Mam problem, mam nadzieję, że znajdzie się osoba która mi pomorze, otóż mój problem polega na tym iż mój komputer zamieszkuje;)wirus :win32/adware.wirtumonde applikation . Od razu mówię że moja znajomość komputera jest bardzo słaba:). Ściągnęłam combofix, który dał mi poniższe informację. Jak ktoś będzie mi wstanie powiedzieć co dalej byłabym wdzięczna 
ComboFix 09-01-21.04 - Marek Pełka 2009-01-24 14:30:15.7 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1015.564 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Marek Pełka\Pulpit\ComboFix.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated)
* Resident AV is active
.
((((((((((((((((((((((((( Pliki utworzone od 2008-12-24 do 2009-01-24 )))))))))))))))))))))))))))))))
.
2009-01-24 12:55 . 2009-01-24 12:55 37,376 --a------ c:\windows\system32\nnnlmKDW.V04dll
2009-01-24 12:55 . 2009-01-24 12:55 37,376 --a------ c:\windows\system32\nnnlmKDW.V03dll
2009-01-24 12:55 . 2009-01-24 12:55 37,376 --a------ c:\windows\system32\nnnlmKDW.V02dll
2009-01-24 12:44 . 2009-01-24 12:44 46,454 --a------ c:\windows\system32\wvUnOEWO.dll
2009-01-24 12:23 . 2009-01-24 12:23 37,376 --a------ c:\windows\system32\nnnlmKDW.Vdll
2009-01-24 12:23 . 2009-01-24 12:23 37,376 --a------ c:\windows\system32\nnnlmKDW.V01dll
2009-01-24 12:23 . 2009-01-24 12:23 37,376 --a------ c:\windows\system32\nnnlmKDW.V00dll
2009-01-22 19:52 . 2009-01-22 19:52 512,096 --a------ c:\windows\system32\drivers\amon.sys
2009-01-22 19:52 . 2009-01-22 19:52 298,104 --a------ c:\windows\system32\imon.dll
2009-01-22 19:52 . 2009-01-22 19:52 15,424 --a------ c:\windows\system32\drivers\nod32drv.sys
2009-01-19 08:06 . 2009-01-19 08:06
2009-01-19 07:48 . 2007-01-13 08:24 770,048 --a------ c:\windows\system32\CDDBUISony.dll
2009-01-19 07:48 . 2007-01-13 08:22 655,360 --a------ c:\windows\system32\CDDBControlSony.dll
2009-01-19 07:48 . 2007-01-13 08:22 589,824 --a------ c:\windows\system32\CddbMusicIDSony.dll
2009-01-19 07:48 . 2007-01-13 08:25 532,480 --a------ c:\windows\system32\CddbPlaylist2Sony.dll
2009-01-19 07:48 . 2001-09-13 02:15 90,112 --------- c:\windows\snymsico.dll
2009-01-19 07:48 . 2007-01-13 08:24 73,728 --a------ c:\windows\system32\CddbLinkSony.dll
2009-01-19 07:48 . 2002-08-08 15:51 38,951 --------- c:\windows\system32\drivers\NETMDUSB.sys
2009-01-19 07:48 . 2005-10-31 10:46 36,679 --------- c:\windows\system32\drivers\NETMD052.sys
2009-01-19 07:48 . 2003-11-10 12:31 36,232 --------- c:\windows\system32\drivers\NETMD033.sys
2009-01-19 07:48 . 2003-04-01 18:55 35,319 --------- c:\windows\system32\drivers\NETMD031.sys
2009-01-19 07:47 . 2009-01-19 07:48
2009-01-19 07:47 . 2009-01-19 07:47
2009-01-19 07:46 . 2009-01-19 07:49
2009-01-19 07:46 . 2009-01-19 08:06
2009-01-07 08:06 . 2009-01-07 08:06 37,376 --------- c:\windows\system32\nnnlmKDW.dll
2009-01-05 20:25 . 2009-01-07 19:40 43,520 --a------ c:\windows\system32\CmdLineExt03.dll
2009-01-05 20:23 . 2009-01-05 20:23
2009-01-05 20:23 . 2001-06-14 10:30 1,044,480 --a------ c:\windows\system32\ROBOEX32.DLL
2009-01-05 20:23 . 1996-11-08 02:48 368,912 --a------ c:\windows\system32\vbar332.dll
2009-01-05 20:23 . 2004-02-04 14:16 163,840 --a------ c:\windows\system32\egusound.ocx
2009-01-05 20:23 . 1999-03-13 00:00 127,488 --a------ c:\windows\system32\Ccrpsld.ocx
2009-01-05 20:23 . 2004-05-12 09:31 49,152 --a------ c:\windows\system32\Inetwh32.dll
2008-12-29 16:47 . 2008-12-14 15:13 7,476 --a------ C:\readme.nfo
2008-12-29 09:03 . 1999-11-30 22:39 995,384 --a------ c:\program files\mfc42u.dll
2008-12-29 09:03 . 1999-04-23 21:22 995,383 --a------ c:\program files\mfc42.dll
2008-12-29 09:03 . 1999-04-23 21:22 266,293 --a------ c:\program files\msvcrt.dll
2008-12-29 09:03 . 2006-12-12 14:40 253,048 --a------ c:\program files\setup.exe
2008-12-29 09:03 . 2006-12-12 14:40 228,472 --a------ c:\program files\main.dll
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-24 06:05 --------- d-----w c:\documents and settings\Marek Pełka\Dane aplikacji\foobar2000
2009-01-24 05:56 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\services
2009-01-24 05:53 --------- d-----w c:\program files\ESET
2009-01-23 21:14 --------- d-----w c:\program files\Soulseek
2009-01-23 21:14 --------- d-----w c:\documents and settings\Marek Pełka\Dane aplikacji\uTorrent
2009-01-19 06:49 --------- d–h--w c:\program files\InstallShield Installation Information
2008-12-21 09:23 --------- d-----w c:\documents and settings\Marek Pełka\Dane aplikacji\dvdcss
2008-12-20 17:40 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\CyberLink
2008-12-14 08:15 --------- d-----w c:\program files\ffdshow
2008-12-10 05:16 --------- d-----w c:\program files\iolo
2008-12-09 17:17 --------- d-----w c:\program files\SHOUTcast Source
2008-12-09 17:16 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\iolo
2008-12-02 20:30 --------- d-----w c:\program files\SereneScreen
2008-12-02 18:15 --------- d-----w c:\program files\MediaCoder
2008-12-01 19:11 --------- d-----w c:\program files\RealMedia
2008-12-01 19:11 --------- d-----w c:\program files\CD Audio Reader Filter
2008-12-01 18:59 27,904 ----a-w c:\windows\system32\drivers\ndisprot.sys
2008-11-30 19:44 --------- d-----w c:\program files\WMV9_VCM
2008-10-27 09:04 70,992 ----a-w c:\windows\system32\XAPOFX1_2.dll
2008-10-27 09:04 514,384 ----a-w c:\windows\system32\XAudio2_3.dll
2008-10-27 09:04 235,856 ----a-w c:\windows\system32\xactengine3_3.dll
2008-10-27 09:04 23,376 ----a-w c:\windows\system32\X3DAudio1_5.dll
2006-12-12 13:52 562 ----a-w c:\program files\setup.xml
2006-12-12 13:49 859,928 ----a-w c:\program files\ntineten.nup
2006-12-12 13:49 2,161,669 ----a-w c:\program files\ntbaseen.nup
2006-12-12 13:49 1,421,444 ----a-w c:\program files\ntstden.nup
2006-12-12 09:37 5,458,856 ----a-w c:\program files\engine.nup
2006-12-09 02:43 6,091 ----a-w c:\program files\charon.nup
2006-12-09 02:43 402,071 ----a-w c:\program files\advheur.nup
2006-12-09 02:43 4,288 ----a-w c:\program files\pwscan.nup
2006-12-09 02:43 24,945 ----a-w c:\program files\utilmod.nup
2006-12-09 02:43 202,652 ----a-w c:\program files\archs.nup
2005-03-17 12:56 3,412 ----a-w c:\program files\readme.txt
2008-12-19 21:11 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2008-12-19 21:11 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-19 21:11 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2008-12-19 21:11 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2008-12-19 21:11 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.
((((((((((((((((((((((((((((( snapshot_2009-01-24_12.46.48.25 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-01-24 11:09:44 62,678 ----a-w c:\windows\system32\perfc009.dat
- 2009-01-24 12:12:26 62,678 ----a-w c:\windows\system32\perfc009.dat
- 2009-01-24 11:09:44 79,606 ----a-w c:\windows\system32\perfc015.dat
- 2009-01-24 12:12:26 79,606 ----a-w c:\windows\system32\perfc015.dat
- 2009-01-24 11:09:44 401,398 ----a-w c:\windows\system32\perfh009.dat
- 2009-01-24 12:12:26 401,398 ----a-w c:\windows\system32\perfh009.dat
- 2009-01-24 11:09:44 458,260 ----a-w c:\windows\system32\perfh015.dat
- 2009-01-24 12:12:26 458,260 ----a-w c:\windows\system32\perfh015.dat
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE~\Browser Helper Objects{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
2009-01-07 08:06 37376 --------- c:\windows\system32\nnnlmKDW.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\ctfmon.exe” [2004-08-03 15360]
“DAEMON Tools Lite”=“c:\program files\DAEMON Tools Lite\daemon.exe” [2008-04-01 486856]
“MSMSGS”=“c:\program files\Messenger\msmsgs.exe” [2004-10-13 1694208]
“Gadu-Gadu”=“c:\program files\Gadu-Gadu\gg.exe” [2008-03-20 2127296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“WatchDog”=“c:\program files\InterVideo\DVD Check\DVDCheck.exe” [2007-05-23 192512]
“NeroFilterCheck”=“c:\windows\system32\NeroCheck.exe” [2001-07-09 155648]
“USB Storage Toolbox”=“c:\program files\USB Disk Win98 Driver\Res.EXE” [2005-09-14 65536]
“RemoteControl”=“c:\program files\CyberLink\PowerDVD\PDVDServ.exe” [2007-01-08 68640]
“LanguageShortcut”=“c:\program files\CyberLink\PowerDVD\Language\Language.exe” [2007-01-08 52256]
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2008-06-12 34672]
“nod32kui”=“c:\program files\Eset\nod32kui.exe” [2009-01-22 949376]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2004-08-03 15360]
c:\documents and settings\Marek Peka\Menu Start\Programy\Autostart\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-02-06 561213]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-05-02 192512]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
“{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}”= “c:\windows\system32\nnnlmKDW.dll” [2009-01-07 37376]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnlmKDW]
2009-01-07 08:06 37376 c:\windows\system32\nnnlmKDW.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“msacm.avis”= ff_acm.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@=“Driver”
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
“EnableFirewall”= 0 (0x0)
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“c:\Program Files\uTorrent\uTorrent.exe”=
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2009-01-22 15424]
S3 CrystalSysInfo;CrystalSysInfo;??\c:\program files\MediaCoder\SysInfo.sys --> c:\program files\MediaCoder\SysInfo.sys [?]
S3 gtermddo;gtermddo;??\c:\docume~1\MAREKP~1\USTAWI~1\Temp\gtermddo.sys --> c:\docume~1\MAREKP~1\USTAWI~1\Temp\gtermddo.sys [?]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2008-12-01 27904]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{41e599e8-af18-11dd-8f68-001a6bdc3861}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{50581d9c-18d8-11dd-8d35-001a4b69f844}]
\Shell\AutoRun\command - I:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{cd0727e6-5287-11dd-8df9-001a4b69f844}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{cd0727e7-5287-11dd-8df9-001a4b69f844}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{eedab0e5-557f-11dd-8e06-001a73887298}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www2.iesearch.com/
uInternet Settings,ProxyOverride = *.local
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Wyślij do urządzenia &Bluetooth… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
LSP: c:\windows\system32\imon.dll
FF - ProfilePath - c:\documents and settings\Marek Pełka\Dane aplikacji\Mozilla\Firefox\Profiles\3z6q3v7t.default\
FF - component: c:\documents and settings\Marek Pełka\Dane aplikacji\Mozilla\Firefox\Profiles\3z6q3v7t.default\extensions{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - component: c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll
.
.
------- Skojarzenia plików -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-24 14:30:59
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów …
skanowanie ukrytych wpisów autostartu …
skanowanie ukrytych plików …
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
-
-
-
-
-
-
- > ‘winlogon.exe’(956)
-
-
-
-
-
c:\windows\system32\nnnlmKDW.dll
-
-
-
-
-
-
- > ‘lsass.exe’(1036)
-
-
-
-
-
c:\windows\system32\imon.dll
.
Czas ukończenia: 2009-01-24 14:32:13
ComboFix-quarantined-files.txt 2009-01-24 13:31:51
ComboFix2.txt 2009-01-24 13:09:15
ComboFix3.txt 2009-01-24 12:55:25
ComboFix4.txt 2009-01-24 12:23:16
ComboFix5.txt 2009-01-24 13:29:45
Przed: 2 528 083 968 bajtów wolnych
Po: 2,516,406,272 bajtów wolnych
206 — E O F — 2008-07-15 15:57:31
I co mam z tym zrobić :(((( Pomożcie!!