Logi - Prośba o analizę

Hejj witam. Nie było mnie przy moim poprzednim kompie ordynacie więc nie mogłem zamieścić logów... Zamieszczę je jeszcze dzisiaj. Tym czasem kolega poprosił mnie o sprawdzenie jego logów przez ciebie
Log z CFix'a

ComboFix 08-08-25.01 - kamil 2008-08-26 16:07:05.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic   6.0.6000.0.1250.1.1045.18.461 [GMT 2:00]
Running from: C:\Users\kamil\Desktop\ComboFix.exe
 * Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\1.bin\M9PLUGIN.DLL
C:\Program Files\myglobalsearch\bar\1.bin\MGSBAR.DLL
C:\Program Files\myglobalsearch\bar\1.bin\NPMYGLSH.DLL
C:\Program Files\myglobalsearch\bar\Cache\files.ini
C:\Program Files\myglobalsearch\bar\History\search
D:\Autorun.inf

.
(((((((((((((((((((((((((   Files Created from 2008-07-26 to 2008-08-26  )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-26 13:59	---------	d-----w	C:\Users\kamil\AppData\Roaming\Skype
2008-08-26 13:46	---------	d-----w	C:\Program Files\Electronic Arts
2008-08-26 13:46	---------	d-----w	C:\Program Files\Counter-Strike 1.6
2008-08-26 13:45	---------	d-----w	C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a>
2008-08-26 13:44	---------	d-----w	C:\Users\kamil\AppData\Roaming\skypePM
2008-08-26 11:54	---------	d-----w	C:\Program Files\Warcraft III
2008-08-26 09:56	---------	d-----w	C:\Program Files\World of Warcraft
2008-08-23 13:20	---------	d-----w	C:\Users\kamil\AppData\Roaming\Hamachi
2008-08-21 13:52	2,560	----a-w	C:\windows\_MSRSTRT.EXE
2008-08-20 15:52	---------	d-----w	C:\Program Files\PC Tools AntiVirus
2008-08-20 15:51	---------	d---a-w	C:\ProgramData\TEMP
2008-08-13 17:57	---------	d-----w	C:\Program Files\Windows Mail
2008-08-09 20:08	---------	d-----w	C:\Users\kamil\AppData\Roaming\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a>
2008-08-09 20:03	---------	d-----w	C:\ProgramData\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a> Toolbar
2008-08-09 20:03	---------	d-----w	C:\ProgramData\OrbNetworks
2008-08-09 20:03	---------	d-----w	C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a> Toolbar
2008-08-09 20:03	---------	d-----w	C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a> Remote
2008-08-01 20:12	56	---ha-w	C:\Users\All Users\ezsidmv.dat
2008-08-01 20:12	56	---ha-w	C:\ProgramData\ezsidmv.dat
2008-08-01 20:00	---------	d-----w	C:\ProgramData\Skype
2008-08-01 20:00	---------	d-----w	C:\Program Files\Skype
2008-08-01 20:00	---------	d-----w	C:\Program Files\Common Files\Skype
2008-07-23 11:56	---------	d-----w	C:\Program Files\Panda Security
2008-07-20 06:58	---------	d-----w	C:\Program Files\Common Files\Blizzard Entertainment
2008-07-18 11:06	---------	d-----w	C:\Program Files\RTL
2008-07-18 11:05	---------	d--h--w	C:\Program Files\InstallShield Installation Information
2008-07-18 11:00	---------	d-----w	C:\Program Files\Common Files\Nokia
2008-07-18 10:57	---------	d-----w	C:\Users\kamil\AppData\Roaming\Nokia
2008-07-18 10:56	---------	d-----w	C:\Program Files\Common Files\PCSuite
2008-07-17 20:17	---------	d-----w	C:\Users\kamil\AppData\Roaming\AdobeUM
2008-07-17 09:47	---------	d-----w	C:\ProgramData\PC Suite
2008-07-17 09:43	---------	d-----w	C:\ProgramData\Nokia
2008-07-17 09:43	---------	d-----w	C:\Program Files\Nokia
2008-07-17 09:41	---------	d-----w	C:\Users\kamil\AppData\Roaming\PC Suite
2008-07-17 09:38	---------	d-----w	C:\Program Files\PC Connectivity Solution
2008-07-15 23:48	2,048	----a-w	C:\windows\System32\tzres.dll
2008-07-10 08:37	174	--sha-w	C:\Program Files\desktop.ini
2008-06-30 16:02	---------	d-----w	C:\Program Files\Ubisoft
2008-06-28 20:35	108,144	----a-w	C:\windows\System32\CmdLineExt.dll
2008-06-27 03:54	826,368	----a-w	C:\windows\System32\wininet.dll
2008-06-27 03:54	56,320	----a-w	C:\windows\System32\iesetup.dll
2008-06-27 03:54	52,736	----a-w	C:\windows\AppPatch\iebrshim.dll
2008-06-27 03:54	26,624	----a-w	C:\windows\System32\ieUnatt.exe
2008-06-26 13:14	---------	d-----w	C:\Program Files\EA GAMES
2008-06-26 00:34	7,964,672	----a-w	C:\windows\System32\NlsLexicons0024.dll
2008-06-26 00:33	9,892,864	----a-w	C:\windows\System32\NlsLexicons000a.dll
2008-06-19 03:25	61,440	----a-w	C:\windows\System32\winipsec.dll
2008-06-19 03:25	361,984	----a-w	C:\windows\System32\IPSECSVC.DLL
2008-06-19 03:25	28,672	----a-w	C:\windows\System32\FwRemoteSvr.dll
2008-06-19 03:25	272,896	----a-w	C:\windows\System32\polstore.dll
2008-06-01 21:13	2,829	----a-w	C:\windows\War3Unin.pif
2008-06-01 21:13	139,264	----a-w	C:\windows\War3Unin.exe
2004-10-01 14:00	40,960	----a-w	C:\Program Files\Uninstall_CDS.exe
2008-04-25 12:35	16,384	--sha-w	C:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-04-25 12:35	32,768	--sha-w	C:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-04-25 12:35	16,384	--sha-w	C:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a> Toolbar\winamptb.dll" [2008-07-16 22:51 1266992]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-04-24 15:53 1232896]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 13:24 167368]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-04-24 14:02 171448]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 12:04 2127296]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:34 201728]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-07-30 17:17 21738792]
"Orb"="C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a> Remote\bin\OrbTray.exe" [2008-04-01 03:54 507904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="C:\Program Files\PDF Complete\pdfsty.exe" [2007-02-02 07:43 330264]
"SetRefresh"="C:\Program Files\HP\SetRefresh\SetRefresh.exe" [2003-11-20 20:01 525824]
"amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2006-11-17 16:49 77824]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 14:42 267064]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 21:24 32768]
"hffsrv"="c:\windows\hffext\hffsrv.exe" [2007-01-02 21:04 83968]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"SecurDisc"="C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 15:55 1628208]
"InCD"="C:\Program Files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 15:55 1057328]
"NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 16:30 3096576]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46 57344]
"<a href="http://www.download.net.pl/1/Winamp/">Winamp</a>Agent"="C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a>\winampa.exe" [2008-08-04 01:02 36352]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-08 19:51 4227072 C:\Windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
"VIDC.3iv2"= 3ivxVfWCodec.dll
"VIDC.VP31"= vp31vfw.dll
"msacm.l3fhg"= mp3fhg.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FDCENT.SYS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HideFilesAndFolders_S]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9C22DBA4-0922-4967-B820-44013C824ACA}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{E5AE0598-B981-4A3F-BAE7-B5B80167989B}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{9851D195-B884-4240-9183-22E65B7B1933}C:\\program files\\activision\\call of duty 2\\cod2mp_s.exe"= UDP:C:\program files\activision\call of duty 2\cod2mp_s.exe:CoD2MP_s
"UDP Query User{81C753D8-9812-42E7-BA0A-EEFF075CB866}C:\\program files\\activision\\call of duty 2\\cod2mp_s.exe"= TCP:C:\program files\activision\call of duty 2\cod2mp_s.exe:CoD2MP_s
"TCP Query User{D39A1E36-BB67-4911-BC61-9AD595687AC1}C:\\program files\\sierra\\fear\\fearserver.exe"= UDP:C:\program files\sierra\fear\fearserver.exe:F.E.A.R. Stand-Alone Server
"UDP Query User{E27A9A33-6990-48DF-A3B3-45DB56AFDAA6}C:\\program files\\sierra\\fear\\fearserver.exe"= TCP:C:\program files\sierra\fear\fearserver.exe:F.E.A.R. Stand-Alone Server
"TCP Query User{ED88493A-42E4-45A4-BE35-3E21BD662372}C:\\program files\\thq\\dawn of war\\w40k.exe"= UDP:C:\program files\thq\dawn of war\w40k.exe:W40k
"UDP Query User{D2636D61-D5A4-436E-B3F4-AD504054651E}C:\\program files\\thq\\dawn of war\\w40k.exe"= TCP:C:\program files\thq\dawn of war\w40k.exe:W40k
"TCP Query User{1A1BCE9F-FB77-4568-BBC0-31F065ADFB03}C:\\program files\\thq\\dawn of war - dark crusade\\darkcrusade.exe"= UDP:C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe:DarkCrusade
"UDP Query User{BE658855-943E-46AC-8EA2-F3EABDB5E565}C:\\program files\\thq\\dawn of war - dark crusade\\darkcrusade.exe"= TCP:C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe:DarkCrusade
"TCP Query User{822463A1-293C-4C5B-9523-9D2FB65470A1}C:\\program files\\warcraft iii\\war3.exe"= UDP:C:\program files\warcraft iii\war3.exe:Warcraft III
"UDP Query User{96350772-D049-4D76-A30F-A1FC7C6611FE}C:\\program files\\warcraft iii\\war3.exe"= TCP:C:\program files\warcraft iii\war3.exe:Warcraft III
"{4F758442-696B-4AC6-8E75-0EC61C67A6E6}"= UDP:C:\Program Files\DNA\btdna.exe:DNA
"{91F569B0-7E58-47E7-BBEA-61434879BF76}"= TCP:C:\Program Files\DNA\btdna.exe:DNA
"{D010E5AA-7610-4E01-BE8D-6888BBD69EA5}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{64BB6C39-EA58-49D1-8583-F2C486A42CAF}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{D4E2AA12-2F8C-4976-84AC-8F5177B62487}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{5588F3C5-B025-4ADD-98D3-F7DA58DA73AF}C:\\program files\\world of warcraft\\repair.exe"= UDP:C:\program files\world of warcraft\repair.exe:Blizzard Repair Utility
"UDP Query User{7B8A584B-7A86-48C2-A872-C5FDD47FEC44}C:\\program files\\world of warcraft\\repair.exe"= TCP:C:\program files\world of warcraft\repair.exe:Blizzard Repair Utility
"{ED0BF7C8-7A4B-41F2-B287-B06904422E01}"= UDP:C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a> Remote\bin\Orb.exe:Orb
"{3177A99C-7883-4CA9-8DB7-961216A6D653}"= TCP:C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a> Remote\bin\Orb.exe:Orb
"{CA94E515-D539-4BF5-88EB-5E71D6E13178}"= UDP:C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a> Remote\bin\OrbTray.exe:OrbTray
"{5EEE4528-5BD6-4244-A0AD-711DD9EAE5C4}"= TCP:C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a> Remote\bin\OrbTray.exe:OrbTray
"{73C9EB9F-A724-4B5F-B980-9D69F0AE08D4}"= UDP:C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a> Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{3906171E-5694-4758-BEE6-FD9EDC08CEF1}"= TCP:C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a> Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"TCP Query User{0CEDBD93-9BBE-4371-8535-84AAD6B41519}C:\\program files\\bearshare\\bearshare.exe"= UDP:C:\program files\bearshare\bearshare.exe:BearShare
"UDP Query User{6F1F122E-254E-45A4-BD31-F8E3856F8573}C:\\program files\\bearshare\\bearshare.exe"= TCP:C:\program files\bearshare\bearshare.exe:BearShare

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\windows\system32\drivers\atipcie.sys [2006-10-30 12:22]
R0 ps7apucb;Cobra Oddzial Specjalny: Poscig Synchronization Driver (ps7apucb);C:\windows\system32\drivers\ps7apucb.sys [2007-12-21 10:39]
R1 FDCENT;FDCENT;C:\windows\system32\drivers\FDCENT.SYS [2006-12-30 17:54]
R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager;C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 12:04]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files\PDF Complete\pdfsvc.exe [2007-02-02 07:43]
S2 pr2apucb;Cobra Oddzial Specjalny: Poscig Drivers Auto Removal (pr2apucb);C:\windows\system32\pr2apucb.exe svc []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 09:30]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 10:07]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;C:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 10:43]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\windows\system32\DRIVERS\ss_bus.sys [2005-08-30 18:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\windows\system32\DRIVERS\ss_mdfl.sys [2005-08-30 18:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\windows\system32\DRIVERS\ss_mdm.sys [2005-08-30 18:59]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39dd324a-f67e-11dc-b586-0019db71c41e}]
\shell\AutoRun\command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8de45cc6-07cd-11dd-ac85-0019db71c41e}]
\shell\AutoRun\command - L:\EXPLORER.EXE
\shell\explore\Command - L:\EXPLORER.EXE
\shell\open\Command - L:\EXPLORER.EXE

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {AD10223B-5467-E1A7-58F0-299C859C4924} /qb
.
Contents of the 'Scheduled Tasks' folder

2008-08-26 C:\windows\Tasks\User_Feed_Synchronization-{04AE5E45-3B8A-4D99-9CBF-C53E7ED277F8}.job
- C:\windows\system32\msfeedssync.exe [2006-11-02 11:45]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-StartCCC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
HKCU-Run-lsass.exe - C:\windows\lsass.exe
HKCU-Run-PowerBar - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Profiles\zlmilt7f.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-26 16:11:32
Windows 6.0.6000  NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
  PowerBar = ??????%?0?&???????????e?3??????????wD??w??&?????(?&????????wI??w??????????&o??&o??&o\=#???&oD??????o??&o??@?????????l??????o\=#?I??o??e?X?&oH?&oX?&oL?#?H?&o???????oX?&o??@?8?@?????-?2w???oL?#??$@?8?@?8?@?????????X?#??=#???'??(#??<#??(#??=#????o????????h=#???? 
  lsass.exe = C:\windows\lsass.exe????????????????????????????? 

scanning hidden files ... 


C:\SYZ_DAT
C:\windows\system32\drivers\MFX.sys 45824 bytes executable

scan completed successfully
hidden files: 2

**************************************************************************
.
Completion time: 2008-08-26 16:13:48
ComboFix-quarantined-files.txt  2008-08-26 14:13:20

Pre-Run: System nie może znaleźć komunikatu dla numeru komunikatu 0x2379 w pliku komunikatów dla Application.
Post-Run: 33,379,106,816 bajtów wolnych

215	--- E O F ---	2008-08-26 13:26:18

Nie było mnie przy moim poprzednim kompie ordynacie

Wrócił już z urlopu Moderator @wncvirus, więc ja już tu nie jestem potrzebny, teraz On zajmie się udzielaniem porad.

Wklej do Notatnika:

File::
L:\EXPLORER.EXE

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39dd324a-f67e-11dc-b586-0019db71c41e}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8de45cc6-07cd-11dd-ac85-0019db71c41e}]

>>Plik>>Zapisz jako... >>> CFScript
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe
-->
Ma się rozpocząć usuwanie. (i powstanie log).
Daj ten log, który powstanie w trakcie usuwania.
Po restarcie usuń ręcznie folder C:\Qoobox.

ordynat