mój norton 360 wykrywa konie trojańskie,jednak niemoze sie z nimi uporac.prosze o sprawdzenie loga.próbowałam tez sie ratoweac avg antywius,jednak on zupełnie nic niewidzi.a wirusy są i robia mi bałagan w kompie.prosze o sprawdzenie loga.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:02:16, on 2009-01-16

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\NetLimiter 2 Pro\NLClient.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\Program Files\Multimedia Combo Set Driver\MouseDrv.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\AVG\AVG8\avgtray.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Users\Patrycja\Program Files\DNA\btdna.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Multimedia Combo Set Driver\PS2USBKbdDrv.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Sferia\EasyWirelessNet\EasyWirelessNet.exe

C:\Program Files\LG PC Suite 2\LGPCSuiteLanucher_Setup.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\AVG\AVG8\avgui.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\AVG\AVG8\avgscanx.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM…\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM…\Run: [RoxWatchTray] “C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe”

O4 - HKLM…\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe

O4 - HKLM…\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”

O4 - HKLM…\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM…\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe

O4 - HKLM…\Run: [symantec PIF AlertEng] “C:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe” /a /m “C:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll”

O4 - HKLM…\Run: [WireLessMouse] C:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe MouseDrv.exe

O4 - HKLM…\Run: [WireLessKeyboard] C:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe PS2USBKbdDrv.exe

O4 - HKLM…\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”

O4 - HKLM…\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”

O4 - HKLM…\Run: [GrooveMonitor] “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”

O4 - HKLM…\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKCU…\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKCU…\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray

O4 - HKCU…\Run: [bitTorrent DNA] “C:\Users\Patrycja\Program Files\DNA\btdna.exe”

O4 - HKCU…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun

O4 - HKCU…\Run: [ALLUpdate] “C:\Program Files\ALLPlayer\ALLUpdate.exe” “sleep”

O4 - HKCU…\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19…\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)

O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)

O4 - HKUS\S-1-5-20…\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: DiaryOne: Save full text - C:\Program Files\DiaryOne\Script\fullcatcher.htm

O8 - Extra context menu item: DiaryOne: Save selected text - C:\Program Files\DiaryOne\Script\catcher.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra ‘Tools’ menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O13 - Gopher Prefix:

O15 - Trusted Zone: http://www.mks.com.pl

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

O17 - HKLM\System\CCS\Services\Tcpip…{466E0C00-909B-4281-B5CA-88AB630B7537}: NameServer = 193.41.112.18 193.41.112.14

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe

O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

–

End of file - 10642 bytes

wejdź tutaj i sciagnij “dr.web@”

http://www.tony.pl/

Log czysty

Pobierz Combofix http://www.searchengines.pl/index.php?s … ntry395642 uruchom dwuklikiem pokaż log

Podczas pobierania i skanu Combofixem proszę wyłączyć wszelkie zapory i antywirusy

dzieki.jak radziłes,tak zrobiłam. oto log :

ComboFix 09-01-15.01 - Patrycja 2009-01-16 16:02:10.1 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.1.1033.18.2815.1567 [GMT 1:00]

Uruchomiony z: c:\users\Patrycja\Desktop\ComboFix.exe

AV: Norton 360 *On-access scanning disabled* (Outdated)

FW: Norton 360 *disabled*

* Utworzono nowy punkt przywracania

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_AVG

((((((((((((((((((((((((( Pliki utworzone od 2008-12-16 do 2009-01-16 )))))))))))))))))))))))))))))))

.

2009-01-16 15:01 . 2009-01-16 15:01

2009-01-16 14:55 . 2009-01-16 14:55

2009-01-14 13:12 . 2009-01-15 15:17

2009-01-14 12:43 . 2009-01-16 16:05

2009-01-14 12:43 . 2009-01-14 12:43 324,872 --a------ c:\windows\System32\drivers\avgldx86.sys

2009-01-14 12:43 . 2009-01-14 12:43 107,272 --a------ c:\windows\System32\drivers\avgtdix.sys

2009-01-14 12:43 . 2009-01-14 12:43 12,552 --a------ c:\windows\System32\drivers\avgrkx86.sys

2009-01-14 12:43 . 2009-01-14 12:43 10,520 --a------ c:\windows\System32\avgrsstx.dll

2009-01-14 12:42 . 2009-01-14 12:42

2009-01-14 12:42 . 2009-01-14 12:42

2009-01-14 12:42 . 2009-01-14 12:42

2009-01-14 12:42 . 2009-01-14 12:42 23,832 --a------ c:\windows\System32\drivers\avgfwd6x.sys

2009-01-14 01:02 . 2008-12-16 03:42 288,768 --a------ c:\windows\System32\drivers\srv.sys

2009-01-13 23:23 . 2009-01-13 23:23

2009-01-13 23:23 . 2009-01-13 23:23

2009-01-13 22:27 . 2006-10-26 19:56 32,592 --a------ c:\windows\System32\msonpmon.dll

2009-01-13 22:24 . 2009-01-13 22:24

2009-01-13 22:24 . 2009-01-13 22:24

2009-01-13 22:23 . 2009-01-13 22:23

2009-01-13 22:22 . 2009-01-15 00:02

2009-01-13 22:22 . 2009-01-15 00:02

2009-01-13 22:20 . 2009-01-13 22:20

2009-01-08 22:19 . 2009-01-08 22:18 410,984 --a------ c:\windows\System32\deploytk.dll

2009-01-08 22:17 . 2009-01-08 22:17

2009-01-06 18:40 . 2009-01-06 18:40

2009-01-02 23:24 . 2009-01-02 23:24

2009-01-01 20:52 . 2009-01-01 20:52

2009-01-01 20:38 . 2009-01-01 20:38

2009-01-01 20:38 . 2009-01-01 20:38

2009-01-01 20:38 . 2009-01-01 20:38

2009-01-01 20:38 . 2009-01-01 20:38

2009-01-01 03:37 . 2009-01-01 03:37

2008-12-26 17:39 . 2008-12-26 17:39

2008-12-21 23:17 . 2008-12-21 23:27

2008-12-21 23:12 . 2008-12-21 23:12

2008-12-21 21:05 . 2008-12-21 21:05

2008-12-21 21:05 . 2008-12-21 21:05

2008-12-21 20:57 . 2008-12-21 20:57

2008-12-21 20:55 . 2008-12-21 20:55

2008-12-21 20:55 . 2008-12-21 20:55

2008-12-21 20:51 . 2008-12-21 20:51

2008-12-21 20:51 . 2008-12-21 20:51

2008-12-21 20:50 . 2008-12-21 20:50

2008-12-21 20:49 . 2008-12-21 20:49

2008-12-21 20:49 . 2008-12-21 20:49

2008-12-21 20:49 . 2007-11-07 03:10 271,704 --a------ c:\windows\System32\hpzids01.dll

2008-12-21 20:49 . 2007-12-03 18:57 118,272 --a------ c:\windows\System32\hpz3l5mu.dll

2008-12-21 20:48 . 2008-12-21 20:48

2008-12-21 20:48 . 2007-11-07 03:04 1,373,528 -ra------ c:\windows\hpzshl01.exe

2008-12-21 20:48 . 2007-11-07 03:15 1,140,056 -ra------ c:\windows\hpzmsi01.exe

2008-12-21 20:48 . 2007-10-31 11:35 729,088 --a------ c:\windows\System32\hpwwiax4.dll

2008-12-21 20:48 . 2007-10-31 11:35 593,920 --a------ c:\windows\System32\hpwtscl3.dll

2008-12-21 20:48 . 2007-01-17 17:37 364,544 --a------ c:\windows\System32\hppldcoi.dll

2008-12-21 20:48 . 2007-01-17 17:37 309,760 --a------ c:\windows\System32\difxapi.dll

2008-12-21 20:48 . 2007-01-17 17:31 294,912 --a------ c:\windows\System32\hpovst11.dll

2008-12-21 20:48 . 2008-01-08 13:44 12,054 -ra------ c:\windows\hpwscr20.dat

2008-12-21 20:47 . 2008-12-21 20:51

2008-12-21 20:44 . 2008-12-21 20:57

2008-12-21 20:44 . 2008-12-21 20:57

2008-12-21 20:44 . 2008-12-21 20:57 193,367 --a------ c:\windows\hpwins20.dat

2008-12-20 15:57 . 2009-01-05 21:04

2008-12-20 15:57 . 2008-12-20 15:57 56 --ah----- c:\users\All Users\ezsidmv.dat

2008-12-20 15:57 . 2008-12-20 15:57 56 --ah----- c:\programdata\ezsidmv.dat

2008-12-20 15:56 . 2009-01-05 22:54

2008-12-20 15:56 . 2008-12-20 15:56

2008-12-20 15:51 . 2009-01-05 21:19

2008-12-20 15:51 . 2008-12-20 15:51

2008-12-20 15:51 . 2008-12-20 15:51

2008-12-20 15:51 . 2008-12-20 15:51

2008-12-17 17:09 . 2009-01-16 11:10

2008-12-16 23:57 . 2008-12-16 23:57

2008-12-16 18:56 . 2008-12-16 18:56

2008-12-16 18:28 . 2008-12-16 18:28

2008-12-16 18:28 . 2008-12-16 18:29

2008-12-16 15:49 . 2008-12-16 15:49 257 --a------ c:\windows\red_dialer.ini

2008-12-16 15:31 . 2008-12-16 15:31

2008-12-16 15:28 . 2008-12-16 15:28

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-16 15:04 --------- d-----w c:\users\Patrycja\AppData\Roaming\DNA

2009-01-16 13:56 --------- d-----w c:\programdata\Symantec

2009-01-15 16:00 5,762 ----a-w c:\users\Patrycja\AppData\Roaming\wklnhst.dat

2009-01-14 23:02 --------- d-----w c:\program files\Windows Mail

2009-01-13 22:21 --------- d–h--w c:\program files\InstallShield Installation Information

2009-01-13 22:21 --------- d-----w c:\program files\Wiedźmin

2009-01-13 21:25 --------- d-----w c:\program files\MSBuild

2009-01-09 10:20 --------- d-----w c:\program files\Norton 360

2009-01-07 20:49 --------- d-----w c:\users\Patrycja\AppData\Roaming\BitTorrent

2009-01-06 22:15 --------- d-----w c:\program files\Common Files\Adobe

2009-01-06 12:24 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF

2009-01-06 12:24 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS

2009-01-06 12:24 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT

2009-01-06 12:24 --------- d-----w c:\program files\Symantec

2009-01-03 15:06 --------- d-----w c:\program files\Google

2009-01-03 14:43 --------- d-----w c:\users\Patrycja\AppData\Roaming\Packard Bell

2009-01-01 19:55 --------- d-----w c:\programdata\Roxio

2008-12-16 14:49 --------- d-----w c:\program files\DNA

2008-12-16 14:48 --------- d-----w c:\programdata\NVIDIA

2008-12-16 14:29 717,296 ----a-w c:\windows\system32\drivers\sptd.sys

2008-12-05 14:20 0 —ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2008-11-30 19:49 278,984 ----a-w c:\windows\system32\drivers\atksgt.sys

2008-11-30 19:49 25,416 ----a-w c:\windows\system32\drivers\lirsgt.sys

2008-11-27 10:36 174 --sha-w c:\program files\desktop.ini

2008-11-27 10:28 --------- d-----w c:\program files\Windows Sidebar

2008-11-27 10:28 --------- d-----w c:\program files\Windows Photo Gallery

2008-11-27 10:28 --------- d-----w c:\program files\Windows Journal

2008-11-27 10:28 --------- d-----w c:\program files\Windows Defender

2008-11-27 10:28 --------- d-----w c:\program files\Windows Collaboration

2008-11-27 10:28 --------- d-----w c:\program files\Windows Calendar

2008-11-27 10:06 82,432 ----a-w c:\windows\System32\axaltocm.dll

2008-11-27 10:06 101,888 ----a-w c:\windows\System32\ifxcardm.dll

2008-11-24 14:09 --------- d-----w c:\program files\DiaryOne

2008-11-22 22:02 --------- d-----w c:\users\Patrycja\AppData\Roaming\Gadu-Gadu

2008-11-22 21:54 --------- d–h--w c:\programdata\CanonBJ

2008-11-22 21:53 --------- d-----w c:\program files\Canon

2008-11-22 10:08 --------- d-----w c:\program files\Lavalys

2008-11-22 08:26 269,312 ----a-w c:\windows\System32\es.dll

2008-11-21 22:36 --------- d-----w c:\program files\Alcohol Soft

2008-11-21 22:07 --------- d-----w c:\users\Patrycja\AppData\Roaming\LG Electronics

2008-11-21 22:03 --------- d-----w c:\program files\LG Electronics

2008-11-21 21:52 --------- d-----w c:\program files\Ubisoft

2008-11-21 21:41 --------- d-----w c:\users\Patrycja\AppData\Roaming\Roxio

2008-11-21 21:30 --------- d-----w c:\programdata\Templates

2008-11-21 21:30 --------- d-----w c:\programdata\Start Menu

2008-11-21 21:30 --------- d-----w c:\programdata\Favorites

2008-11-21 21:30 --------- d-----w c:\programdata\Documents

2008-11-21 21:30 --------- d-----w c:\programdata\Desktop

2008-11-21 21:30 --------- d-----w c:\programdata\Application Data

2008-11-21 20:00 --------- d-----w c:\program files\BitTorrent

2008-11-21 19:24 --------- d-----w c:\users\Patrycja\AppData\Roaming\Template

2008-11-21 19:20 --------- d-----w c:\program files\Gadu-Gadu

2008-11-21 18:30 61,440 ----a-w c:\windows\System32\winipsec.dll

2008-11-21 18:30 361,984 ----a-w c:\windows\System32\IPSECSVC.DLL

2008-11-21 18:30 28,672 ----a-w c:\windows\System32\FwRemoteSvr.dll

2008-11-21 18:30 272,896 ----a-w c:\windows\System32\polstore.dll

2008-11-21 18:29 2,560 ----a-w c:\windows\AppPatch\AcRes.dll

2008-11-21 18:29 1,695,744 ----a-w c:\windows\System32\gameux.dll

2008-11-21 18:27 428,544 ----a-w c:\windows\System32\EncDec.dll

2008-11-21 18:27 293,376 ----a-w c:\windows\System32\psisdecd.dll

2008-11-21 18:26 212,480 ----a-w c:\windows\system32\drivers\mrxsmb10.sys

2008-11-21 18:24 303,616 ----a-w c:\windows\System32\wmpeffects.dll

2008-11-21 18:23 2,048 ----a-w c:\windows\System32\msxml3r.dll

2008-11-21 18:23 2,032,640 ----a-w c:\windows\System32\win32k.sys

2008-11-21 18:23 1,191,936 ----a-w c:\windows\System32\msxml3.dll

2008-11-21 18:18 988,216 ----a-w c:\windows\System32\winload.exe

2008-11-21 18:18 927,288 ----a-w c:\windows\System32\winresume.exe

2008-11-21 18:18 615,992 ----a-w c:\windows\System32\ci.dll

2008-11-21 18:18 6,656 ----a-w c:\windows\System32\kbd106n.dll

2008-11-21 18:18 46,592 ----a-w c:\windows\System32\setbcdlocale.dll

2008-11-21 18:18 40,960 ----a-w c:\windows\System32\srclient.dll

2008-11-21 18:18 378,368 ----a-w c:\windows\System32\srcore.dll

2008-11-21 18:18 318,464 ----a-w c:\windows\System32\rstrui.exe

2008-11-21 18:18 19,000 ----a-w c:\windows\System32\kd1394.dll

2008-11-21 18:18 14,848 ----a-w c:\windows\System32\srdelayed.exe

2008-11-21 18:17 443,392 ----a-w c:\windows\System32\win32spl.dll

2008-11-21 18:17 37,888 ----a-w c:\windows\System32\printcom.dll

2008-11-21 18:16 84,480 ----a-w c:\windows\System32\INETRES.dll

2008-11-21 18:16 738,304 ----a-w c:\windows\System32\inetcomm.dll

2008-11-21 18:16 14,848 ----a-w c:\windows\System32\wshrm.dll

2008-11-21 18:16 113,664 ----a-w c:\windows\system32\drivers\rmcast.sys

2008-11-21 18:16 --------- d-----w c:\program files\Multimedia Combo Set Driver

2008-11-21 18:14 1,314,816 ----a-w c:\windows\System32\quartz.dll

2008-11-21 18:14 --------- d-----w c:\program files\MSXML 4.0

2008-11-21 18:12 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe

2008-11-21 18:12 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe

2008-11-21 18:12 2,048 ----a-w c:\windows\System32\msxml6r.dll

2008-11-21 18:12 1,334,272 ----a-w c:\windows\System32\msxml6.dll

2008-11-21 17:32 --------- d-----w c:\programdata{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

2008-11-21 17:31 --------- d-----w c:\program files\Common Files\Symantec Shared

2008-11-21 17:24 51,224 ----a-w c:\windows\System32\wuauclt.exe

2008-11-21 17:24 43,544 ----a-w c:\windows\System32\wups2.dll

2008-11-21 17:24 1,809,944 ----a-w c:\windows\System32\wuaueng.dll

2008-11-21 17:24 1,524,736 ----a-w c:\windows\System32\wucltux.dll

2008-11-21 17:23 83,456 ----a-w c:\windows\System32\wudriver.dll

2008-11-21 17:23 561,688 ----a-w c:\windows\System32\wuapi.dll

2008-11-21 17:23 34,328 ----a-w c:\windows\System32\wups.dll

2008-11-21 17:23 31,232 ----a-w c:\windows\System32\wuapp.exe

2008-11-21 17:23 162,064 ----a-w c:\windows\System32\wuwebv.dll

2008-11-21 16:12 --------- d-----w c:\program files\Sferia

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe” [2008-01-19 1233920]

“SmpcSys”=“c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe” [2007-07-19 1120568]

“Gadu-Gadu”=“c:\program files\Gadu-Gadu\gg.exe” [2008-03-20 2127296]

“BitTorrent DNA”=“c:\users\Patrycja\Program Files\DNA\btdna.exe” [2008-12-21 342848]

“ehTray.exe”=“c:\windows\ehome\ehTray.exe” [2008-01-19 125952]

“DAEMON Tools Lite”=“c:\program files\DAEMON Tools Lite\daemon.exe” [2008-07-24 490952]

“ALLUpdate”=“c:\program files\ALLPlayer\ALLUpdate.exe” [2008-11-24 869888]

“WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe” [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“RoxWatchTray”=“c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe” [2007-01-11 232184]

“MSPService”=“c:\program files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe” [2007-06-12 102400]

“ccApp”=“c:\program files\Common Files\Symantec Shared\ccApp.exe” [2007-05-18 115816]

“Picasa Media Detector”=“c:\program files\Picasa2\PicasaMediaDetector.exe” [2007-02-21 366400]

“toolbar_eula_launcher”=“c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe” [2007-02-20 28672]

“Symantec PIF AlertEng”=“c:\program files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe” [2008-01-29 583048]

“WireLessMouse”=“c:\program files\Multimedia Combo Set Driver\StartAutorun.exe” [2005-11-30 94208]

“WireLessKeyboard”=“c:\program files\Multimedia Combo Set Driver\StartAutorun.exe” [2005-11-30 94208]

“NvSvc”=“c:\windows\system32\nvsvc.dll” [2007-10-04 86016]

“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2007-10-04 8497696]

“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2007-10-04 81920]

“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2008-10-15 39792]

“HP Software Update”=“c:\program files\HP\HP Software Update\HPWuSchd2.exe” [2007-10-14 49152]

“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2009-01-08 136600]

“GrooveMonitor”=“c:\program files\Microsoft Office\Office12\GrooveMonitor.exe” [2006-10-27 31016]

“AVG8_TRAY”=“c:\progra~1\AVG\AVG8\avgtray.exe” [2009-01-14 1601304]

“RtHDVCpl”=“RtHDVCpl.exe” [2007-09-19 c:\windows\RtHDVCpl.exe]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

“EnableUIADesktopToggle”= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

“AppInit_DLLs”=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

“DisableMonitoring”=dword:00000001

[HKLM~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]

“EnableFirewall”= 0 (0x0)

[HKLM~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

“{E039F641-3A4F-457E-BBE1-8002AD2E38E8}”= c:\program files\CyberLink\MagicSports\MagicSports.exe:CyberLink MagicSports

“{16319EAD-2D94-4107-B0EF-C3EDC50BA657}”= UDP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (TCP-In)

“{0351F666-5559-405A-9F8B-73A1FC655669}”= TCP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (UDP-In)

“{7A6A37D5-D748-4E5E-B89E-2C66DC13A1C0}”= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)

“{539E9DD5-5A96-4660-9F47-4F3F4BAFF542}”= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)

“{46D70881-8C79-496C-A0C5-B5A28D3D3A13}”= c:\program files\Skype\Phone\Skype.exe:Skype

“{EA5937E9-83AB-4F5C-AF59-4B0E9E8FB765}”= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe

“{835A864C-CC2E-4C6D-B757-561B94BC1855}”= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe

“{6212DB67-CCF6-4AD3-986A-B7107795B4B4}”= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe

“{9B547C52-24D1-482C-A63B-B98A4292AE61}”= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe

“{4FE2E77B-EFC4-4921-9AF9-CBE410E885C7}”= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe

“{984BD1FA-5A5E-4E3F-9E50-3F53006B6123}”= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe

“{B1FF1FEB-00B2-4DE0-B53C-412BE0FD7260}”= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe

“{BEED4BF6-52FE-4EBF-9F24-DC9BDE1E5C30}”= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe

“{A5FFE3E9-0685-4E81-8C69-005DBB95D30D}”= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe

“{52B6A0ED-FA1D-4053-AD15-370122B5F7B9}”= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe

“{F05D61A9-34B7-4BA1-AD93-F0801B656D37}”= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe

“{1442E7D7-5954-4A5F-8FED-DA6A8EAF2C6F}”= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe

“{154CAD47-0CC0-438F-9227-30A0A5BA0091}”= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe

“{98D469D9-851F-412B-9F7A-775ADD41909C}”= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe

“{4F751583-CE86-4345-B8F2-D7CCE1266C88}”= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook

“{0D9B46EA-CA61-40A0-80D1-0D8725B9B9D3}”= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove

“{899E3174-D68F-4A89-92BC-A36D67A0DB49}”= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove

“{96543DA0-17EB-4A11-8C81-AD9EBDA2C43E}”= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

“{31F15D22-A088-4A14-A620-783D324062C8}”= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

“{27580BDF-BD45-433F-8091-5CD0D0E0E779}”= c:\program files\AVG\AVG8\avgam.exe:avgam.exe

“{F3C004EC-81B9-403E-A4E9-E7B09B59DEBB}”= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe

“{594ADD4D-8A6A-4910-9D9D-F13CFA1CCC41}”= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe

[HKLM~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

“EnableFirewall”= 0 (0x0)

[HKLM~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

“EnableFirewall”= 0 (0x0)

[HKLM~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

“c:\Program Files\BitTorrent\bittorrent.exe”= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 AvgRkx86;avgrkx86.sys;c:\windows\System32\drivers\avgrkx86.sys [2009-01-14 12552]

R1 Avgfwfd;AVG network filter service;c:\windows\System32\drivers\avgfwd6x.sys [2009-01-14 23832]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2009-01-14 324872]

R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2009-01-14 107272]

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20090113.002\IDSvix86.sys [2009-01-15 270384]

R1 nltdi;nltdi;c:\windows\System32\drivers\nltdi.sys [2007-04-23 82200]

R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\System32\drivers\adusbser.sys [2006-12-20 97920]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-12-11 99376]

R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [2007-05-18 38200]

R4 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-14 298264]

R4 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [2009-01-14 1339600]

— Inne Uslugi/Sterowniki w Pamieci —

*NewlyCreated* - COMHOST

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{1333c401-cb7e-11dd-9265-001e903f4bf2}]

\shell\AutoRun\command - J:\autorun1.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{15d15586-c8fd-11dd-bc1d-001e903f4bf2}]

\shell\AutoRun\command - J:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{6c2433b8-d7a8-11dd-8700-001e903f4bf2}]

\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe

.

Zawartość folderu ‘Zaplanowane zadania’

2008-11-28 c:\windows\Tasks\HDReg.job

• c:\program files\HDReg\HDRegRem.exe [2003-07-15 09:14]

2009-01-16 c:\windows\Tasks\User_Feed_Synchronization-{22F5F9B8-3E65-4FF9-8CFA-2B8A4B6FD9AF}.job

• c:\windows\system32\msfeedssync.exe [2008-01-19 08:33]

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.google.pl/

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

IE: DiaryOne: Save full text - c:\program files\DiaryOne\Script\fullcatcher.htm

IE: DiaryOne: Save selected text - c:\program files\DiaryOne\Script\catcher.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

Trusted Zone: www.mks.com.pl

c:\windows\System32\SkanerOnlineUninstall.exe - c:\windows\System32\SkanerOnline.dll

O16 -: {68282C51-9459-467B-95BF-3C0E89627E55}

hxxp://www.mks.com.pl/skaner/SkanerOnline.cab

c:\windows\Downloaded Program Files\SkanerOnline.inf

FF - ProfilePath - c:\users\Patrycja\AppData\Roaming\Mozilla\Firefox\Profiles\52rj1ddi.default\

FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll

FF - component: c:\users\Patrycja\AppData\Roaming\Mozilla\Firefox\Profiles\52rj1ddi.default\extensions\piclens@cooliris.com\components\coolirisstub.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll

FF - plugin: c:\users\Patrycja\Program Files\DNA\plugins\npbtdna.dll

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-16 16:07:50

Windows 6.0.6001 Service Pack 1 NTFS

skanowanie ukrytych procesów …

skanowanie ukrytych wpisów autostartu …

skanowanie ukrytych plików …

**************************************************************************

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\windows\System32\audiodg.exe

c:\program files\Common Files\Symantec Shared\ccSvcHst.exe

c:\program files\NetLimiter 2 Pro\nlsvc.exe

c:\program files\CyberLink\Shared Files\RichVideo.exe

c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

c:\progra~1\AVG\AVG8\avgam.exe

c:\progra~1\AVG\AVG8\avgrsx.exe

c:\progra~1\AVG\AVG8\avgnsx.exe

c:\windows\System32\WUDFHost.exe

c:\program files\NetLimiter 2 Pro\NLClient.exe

c:\windows\System32\conime.exe

c:\combofix\hidec.exe

c:\windows\System32\rundll32.exe

c:\program files\Multimedia Combo Set Driver\MouseDrv.exe

c:\windows\System32\rundll32.exe

c:\program files\Multimedia Combo Set Driver\PS2USBKbdDrv.exe

c:\program files\AVG\AVG8\avgtray.exe

c:\windows\ehome\ehmsas.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\program files\HP\Digital Imaging\bin\hpqste08.exe

c:\program files\HP\Digital Imaging\bin\hpqbam08.exe

c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe

c:\windows\System32\wbem\WMIADAP.exe

c:\combofix\Catchme.tmp

.

**************************************************************************

.

Czas ukończenia: 2009-01-16 16:11:41 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2009-01-16 15:10:20

Przed: 363 878 502 400 bytes free

Po: 364,128,436,224 bytes free

369 — E O F — 2009-01-14 23:02:37

Log wygląda na czysty

Pobierz CCleaner http://www.filehippo.com/download_ccleaner/

przeskanuj nim i wyczyść rejestr.

zrób optymalizacje uruchamiania

http://cybertrash.netarteria.pl/cyber/i … 378.0.html

usuń ręcznie folder C: \Qoobox usuń instalkę Combofix z dysku.

Wyłącz I włącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl

przeskanuj obszar Mój komputer http://www.kaspersky.pl/virusscanner.html gdy będą wirusy pokaż raport