[crooleeck]

Witam, na starym kompie mam pełno różnych niespodzianek, a chcę skopiować po sieci dane stąd i musze najpierw być pewien że nic się nie przypałęta przy okazji. A więc log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:34:51, on 2008-07-10
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Fmctrl.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\mobile PhoneTools\WatchDog.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\Spik\Spik.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\WINDOWS\System32\wscript.exe
C:\Program Files\Maxthon2\Maxthon.exe
C:\WINDOWS\System32\wscript.exe
C:\WINDOWS\System32\wscript.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by Godzilla
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-1032619732.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: (no name) - {FE9D42CA-B490-454C-947E-30378DA7E7B0} - C:\WINDOWS\System32\at.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Notatnik Google - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-1032619732.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [FmctrlTray] Fmctrl.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\mobile PhoneTools\WatchDog.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MS32DLL] C:\WINDOWS\MS32DLL.dll.vbs
O4 - HKCU\..\Run: [Spik] C:\Program Files\Spik\Spik.exe -autostart
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Startup: Przypominacz.lnk = C:\Documents and Settings\crooleeck\Pulpit\przypominacz.exe
O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Zanotuj to (Notatnik Google) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-1032619732.dll/gn_menu2.html
O8 - Extra context menu item: Zanotuj tę stronę (Notatnik Google) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-1032619732.dll/gn_menu1.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware....s/as2stubie.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2A5E4EA4-95D3-4595-BF78-04BBB37DB791}: NameServer = 194.204.159.1,194.204.152.34
O17 - HKLM\System\CS1\Services\Tcpip\..\{2A5E4EA4-95D3-4595-BF78-04BBB37DB791}: NameServer = 194.204.159.1,194.204.152.34
O17 - HKLM\System\CS2\Services\Tcpip\..\{2A5E4EA4-95D3-4595-BF78-04BBB37DB791}: NameServer = 194.204.159.1,194.204.152.34
O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program Files\Spik\url_wpmsg.dll
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 5462 bytes


Zgóry dzieki za pomoc, podejrzewam że trochę będzie roboty.

[Asdef]

W trybie avarynjnym filujesz i kasujesz to co na czerwono
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by Godzilla
O4 - HKLM\..\Run: [MS32DLL] C:\WINDOWS\MS32DLL.dll.vbs


Tego to nawet google nie znają
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware....s/as2stubie.cab
Ja tez nie znam

[crooleeck]

To:

[Adf]