Witam, mam problem, chodzi o to, źe zainstalowal mi sie (sam?) jakis keylogger, zaczelo mi "nagle" zanikac miejsce na dysku (przywracanie systemu wylaczone). Gdy nacisne kombinacje przyciskow alt+l wyswietla mi sie monit o haslo, z naglowkiem w oknie "BlazingTools Perfect Keylogger", zaznaczam, ze jestem jedynym uzytkownikiem majacym dostep do tego komputera. Oto log z HijaakThis (probowalem usunac wpis ...c:\windows\system32\perfeckey.exe.., ale za kazdym razem pojawia sie on ponownie)

Logfile of HijackThis v1.99.0
Scan saved at 09:04:55, on 2005–04–23
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Trust\Ami Mouse Single Scroll\Amoumain.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\NetPanel\NetPanel.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\perfectkey.exe
C:\Program Files\LClock\lclock.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Documents and Settings\Igor Nitecki\Pulpit\Nieuźywane skróty pulpitu\hijackthis\HijackThis.exe

R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Yo ziom! :)
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: Idea2 SidebarBrowserMonitor Class – {45AD732C–2CE2–4666–B366–B2214AD57A49} – C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 – BHO: CNisExtBho Class – {9ECB9560–04F9–4bbc–943D–298DDF1699E1} – C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 – BHO: CNavExtBho Class – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 – BHO: CoTGT_BHO Class – {C333CF63–767F–4831–94AC–E683D962C63C} – C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 – Toolbar: Norton Internet Security – {0B53EAC3–8D69–4b9e–9B19–A37C9A5676A7} – C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [C–Media Mixer] Mixer.exe /startup
O4 – HKLM\..\Run: [WheelMouse] Amoumain.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [NetPanel] "C:\Program Files\NetPanel\Starter.exe" /path="C:\Program Files\NetPanel"
O4 – HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 – HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 – HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47–1B26–432e–9F84–188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
O4 – HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 – HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\STARDOCK\WINCUS~1\BOOTSKIN\BOOTSKIN.EXE" /StartupJobs
O4 – HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 – HKLM\..\Run: [Go!Zilla dial–up fix] "C:\Program Files\GoZilla\Go.exe" /FIXRAS
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" –osboot
O4 – HKLM\..\Run: [perfectkey] C:\WINDOWS\system32\perfectkey.exe
O4 – HKLM\..\RunServices: [Registry Checkup System32cd Monitor] Winregs32cdn.exe
O4 – HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 – HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe –Hide
O4 – Startup: Neo+.lnk = ?
O6 – HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 – HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 – Extra context menu item: &Add animation to IncrediMail Style Box – C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: (no name) – {C9B8ABB6–1CC3–4957–9CA3–053036B2EE3A}} – (no file)
O16 – DPF: {0F9B4CA4–A30F–480A–841D–69B45C50A8F8} (SekureL0gin.SekureKontrol) – http://secure2.comned.com/signuptemplates/AktiveSekurity.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{129F7181–2440–4B01–AA56–C2301EA75DD2}: NameServer = 194.204.152.34 217.98.63.164
O17 – HKLM\System\CS1\Services\Tcpip\..\{129F7181–2440–4B01–AA56–C2301EA75DD2}: NameServer = 194.204.152.34 217.98.63.164
O17 – HKLM\System\CS2\Services\Tcpip\..\{129F7181–2440–4B01–AA56–C2301EA75DD2}: NameServer = 194.204.152.34 217.98.63.164
O23 – Service: Symantec Event Manager – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 – Service: Symantec Network Proxy – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 – Service: Symantec Password Validation – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 – Service: Symantec Settings Manager – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 – Service: ISSvc – Symantec Corporation – C:\Program Files\Norton Internet Security\ISSVC.exe
O23 – Service: Kodak Camera Connection Software – Eastman Kodak Company – C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 – Service: Norton AntiVirus Auto–Protect Service – Symantec Corporation – C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 – Service: NVIDIA Display Driver Service – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: SAVScan – Symantec Corporation – C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 – Service: ScriptBlocking Service – Symantec Corporation – C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 – Service: Symantec Network Drivers Service – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 – Service: Symantec SPBBCSvc – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 – Service: StyleXPService – Unknown – C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 – Service: Symantec Core LC – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe

Pozdrawiam i z gory dziekuje za ewentualna pomoc.[/list]