Tak jak wszyscy - pomocy...
Otworzyłam w Operze chyba 20 linków z wyszukiwania Google (nie były to strony xxx czy też pornografia dziecięca ani 'ogrody'). Nie ruszałam komputera przez 5 minut bo rozmawiałam przez telefon i w chwili gdy ruszyłam touchpad żeby otworzyć potrzebny plik - komputer został zablokowany (nie zdążyłam otworzyć pliku i nic zrobić)...
Uruchomiłam komputer w trybie awaryjnym i usunęłam wszystkie pliki tymczasowe i wyczyściłam historie przegladarek (Opera i IE) z nadzieja, że może to cos da.
Nie mialam zainstalowanych na komputerze żadnych emulatorów napędów ani SPTD (nie został wykryty przez program).
PS Podobno niektórym zamiast nieaktualnego godła Polski wyswietla się logo policji. I policja nic z tym nie robi, bo jeszcze nikt nie zgłosił przestępstwa wymuszenia - a to jest wymuszenie.
PS2 Genialny manual do logów i gmera, bez tego nie dałabym rady.
GMER:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-07-13 12:55:41
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0
Running: 4p9trm4o.exe; Driver: C:\Users\Maciej\AppData\Local\Temp\ugdiypod.sys
---- Kernel code sections - GMER 1.0.15 ----
.sptd1 C:\Windows\System32\Drivers\sptd.sys entry point in ".sptd1" section [0x80786B2E]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [742E7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7432B4E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [742EBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [742DF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [742E75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [742DE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [743173F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [742EDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [742DFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [742DFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [742D71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7436CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7430C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [742DD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [742D6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [742D687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1632] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [742E2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Dynamiczna struktura WDF/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002556c28e31
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002556c28e31 (not active ControlSet)
---- EOF - GMER 1.0.15 ----
Extras.Txt
OTL.Txt