Windows 7 Forum: konfiguracja, optymalizacja, porady, gadżety •
Wyskakujący błąd aplikacji 0xc0000005 - Wersja do druku

+- Windows 7 Forum: konfiguracja, optymalizacja, porady, gadżety • (https://windows7forum.pl)
+-- Dział: Pomoc i wsparcie, Windows 7 (/pomoc-i-wsparcie-windows-7-26-f)
+--- Dział: Konfiguracja i optymalizacja Windows 7 (/konfiguracja-i-optymalizacja-windows-7-9-f)
+--- Wątek: Wyskakujący błąd aplikacji 0xc0000005 (/wyskakujacy-blad-aplikacji-0xc0000005-21781-t)



Wyskakujący błąd aplikacji 0xc0000005 - fenomeno - 08.02.2012 14:10

witam! wyskakuje mi poniższy błąd
---------------------------
fifa.exe - Błąd aplikacji
---------------------------
Aplikacja nie została właściwie uruchomiona (0xc0000005). Kliknij przycisk OK, aby zakończyć aplikację.
---------------------------
OK
---------------------------


właściwie to z tego co kojarzę to również dlatego usunąłem Avasta kilka dni temu. wstawiam wpisy z hijacka i combofixa.
combo
Kod:
ComboFix 12-02-07.01 - Filip 2012-02-08  12: 55: 22.1.2 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.48.1045.18.2046.1160 [GMT 1: 00]
Uruchomiony z:  c: \users\Filip\Downloads\ComboFix.exe
AV:  Ashampoo Anti-Malware *Disabled/Updated* {1586225C-B0F7-7A3E-FBB7-F15B3A4D2579}
SP:  Ashampoo Anti-Malware *Disabled/Updated* {AEE7C3B8-96CD-75B0-C107-CA2941CA6FC4}
SP:  Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c: \program files (x86)\facemoods.com
c: \program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoods.crx
c: \program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoods.png
c: \program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsApp.dll
c: \program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsEng.dll
c: \program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe
c: \program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
c: \program files (x86)\facemoods.com\facemoods\1.4.17.7\uninstall.exe
c: \users\Filip\AppData\Roaming\edxLabs
c: \users\Filip\AppData\Roaming\edxLabs\edxSilkroadLoader5\edxSilkroadLoader5.ini
c: \users\Filip\AppData\Roaming\EurekaLog
c: \windows\settings.reg
c: \windows\SysWow64\5.txt
c: \windows\SysWow64\tmp666.tmp
c: \windows\SysWow64\tmp667.tmp
c: \windows\SysWow64\tmp736B.tmp
c: \windows\SysWow64\tmp736C.tmp
c: \windows\SysWow64\tmpA8FB.tmp
c: \windows\SysWow64\tmpA8FC.tmp
c: \windows\SysWow64\tmpAA83.tmp
c: \windows\SysWow64\tmpAA84.tmp
c: \windows\SysWow64\tmpB53B.tmp
c: \windows\SysWow64\tmpB53C.tmp
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-01-08 do 2012-02-08  )))))))))))))))))))))))))))))))
.
.
2012-02-08 12: 25 . 2012-02-08 12: 25    --------    d-----w-    c: \users\Default\AppData\Local\temp
2012-02-08 11: 03 . 2012-02-08 11: 03    --------    d-----w-    c: \programdata\ATI
2012-02-08 11: 02 . 2012-02-08 11: 02    --------    d-----w-    c: \program files (x86)\AMD APP
2012-02-08 10: 52 . 2012-02-08 10: 52    --------    d-----w-    C: \AMD
2012-02-05 10: 01 . 2012-02-05 10: 01    --------    d-----w-    c: \users\Filip\AppData\Local\Ashampoo
2012-02-05 10: 00 . 2012-02-05 10: 00    --------    d-----w-    c: \program files (x86)\Ashampoo
2012-02-05 09: 41 . 2012-02-05 09: 46    --------    d-----w-    c: \programdata\AVAST Software
2012-02-01 18: 45 . 2012-02-01 18: 55    --------    d-----w-    C: \PIT Format 2011
2012-01-26 15: 03 . 2012-01-26 15: 03    --------    d-----w-    c: \programdata\HP
2012-01-10 17: 04 . 2012-01-10 17: 04    --------    d-----w-    c: \users\Filip\AppData\Roaming\Scilab
2012-01-10 17: 00 . 2012-01-10 17: 53    --------    d-----w-    c: \program files\scilab-5.3.3
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-08 10: 47 . 2011-07-13 12: 55    280768    ----a-w-    c: \windows\SysWow64\PnkBstrB.exe
2012-02-08 10: 47 . 2010-03-19 20: 32    280768    ----a-w-    c: \windows\SysWow64\PnkBstrB.xtr
2012-02-03 15: 10 . 2011-07-13 12: 55    280736    ----a-w-    c: \windows\SysWow64\PnkBstrB.ex0
2011-12-06 03: 45 . 2011-12-06 03: 45    10720256    ----a-w-    c: \windows\system32\drivers\atikmdag.sys
2011-12-06 03: 18 . 2011-12-06 03: 18    25371136    ----a-w-    c: \windows\system32\atio6axx.dll
2011-12-06 03: 17 . 2011-12-06 03: 17    159744    ----a-w-    c: \windows\system32\atiapfxx.exe
2011-12-06 03: 17 . 2011-12-06 03: 17    778752    ----a-w-    c: \windows\SysWow64\aticfx32.dll
2011-12-06 03: 16 . 2011-01-26 22: 59    933888    ----a-w-    c: \windows\system32\aticfx64.dll
2011-12-06 03: 12 . 2011-12-06 03: 12    466944    ----a-w-    c: \windows\system32\ATIDEMGX.dll
2011-12-06 03: 12 . 2011-12-06 03: 12    494080    ----a-w-    c: \windows\system32\atieclxx.exe
2011-12-06 03: 11 . 2011-12-06 03: 11    235520    ----a-w-    c: \windows\system32\atiesrxx.exe
2011-12-06 03: 10 . 2011-12-06 03: 10    120320    ----a-w-    c: \windows\system32\atitmm64.dll
2011-12-06 03: 10 . 2011-12-06 03: 10    423424    ----a-w-    c: \windows\system32\atipdl64.dll
2011-12-06 03: 10 . 2011-12-06 03: 10    360448    ----a-w-    c: \windows\SysWow64\atipdlxx.dll
2011-12-06 03: 10 . 2011-12-06 03: 10    278528    ----a-w-    c: \windows\SysWow64\Oemdspif.dll
2011-12-06 03: 09 . 2011-12-06 03: 09    21504    ----a-w-    c: \windows\system32\atimuixx.dll
2011-12-06 03: 09 . 2011-12-06 03: 09    59392    ----a-w-    c: \windows\system32\atiedu64.dll
2011-12-06 03: 09 . 2011-12-06 03: 09    43520    ----a-w-    c: \windows\SysWow64\ati2edxx.dll
2011-12-06 03: 06 . 2011-12-06 03: 06    6159872    ----a-w-    c: \windows\SysWow64\atidxx32.dll
2011-12-06 02: 56 . 2011-12-06 02: 56    19125760    ----a-w-    c: \windows\SysWow64\atioglxx.dll
2011-12-06 02: 51 . 2009-07-13 21: 59    7520768    ----a-w-    c: \windows\system32\atidxx64.dll
2011-12-06 02: 39 . 2011-12-06 02: 39    1113088    ----a-w-    c: \windows\system32\atiumd6v.dll
2011-12-06 02: 39 . 2011-12-06 02: 39    1828864    ----a-w-    c: \windows\SysWow64\atiumdmv.dll
2011-12-06 02: 39 . 2011-12-06 02: 39    4072960    ----a-w-    c: \windows\system32\atiumd6a.dll
2011-12-06 02: 34 . 2011-12-06 02: 34    51200    ----a-w-    c: \windows\system32\aticalrt64.dll
2011-12-06 02: 34 . 2011-12-06 02: 34    46080    ----a-w-    c: \windows\SysWow64\aticalrt.dll
2011-12-06 02: 34 . 2011-12-06 02: 34    44544    ----a-w-    c: \windows\system32\aticalcl64.dll
2011-12-06 02: 34 . 2011-12-06 02: 34    44032    ----a-w-    c: \windows\SysWow64\aticalcl.dll
2011-12-06 02: 34 . 2011-12-06 02: 34    13738496    ----a-w-    c: \windows\system32\aticaldd64.dll
2011-12-06 02: 33 . 2011-12-06 02: 33    5919232    ----a-w-    c: \windows\SysWow64\atiumdag.dll
2011-12-06 02: 29 . 2011-12-06 02: 29    11484672    ----a-w-    c: \windows\SysWow64\aticaldd.dll
2011-12-06 02: 28 . 2011-12-06 02: 28    4206592    ----a-w-    c: \windows\SysWow64\atiumdva.dll
2011-12-06 02: 24 . 2011-12-06 02: 24    7511040    ----a-w-    c: \windows\system32\atiumd64.dll
2011-12-06 02: 18 . 2011-01-26 22: 20    58880    ----a-w-    c: \windows\system32\coinst.dll
2011-12-06 02: 13 . 2011-12-06 02: 13    509952    ----a-w-    c: \windows\system32\atiadlxx.dll
2011-12-06 02: 12 . 2011-12-06 02: 12    356352    ----a-w-    c: \windows\SysWow64\atiadlxy.dll
2011-12-06 02: 12 . 2011-12-06 02: 12    17408    ----a-w-    c: \windows\system32\atig6pxx.dll
2011-12-06 02: 12 . 2011-12-06 02: 12    14336    ----a-w-    c: \windows\SysWow64\atiglpxx.dll
2011-12-06 02: 12 . 2011-12-06 02: 12    14336    ----a-w-    c: \windows\system32\atiglpxx.dll
2011-12-06 02: 12 . 2011-12-06 02: 12    39936    ----a-w-    c: \windows\system32\atig6txx.dll
2011-12-06 02: 12 . 2011-12-06 02: 12    33280    ----a-w-    c: \windows\SysWow64\atigktxx.dll
2011-12-06 02: 12 . 2011-12-06 02: 12    327168    ----a-w-    c: \windows\system32\drivers\atikmpag.sys
2011-12-06 02: 11 . 2011-01-26 22: 12    42496    ----a-w-    c: \windows\system32\atiuxp64.dll
2011-12-06 02: 11 . 2011-12-06 02: 11    33280    ----a-w-    c: \windows\SysWow64\atiuxpag.dll
2011-12-06 02: 11 . 2011-12-06 02: 11    39936    ----a-w-    c: \windows\system32\atiu9p64.dll
2011-12-06 02: 11 . 2011-12-06 02: 11    29696    ----a-w-    c: \windows\SysWow64\atiu9pag.dll
2011-12-06 02: 10 . 2011-12-06 02: 10    54784    ----a-w-    c: \windows\system32\atimpc64.dll
2011-12-06 02: 10 . 2011-12-06 02: 10    54784    ----a-w-    c: \windows\system32\amdpcom64.dll
2011-12-06 02: 10 . 2011-12-06 02: 10    53760    ----a-w-    c: \windows\SysWow64\atimpc32.dll
2011-12-06 02: 10 . 2011-12-06 02: 10    53760    ----a-w-    c: \windows\SysWow64\amdpcom32.dll
2011-12-06 02: 10 . 2011-12-06 02: 10    53248    ----a-w-    c: \windows\system32\drivers\ati2erec.dll
2011-12-05 21: 04 . 2011-12-05 21: 04    69632    ----a-w-    c: \windows\system32\OpenVideo64.dll
2011-12-05 21: 04 . 2011-12-05 21: 04    59904    ----a-w-    c: \windows\SysWow64\OpenVideo.dll
2011-12-05 21: 03 . 2011-12-05 21: 03    61952    ----a-w-    c: \windows\system32\OVDecode64.dll
2011-12-05 21: 03 . 2011-12-05 21: 03    54784    ----a-w-    c: \windows\SysWow64\OVDecode.dll
2011-12-05 21: 03 . 2011-12-05 21: 03    17580544    ----a-w-    c: \windows\system32\amdocl64.dll
2011-12-05 21: 03 . 2011-12-05 21: 03    14499328    ----a-w-    c: \windows\SysWow64\amdocl.dll
2011-12-05 21: 02 . 2011-12-05 21: 02    51200    ----a-w-    c: \windows\system32\OpenCL.dll
2011-12-05 21: 02 . 2011-12-05 21: 02    44032    ----a-w-    c: \windows\SysWow64\OpenCL.dll
2011-11-15 16: 58 . 2011-11-15 16: 58    146432    ----a-w-    c: \windows\system32\SlotMaximizerAg.dll
2011-11-15 16: 58 . 2011-11-15 16: 58    3507712    ----a-w-    c: \windows\system32\SlotMaximizerBe.dll
2011-11-15 16: 57 . 2011-11-15 16: 57    2463744    ----a-w-    c: \windows\SysWow64\SlotMaximizerBe.dll
2011-11-15 16: 57 . 2011-11-15 16: 57    122880    ----a-w-    c: \windows\SysWow64\SlotMaximizerAg.dll
2011-11-10 18: 35 . 2011-07-13 12: 54    75136    ----a-w-    c: \windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c: \program files (x86)\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="c: \program files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"UpdReg"="c: \windows\UpdReg.EXE" [2000-05-11 90112]
"P17Helper"="P17.dll" [2005-05-03 64512]
"SunJavaUpdateSched"="c: \program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"StartCCC"="c: \program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-12-05 343168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages    REG_MULTI_SZ       kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
2;2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c: \windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R1 aswSnx;aswSnx; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c: \windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c: \program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-27 1030600]
R3 P1764;Sound Blaster Audigy;c: \windows\system32\drivers\P1764.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c: \windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c: \windows\System32\Drivers\sptd.sys [x]
S2 AAMW_WSC_Service_Vista;Ashampoo Anti-Malware WSC Service;c: \program files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe [2010-03-02 52616]
S2 AAMWService;Ashampoo Anti-Malware Service;c: \program files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe [2011-08-17 1313184]
S2 Akamai;Akamai NetSession Interface;c: \windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c: \windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c: \program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-05 361984]
S2 aswMonFlt;aswMonFlt;c: \windows\system32\drivers\aswMonFlt.sys [x]
S2 cpuz135;cpuz135;c: \windows\system32\drivers\cpuz135_x64.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c: \program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 2111368]
S3 amdiox64;AMD IO Driver;c: \windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c: \windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c: \windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c: \windows\system32\drivers\AtihdW76.sys [x]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai    REG_MULTI_SZ       Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12: 24    451872    ----a-w-    c: \program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-02-07 c: \windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1505672958-3853660610-571632931-1000Core.job
- c: \users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-01 14: 59]
.
2012-02-08 c: \windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1505672958-3853660610-571632931-1000UA.job
- c: \users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-01 14: 59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ashampoo Anti-Malware Guard"="c: \program files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe" [2010-08-26 3314176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Skan uzupełniający -------
.
uLocal Page = c: \windows\system32\blank.htm
mLocal Page = c: \windows\SYSTEM32\blank.htm
IE:  E&ksportuj do programu Microsoft Excel - c: \progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c: \users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\th0pjzjj.default\
FF - prefs.js:  browser.search.selectedEngine - Google
FF - prefs.js:  browser.startup.homepage - google.pl
FF - prefs.js:  keyword.URL - hxxp: //startsear.ch/?aff=1&src=sp&cf=c9ff7d10-2366-11e1-a181-001bfc300ea1&q=
FF - prefs.js:  network.proxy.http - proxy.telsten.com
FF - prefs.js:  network.proxy.http_port - 3128
FF - prefs.js:  network.proxy.type - 0
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Wow6432Node-HKCU-Run-DriverMax - (no file)
Wow6432Node-HKCU-Run-DriverMax_RESTART - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-Adobe Shockwave Player - c: \windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-facemoods - c: \program files (x86)\facemoods.com\facemoods\1.4.17.7\uninstall.exe
AddRemove-PunkBusterSvc - c: \windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c: \program files (x86)\common files\akamai/netsession_win_e286960.dll"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1505672958-3853660610-571632931-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"?"=hex: f1,1a,82,47,9d,87,4f,39,7c,7f,45,d5,f1,d0,93,7a,f7,64,1c,e1,c4,44,e6,
   80,03,3b,0c,f5,a2,bd,e0,17,b7,0c,2b,e4,a8,8e,3d,c9,fd,21,9b,78,63,0a,99,14,\
"?"=hex: d0,61,8e,19,35,d8,74,c0,6d,e4,77,89,e2,57,ed,fc
.
[HKEY_USERS\S-1-5-21-1505672958-3853660610-571632931-1000\Software\SecuROM\License information*]
"datasecu"=hex: c6,99,33,d4,8f,98,99,6f,fb,99,33,7c,79,96,95,40,0a,bb,40,04,6e,
   1a,b6,1a,4b,5c,63,0d,06,4d,ea,65,b2,4b,21,0e,df,0d,46,65,f0,3b,38,65,08,0b,\
"rkeysecu"=hex: 1d,aa,c7,54,69,a9,5f,0a,15,7d,9c,6a,ec,56,39,59
.
[HKEY_USERS\S-1-5-21-1505672958-3853660610-571632931-1000\System\CurrentControlSet\Control\MediaProperties\PrivateProperties\DirectInput\VID_0079&PID_0006\Calibration\0\Type\Axes]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied:  (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c: \\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword: 00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c: \\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied:  (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c: \\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c: \\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied:  (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c: \\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c: \\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied:  (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied:  (A) (Users)
@Denied:  (A) (Everyone)
@Allowed:  (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword: 00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied:  (A) (Users)
@Denied:  (A) (Everyone)
@Allowed:  (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword: 00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied:  (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c: \program files (x86)\Common Files\LightScribe\LSSrvc.exe
c: \program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c: \program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
c: \windows\SysWOW64\PnkBstrA.exe
c: \program files (x86)\CyberLink\Shared Files\RichVideo.exe
c: \windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Czas ukończenia:  2012-02-08  13: 32: 21 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2012-02-08 12: 32
.
Przed:  28 992 155 648 bajtów wolnych
Po:  31 678 181 376 bajtów wolnych
.
- - End Of File - - 0575E837809BAFEE8EB7BA154E68DA61
hijack
Kod:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13: 45: 43, on 2012-02-08
Platform:  Windows 7  (WinNT 6.00.3504)
MSIE:  Internet Explorer v8.00 (8.00.7600.16766)
Boot mode:  Normal

Running processes:
C: \Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C: \Program Files (x86)\DAEMON Tools Lite\daemon.exe
C: \Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C: \Windows\SysWOW64\rundll32.exe
C: \Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C: \Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe
C: \Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C: \Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe
C: \Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C: \Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C: \Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C: \Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http: //go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http: //go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http: //go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO:  AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C: \Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO:  Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C: \Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO:  IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C: \PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL
O4 - HKLM\..\Run:  [CTSysVol] C: \Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run:  [UpdReg] C: \Windows\UpdReg.EXE
O4 - HKLM\..\Run:  [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run:  [SunJavaUpdateSched] "C: \Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run:  [StartCCC] "C: \Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run:  [DAEMON Tools Lite] "C: \Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O8 - Extra context menu item:  E&ksportuj do programu Microsoft Excel - res: //C: \PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button:  Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C: \PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem:  Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C: \PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button:  Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C: \PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP:  c: \program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP:  c: \program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service:  Ashampoo Anti-Malware Service (AAMWService) - Unknown owner - C: \Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe
O23 - Service:  Ashampoo Anti-Malware WSC Service (AAMW_WSC_Service_Vista) - Unknown owner - C: \Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe
O23 - Service:  @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C: \Windows\System32\alg.exe (file missing)
O23 - Service:  AMD External Events Utility - Unknown owner - C: \Windows\system32\atiesrxx.exe (file missing)
O23 - Service:  AMD FUEL Service - Advanced Micro Devices, Inc. - C: \Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service:  avast! Antivirus - Unknown owner - C: \Program Files\Alwil Software\Avast5\AvastSvc.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C: \Windows\System32\lsass.exe (file missing)
O23 - Service:  @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C: \Windows\system32\fxssvc.exe (file missing)
O23 - Service:  FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C: \Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service:  LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C: \Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service:  @keyiso.dll,-100 (KeyIso) - Unknown owner - C: \Windows\system32\lsass.exe (file missing)
O23 - Service:  LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service:  @comres.dll,-2797 (MSDTC) - Unknown owner - C: \Windows\System32\msdtc.exe (file missing)
O23 - Service:  @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C: \Windows\system32\lsass.exe (file missing)
O23 - Service:  PnkBstrA - Unknown owner - C: \Windows\system32\PnkBstrA.exe
O23 - Service:  @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C: \Windows\system32\lsass.exe (file missing)
O23 - Service:  Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C: \Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service:  @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C: \Windows\system32\locator.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C: \Windows\system32\lsass.exe (file missing)
O23 - Service:  ServiceLayer - Nokia - C: \Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service:  @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C: \Windows\System32\snmptrap.exe (file missing)
O23 - Service:  @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C: \Windows\System32\spoolsv.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C: \Windows\system32\sppsvc.exe (file missing)
O23 - Service:  Steam Client Service - Valve Corporation - C: \Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service:  @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C: \Windows\system32\UI0Detect.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C: \Windows\system32\lsass.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C: \Windows\System32\vds.exe (file missing)
O23 - Service:  @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C: \Windows\system32\vssvc.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C: \Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service:  @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C: \Windows\system32\wbengine.exe (file missing)
O23 - Service:  @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C: \Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service:  @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C: \Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7187 bytes

Reinstalacja sterów nic nie dała. Czy pozostaje tylko format?