f2,\
  1d,2b,7d,5e,3f,ed,08,f4,6e,6a,19,a4,49,f0,26,98,90,f3,11,b5,24,f0,bc,24,b5,\
  1a,eb,40,a5,f2,2b,44,a6,30,e1,d4,ac,b1,a0,44,14,d7,f2,f1,97,73,91,f9,c2,40,\
  32,0e,b9,a4,1f,c8,12,e6,ad,f1,00,b1,80,a2,dc,00,cf,f5,03,ba,a6,e6,f6,90,80,\
  94,37,4d,22,75,25,4d,42,aa,3b,9c,d2,c6,24,f1,20,65,5c,81,14,b8,98,8d,30,2b,\
  05,6f,c0,e3,ea,41,04,ab,52,b4,52,ca,1d,51,ae,1d,05,5c,62,ec,34,8b,bc,f5,21,\
  03,85,20,3a,eb,fd,93,24,92,06,cc,9d,e1,01,83,b2,59,6c,71,18,b5,04,bc,42,b3,\
  0b,a2,f7,fc,16,05,5a,9d,17,4d,f5,6c,c7,bd,48,ce,98,99,8f,19,83,89,de,44,68,\
  88,ad,99,69,4d,ef,9b,b4,94,2a,cb,be,bc,7e,6e,78,9b,05,ad,19,df,11,df,df,b2,\
  84,e1,8f,f8,d0,7e,00,1b,96,32,50,5e,b1,c2,ac,dd,aa,88,52,72,4b,3a,c6,e0,de,\
  c7,a0,23,a2,73,5f,44,18,18,4e,bf,de,d8,9f,e2,64,fd,de,d8,a4,7a,a3,d7,50,4b,\
  d6,cf,02,2a,e8,55,45,4b,61,3c,9c,08,87,2c,3d,42,28,1f,af,b6,6c,c2,df,5a,89,\
  36,86,3d,0d,10,d7,7b,c2,c8,dd,db,ea,b1,05,cb,d4,2e,d2,46,56,f4,9c,3b,73,e4,\
  e0,cd,26,df,32,20,54,b4,d2,9e,6b,f3,b1,9c,9c,90,50,64,7f,08,f6,f4,f5,e3,e3,\
  a5,5a,00,22,3f,80,6b,1f,8b,60,83,a3,78,f1,49,d8,b3,b3,77,84,3a,af,a2,a6,8a,\
  b9,86,97,9e,cd,76,bc,09,e4,33,d7,72,1c,b4,de,cc,72,4a,31,fc,81,f7,74,8c,35,\
  5b,55,51,aa,66,7e,42,57,bb,72,ae,5d,36,94,26,d7,19,d3,25,6c,f2,c3,2d,68,18,\
  d1,e8,89,31,9f,0b,97,5a,41,04,22,cb,01,20,f9,e2,24,20,81,36,f4,70,6d,71,ba,\
  66,0d,47,64,da,42,60,f9,11,c3,ae,c9,02,8c,56,ff,c6,34,7b,10,d8,74,a2,79,af,\
  44,04,0c,37,6d,a8,02,1f,6a,87,e3,b2,f6,a2,d8,89,1e,21,d3,27,18,4a,e1,70,07,\
  e1,e5,2d,7b,8f,87,62,7d,7b,13,1f,85,02,d4,00,88,4f,bb,21,61,06,b7,be,c3,ee,\
  20,b9,52,c3,40,33,08,b8,42,9d,b5,65,5b,bd,83,bf,0a,0a,9d,ed,ea,c8,7e,3b,a8,\
  de,16,64,a2,f6,c8,38,d2,1c,af,f7,3e,85,69,66,06,67,12,98,48,9e,b8,69,10,b2,\
  4c,1b,60,83,84,3a,ba,4e,9c,2e,c5,5a,64,85,f3,73,d2,bf,7a,0b,91,30,88,2f,96,\
  4d,45,da,36,f3,d5,94,04,e0,33,29,10,48,7e,5b,b6,3c,1e,b2,a5,09,bd,1f,b1,4c,\
  68,2f,3f,f1,91,15,63,8f,b4,b0,db,d5,44,e4,03,2f,8b,79,2c,d1,22,c8,81,aa,31,\
  8c,31,62,e6,d4,73,72,2b,5f,80,3a,ba,a5,0c,75,bb,bd,c6,57,63,01,95,6d,db,5a,\
  8b,29,50,03,eb,32,9e,4d,27,1d,29,36,8f,d5,89,b1,a6,83,3e,70,bc,c4,d4,88,f6,\
  53,09,b3,6b,4a,08,00,03,da,05,19,99,0f,41,59,8f,eb,59,f0,66,af,8c,4c,47,63,\
  56,d9,a2,fd,9d,e8,23,c1,d1,7d,f3,54,39,a9,47,8a,eb,4c,4e,90,41,85,2c,a2,a1,\
  4f,cb,53,63,45,6f,e0,19,9b,9b,83,95,8f,be,44,1c,15,cc,e3,51,d2,0c,db,f4,e4,\
  48,72,99,68,63,52,80,1a,c8,ba,1d,c2,eb,4b,b9,5e,97,8e,ef,af,5a,cc,2e,41,8d,\
  0d,1b,45,48,e6,3b,ca,6a,7a,94,02,19,ea,0b,67,01,6c,a9,e8,d1,ab,02,09,d2,6c,\
 
"??"=hex:98,76,7b,82,54,9a,47,b0,56,34,d8,21,da,62,64,81

[HKEY_USERS\S-1-5-21-1202660629-926492609-725345543-1003\Software\SecuROM\License information*NULL*]
"datasecu"=hex:d5,09,13,69,04,b8,97,93,2b,5d,c5,e3,be,29,f3,5f,6f,00,50,47,a2,\
  8f,fe,6e,4a,09,2d,84,3a,5d,10,21,a5,97,4e,8d,01,f6,99,47,2e,d2,56,04,ac,bc,\

"rkeysecu"=hex:3c,63,19,a2,76,5e,6c,26,bb,5e,3c,7c,a4,28,92,9e
.
Czas ukończenia: 2009-01-08 14:20:47
ComboFix-quarantined-files.txt  2009-01-08 13:19:30

Przed: 271 409 152 bajtów wolnych
Po: 580,165,632 bajtów wolnych

964


Kod: Zaznacz wszystko

[b]SDFix: Version 1.240 [/b]
Run by Administrator on 2009-01-08 at 14:26

Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:



                                 [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-08 14:30:55
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:ed08b3aa
"s2"=dword:294d7a17
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:48,55,f1,18,04,81,e8,b8,bf,dd,04,b0,6c,37,2b,b3,a4,df,81,ff,92,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:7a,c1,1e,cd,b8,11,81,5b,b6,8a,ee,b3,e9,d8,57,e6,30,55,ad,d5,f1,..
"a0"=hex:20,01,00,00,ac,00,2c,82,5c,59,4c,f7,c4,99,c4,41,70,a1,5a,74,e2,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:af,04,59,6e,98,fe,96,76,a3,cf,0c,05,0c,86,0c,e0,aa,5e,6b,6a,1d,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:f5,9c,a9,77,e8,75,11,cb,81,7b,a5,7f,73,a6,c3,a2,9a,cd,1c,23,62,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:48,55,f1,18,04,81,e8,b8,bf,dd,04,b0,6c,37,2b,b3,a4,df,81,ff,92,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:7a,c1,1e,cd,b8,11,81,5b,b6,8a,ee,b3,e9,d8,57,e6,30,55,ad,d5,f1,..
"a0"=hex:20,01,00,00,ac,00,2c,82,5c,59,4c,f7,c4,99,c4,41,70,a1,5a,74,e2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:af,04,59,6e,98,fe,96,76,a3,cf,0c,05,0c,86,0c,e0,aa,5e,6b,6a,1d,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:f5,9c,a9,77,e8,75,11,cb,81,7b,a5,7f,73,a6,c3,a2,9a,cd,1c,23,62,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\\e\\utorrent.exe"="D:\\e\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Gadu-Gadu\\gg.exe"="C:\\Program Files\\Gadu-Gadu\\gg.exe:*:Enabled:Gadu-Gadu - program główny"
"C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"="C:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Documents and Settings\\All Users\\Dane aplikacji\\NexonUS\\NGM\\NGM.exe"="C:\\Documents and Settings\\All Users\\Dane aplikacji\\NexonUS\\NGM\\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\\Program Files\\DAP\\DAP.exe"="C:\\Program Files\\DAP\\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"E:\\Gry\\GTA4\\Rockstar Games Social Club\\RGSCLauncher.exe"="E:\\Gry\\GTA4\\Rockstar Games Social Club\\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"E:\\Gry\\GTA4\\Grand Theft Auto IV\\LaunchGTAIV.exe"="E:\\Gry\\GTA4\\Grand Theft Auto IV\\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"E:\\Gry\\GTA4\\Grand Theft Auto IV\\GTAIV.exe"="E:\\Gry\\GTA4\\Grand Theft Auto IV\\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"E:\\Gry\\fifja 08\\FIFA08.exe"="E:\\Gry\\fifja 08\\FIFA08.exe:*:Enabled:FIFA08"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"E:\\Gry\\Combat Arms\\CombatArms.exe"="E:\\Gry\\Combat Arms\\CombatArms.exe:*Enabled:CombatArms.exe"
"E:\\Gry\\Combat Arms\\Engine.exe"="E:\\Gry\\Combat Arms\\Engine.exe:*Enabled:Engine.exe"

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Mon  3 Dec 2007            48 A.SH. --- "C:\WINDOWS\S8DCD8417.tmp"
Wed 13 Feb 2008            79 A..H. --- "C:\WINDOWS\system32\repapllaw1.dll"
Mon 13 Nov 2006       319,456 A..H. --- "C:\Program Files\Common Files\Motorola Shared\MotPCSDrivers\difxapi.dll"
Mon 31 Mar 2008     1,249,280 ...H. --- "C:\Documents and Settings\Woytas\Dane aplikacji\Microsoft\Word\~WRL1620.tmp"
Mon 31 Mar 2008     1,247,744 ...H. --- "C:\Documents and Settings\Woytas\Dane aplikacji\Microsoft\Word\~WRL1765.tmp"
Mon 31 Mar 2008     1,255,936 ...H. --- "C:\Documents and Settings\Woytas\Dane aplikacji\Microsoft\Word\~WRL2442.tmp"
Mon 31 Mar 2008     1,252,864 ...H. --- "C:\Documents and Settings\Woytas\Dane aplikacji\Microsoft\Word\~WRL3049.tmp"
Mon 31 Mar 2008     1,258,496 ...H. --- "C:\Documents and Settings\Woytas\Dane aplikacji\Microsoft\Word\~WRL3296.tmp"
Mon 31 Mar 2008     1,250,816 ...H. --- "C:\Documents and Settings\Woytas\Dane aplikacji\Microsoft\Word\~WRL3837.tmp"
Sat 27 Dec 2008         8,393 ...HR --- "C:\Documents and Settings\Woytas\Dane aplikacji\SecuROM\UserData\securom_v7_01.bak"

[b]Finished![/b]



Kod: Zaznacz wszystko

Logfile of HijackThis v1.99.1
Scan saved at 14:41:42, on 2009-01-08
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
D:\e\Programy\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: Ustawienia wtyczki &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O16 - DPF: {070CA17A-4BD2-4612-83B4-32B1B9159B47} (ULiveCtrl Control) - http://uc.sina.com.cn/download/live/weblive2.4.0.0.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://www.instantaction.com/download/iaplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{38FBEEF6-FD6D-44EE-BD2C-9DE546F7D68F}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: Google Update Service (gupdate1c962e5d00de858) (gupdate1c962e5d00de858) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe



[wojtas]

1. Ściągnij OTMoveIt i go włacz i odpal go z opcji CleanUp oraz skasuj folder C:\Qoobox
2. wykonaj optymalizację windowsa
3.sciagnij ATF_Cleaner
zaznacz
Windows Temp
All users Temp
Temporary internet files
Recycle Bin
i wcisnij EMPTY SELECTED
4.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
5.Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

i tym:

FixIEDef.