trojan w kompie -HELP

[Gość: Aśka]

w Piuatek w pracy nasz informatyk spieprzył mi kompa, ściągnął jakies gó.. i
wyskakuje mi stronka deluxe-se.com/pr/remove_spyware/1/index.html po
otworzeniu przeglądarki. zainstalowałam adaware wywalilo wieeele smieci (aha
zapomnialam napisac -informatykl wyslal mi wczoraj smsa -zrobilem kompa -od
dzis go przez 2 tyg. nie ma i musze sobie sama poradzic), ale temu nie
zaszkodziło i jak wyskakiwało tak wyskakuje.jest to reklama programu
antywirusowego REGFREEZE. kto mi pomoze wywalic to gowno? spyware doktor tez
temu nie daje rady :(

[neder]

wklej oczywiście log z HijackThis.
pzdr

[civi1]

Logfile of HijackThis v1.99.1
Scan saved at 09:56:15, on 05-11-07
Platform: Windows 2000 Dodatek SP. 2 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\SYSTEM32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0
\webapps\Toolbox\StatusClient\StatusClient.exe
C:\WINNT\System32\ctfmon.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Program Files\Hewlett-Packard\LaserJet 33xx\hppdirector.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Documents and Settings\Administrator\Pulpit\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = deluxe-
se.com/pr/remove_spyware/1/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no
file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: sxpdr32.MyBHO - {5D0F16E6-47DF-11DA-8802-00024493948B} -
C:\WINNT\System32\sxpdr32.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} -
C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: @msdxmLC.dll,-1@1045,&Radio - {8E718888-423F-11D2-876E-
00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0
\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0
\hpbpsttp.exe
O4 - HKLM\..\Run: [HPLJ Config] C:\Program Files\Hewlett-Packard\hp LaserJet
1150_1300\SetConfig.exe -c Direct -p \\SEKRETARIAT\HP 1200 SEKR -pn "hp
LaserJet 1300 PCL 6" -n 0 -l 1045 -sl 120000
O4 - HKLM\..\Run: [-2147483646] C:\WINNT\System32\winuc386.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Jyve] C:\Program Files\Jyve\Jyve\Jyve.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware
Doctor\swdoctor.exe" /Q
O4 - Global Startup: HP LaserJet Director.lnk = C:\Program Files\Hewlett-
Packard\LaserJet 33xx\hppdirector.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{33727D40-5917-422D-AF1A-D206E3A55BA4}:
NameServer = 194.204.152.34,194.204.159.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{33727D40-5917-422D-AF1A-D206E3A55BA4}:
NameServer = 194.204.152.34,194.204.159.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{33727D40-5917-422D-AF1A-D206E3A55BA4}:
NameServer = 194.204.152.34,194.204.159.1
O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program
Files\Wirtualna Polska\wpkontakt\url_wpmsg.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32
\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Usługa administracyjna Menedżera dysków logicznych (dmadmin) -
VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:\WINNT\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program
Files\Spyware Doctor\sdhelp.exe