Proszę o sprawdzenie loga :)


(Karol Kareem) #1

hej’

podejrzewam, ze coś gdzieś mi siedzi i ad-aware ani nod32 nie moze tego odnalezc, a mianowicie mam wylaczona mozliwosc ustawienia tapety na pulpicie, nikt ze znajomych, a takze tych, co pytalem sie o pomoc na necie nic nie poradzil, nawet nie wiedzial ze tak moze byc

sprawdzicie mi log? podejrzalem, ze tam troche stron typu x.la.ski, widac ktos pod nieobecnosc moja wchodzil tam :smiley:

Logfile of HijackThis v1.99.1

Scan saved at 16:15:42, on 2005-12-17

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Eset\nod32krn.exe

C:\WINDOWS\System32\nvsvc32.exe

D:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\RunDll32.exe

C:\Program Files\Eset\nod32kui.exe

C:\Program Files\D-Link AirPlus\AirPlus.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

F:\Downloads\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O1 - Hosts: 127.0.0.4 n-glx.s-redirect.com

O1 - Hosts: 127.0.0.4 x.full-tgp.net

O1 - Hosts: 127.0.0.4 counter.sexmaniack.com

O1 - Hosts: 127.0.0.4 autoescrowpay.com

O1 - Hosts: 127.0.0.4 www.autoescrowpay.com

O1 - Hosts: 127.0.0.4 www.awmdabest.com

O1 - Hosts: 127.0.0.4 www.sexfiles.nu

O1 - Hosts: 127.0.0.4 awmdabest.com

O1 - Hosts: 127.0.0.4 sexfiles.nu

O1 - Hosts: 127.0.0.4 allforadult.com

O1 - Hosts: 127.0.0.4 www.allforadult.com

O1 - Hosts: 127.0.0.4 www.iframe.biz

O1 - Hosts: 127.0.0.4 iframe.biz

O1 - Hosts: 127.0.0.4 www.newiframe.biz

O1 - Hosts: 127.0.0.4 newiframe.biz

O1 - Hosts: 127.0.0.4 www.vesbiz.biz

O1 - Hosts: 127.0.0.4 vesbiz.biz

O1 - Hosts: 127.0.0.4 www.pizdato.biz

O1 - Hosts: 127.0.0.4 pizdato.biz

O1 - Hosts: 127.0.0.4 www.aaasexypics.com

O1 - Hosts: 127.0.0.4 aaasexypics.com

O1 - Hosts: 127.0.0.4 www.virgin-tgp.net

O1 - Hosts: 127.0.0.4 virgin-tgp.net

O1 - Hosts: 127.0.0.4 www.awmcash.biz

O1 - Hosts: 127.0.0.4 awmcash.biz

O1 - Hosts: 127.0.0.4 buldog-stats.com

O1 - Hosts: 127.0.0.4 www.buldog-stats.com

O1 - Hosts: 127.0.0.4 fregat.drocherway.com

O1 - Hosts: 127.0.0.4 slutmania.biz

O1 - Hosts: 127.0.0.4 www.slutmania.biz

O1 - Hosts: 127.0.0.4 toolbarpartner.com

O1 - Hosts: 127.0.0.4 www.toolbarpartner.com

O1 - Hosts: 127.0.0.4 www.megapornix.com

O1 - Hosts: 127.0.0.4 megapornix.com

O1 - Hosts: 127.0.0.4 www.sp2fucked.biz

O1 - Hosts: 127.0.0.4 sp2fucked.biz

O1 - Hosts: 127.0.0.4 greg-tut.com

O1 - Hosts: 127.0.0.4 www.greg-tut.com

O1 - Hosts: 127.0.0.4 nylonsexy.com

O1 - Hosts: 127.0.0.4 www.nylonsexy.com

O1 - Hosts: 127.0.0.4 vparivalka.com

O1 - Hosts: 127.0.0.4 www.vparivalka.com

O1 - Hosts: 127.0.0.4 iframeprofit.com

O1 - Hosts: 127.0.0.4 www.iframeprofit.com

O1 - Hosts: 127.0.0.4 topsearch10.com

O1 - Hosts: 127.0.0.4 www.topsearch10.com

O1 - Hosts: 127.0.0.4 statscash.biz

O1 - Hosts: 127.0.0.4 www.statscash.biz

O1 - Hosts: 127.0.0.4 vxiframe.biz

O1 - Hosts: 127.0.0.4 www.vxiframe.biz

O1 - Hosts: 127.0.0.4 crazy-toolbar.com

O1 - Hosts: 127.0.0.4 www.crazy-toolbar.com

O1 - Hosts: 127.0.0.4 topcash.biz

O1 - Hosts: 127.0.0.4 www.topcash.biz

O1 - Hosts: 127.0.0.4 loadcash.biz

O1 - Hosts: 127.0.0.4 www.loadcash.biz

O1 - Hosts: 127.0.0.4 txiframe.biz

O1 - Hosts: 127.0.0.4 www.txiframe.biz

O1 - Hosts: 127.0.0.4 procounter.biz

O1 - Hosts: 127.0.0.4 www.procounter.biz

O1 - Hosts: 127.0.0.4 advadmin.biz

O1 - Hosts: 127.0.0.4 www.advadmin.biz

O1 - Hosts: 127.0.0.4 trafficbest.net

O1 - Hosts: 127.0.0.4 www.trafficbest.net

O1 - Hosts: 127.0.0.4 besthvac.com

O1 - Hosts: 127.0.0.4 www.besthvac.com

O1 - Hosts: 127.0.0.4 traff4.com

O1 - Hosts: 127.0.0.4 www.traff4.com

O1 - Hosts: 127.0.0.4 ambush-script.com

O1 - Hosts: 127.0.0.4 www.ambush-script.com

O1 - Hosts: 127.0.0.4 beehappyy.biz

O1 - Hosts: 127.0.0.4 www.beehappyy.biz127.0.0.1 www.trendmicro.com

O1 - Hosts: 64.91.255.87 www.dcsresearch.com

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {58F07DD3-924D-4141-BC74-299F523A95F1} - (no file)

O2 - BHO: (no name) - {78364D99-A640-4ddf-B91A-67EFF8373045} - (no file)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - Global Startup: D-Link AirPlus.lnk = ?

O8 - Extra context menu item: Download with GetRight - D:\GetRight\GRdownload.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Open with GetRight Browser - D:\GetRight\GRbrowse.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://gdansk.procad.pl/download/mgaxctrl.cab

O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) - http://67.15.101.3/g_bin/pl/words_2_0_0_36.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{D599FD80-F645-4241-BFF6-E536AD724984}: NameServer = 194.204.159.1,192.168.168.1

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe

(Gutek) #2

usun wpisy hijackiem