wyświetla mi się na pasku zadań informacja Your computer is infected
żadne programy antywirusowe nic nie wykryły
Logfile of HijackThis v1.99.1
Scan saved at 14:26:51, on 2005-11-13
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mssearchnet.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\program files\multires\multires.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\Program Files\Opera\Opera.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\SEBAST~1\USTAWI~1\Temp\Rar$EX88.640\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = www.telpol.net.pl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - (no file)
R3 - URLSearchHook: (no name) - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - (no file)
O1 - Hosts: 85.128.138.124 www.telpol.net.pl
O1 - Hosts: 80.245.197.244 www.opera.pl
O1 - Hosts: 193.69.116.49 www.opera.com
O1 - Hosts: 207.46.250.116 shell.windows.com
O1 - Hosts: 204.157.7.84 filext.com
O1 - Hosts: 64.21.125.112 www.megastacja.net
O1 - Hosts: 62.75.216.126 www.pobieralnia.pl
O1 - Hosts: 221.229.127.119 download.bitcomet.com
O1 - Hosts: 83.149.73.25 www.overp2p.com
O1 - Hosts: 213.241.69.3 www.fullinstaller.a4.pl
O1 - Hosts: 83.149.73.130 www.fnt.pl
O1 - Hosts: 69.31.81.58 astalavista.box.sk
O1 - Hosts: 64.94.136.198 www.properhosting.net
O1 - Hosts: 66.111.54.180 www.cracksoft.com
O1 - Hosts: 69.93.242.90 www.esdirecto.com
O1 - Hosts: 66.111.54.182 www.alvensis.com
O1 - Hosts: 210.21.110.19 www.wqsky.com
O1 - Hosts: 80.87.206.99 freeserials.spb.ru
O1 - Hosts: 70.85.90.228 www.zionteam.ultrahost.pl
O1 - Hosts: 212.85.103.106 www.getinbank.pl
O1 - Hosts: 217.148.89.23 www.swiatopinii.com
O1 - Hosts: 4.78.20.4 jcontent.bns1.net
O1 - Hosts: 217.79.144.106 napisy.info
O1 - Hosts: 217.8.180.174 www.elektroda.pl
O1 - Hosts: 193.108.177.108 www.kartykredytowe.pl
O1 - Hosts: 83.17.80.50 spin.siedziba.pl
O1 - Hosts: 217.153.56.87 auto.search.msn.com
O1 - Hosts: 66.249.93.99 pagead2.googlesyndication.com
O1 - Hosts: 217.172.45.178 napisy.qwe.pl
O1 - Hosts: 217.172.44.226 www.podreczniki-gandalf.pl
O1 - Hosts: 213.218.116.36 www.merlin.com.pl
O1 - Hosts: 83.220.96.17 www.granie.eraomnix.pl
O1 - Hosts: 207.46.20.30 www.microsoft.com
O1 - Hosts: 205.209.152.85 mapa-polski-nec-java-download.nx.waw.pl
O1 - Hosts: 62.129.240.106 www.stopwariatom.pl
O1 - Hosts: 213.77.36.227 www.kujawski.pl
O1 - Hosts: 212.85.113.3 grakujawski.home.pl
O1 - Hosts: 69.1.72.252 foot.medicine-pills-health.com
O1 - Hosts: 66.230.190.146 www.tgpgallshost.com
O1 - Hosts: 198.65.164.240 mmm100.com
O1 - Hosts: 209.237.241.60 www.■■■■-portal.com
O1 - Hosts: 64.156.213.198 iframe.adultfriendfinder.com
O1 - Hosts: 67.19.45.212 maycom.pl
O1 - Hosts: 217.30.156.59 www.asset.com.pl
O1 - Hosts: 85.128.165.30 www.canex.pl
O1 - Hosts: 80.190.214.119 www.telesfor.galicja.pl
O1 - Hosts: 83.149.101.180 www.megum.pl
O1 - Hosts: 81.210.38.173 firmy.pkt.pl
O1 - Hosts: 212.85.106.155 www.alan.pl
O1 - Hosts: 70.84.177.195 www.astra.media.pl
O1 - Hosts: 213.180.130.203 secure.onet.pl
O1 - Hosts: 213.180.130.201 webmajster.republika.onet.pl
O1 - Hosts: 12.5.107.146 www.uniden.com
O1 - Hosts: 193.23.48.134 www.allegro.pl
O1 - Hosts: 85.232.225.241 badania.hit.gemius.pl
O1 - Hosts: 67.18.222.66 www.moldo.pl
O1 - Hosts: 213.133.115.131 274833.myshoutbox.com
O1 - Hosts: 212.160.153.194 www.e-notebook.com.pl
O1 - Hosts: 217.97.235.10 jik.bazarek.pl
O1 - Hosts: 67.19.158.229 www.first-polska.com.pl
O1 - Hosts: 83.149.104.97 www. ********.pl
O1 - Hosts: 62.25.98.57 www.oki.com.pl
O1 - Hosts: 213.241.70.2 www.adampol.pl
O1 - Hosts: 80.55.8.90 80.55.8.90
O1 - Hosts: 195.205.26.85 www.eltersc.pl
O1 - Hosts: 209.0.144.12 www.shockingparties.com
O1 - Hosts: 212.239.40.78 212.239.40.78
O1 - Hosts: 63.236.75.87 www.popularscreensavers.com
O1 - Hosts: 62.250.9.72 www.tomtom.com
O1 - Hosts: 212.85.104.156 www.bajtel.pl
O1 - Hosts: 217.74.65.68 www.interia.pl
O1 - Hosts: 195.205.29.20 amt.ct.com.pl
O1 - Hosts: 72.9.235.108 www.exeemsite.com
O1 - Hosts: 67.15.101.8 gryonline.wp.pl
O1 - Hosts: 67.15.101.3 i.gryonline.wp.pl
O1 - Hosts: 217.17.36.244 megapanel.gem.pl
O1 - Hosts: 82.165.194.16 www.arctic.com
O1 - Hosts: 66.249.85.99 www.google.pl
O1 - Hosts: 157.25.56.19 www.pspolska.pl
O1 - Hosts: 194.116.252.20 www.autostrefa.pl
O1 - Hosts: 80.53.90.98 www.automix.pl
O1 - Hosts: 195.149.227.250 bron.pl
O1 - Hosts: 63.236.66.24 www.myfuncards.com
O1 - Hosts: 212.2.96.155 www.simplus.pl
O1 - Hosts: 193.83.75.5 www.megamuza.simplus.pl
O1 - Hosts: 207.250.236.120 pops.freeze.com
O1 - Hosts: 209.208.193.226 ad.yieldmanager.com
O1 - Hosts: 207.250.236.107 register.screensaver.com
O1 - Hosts: 66.77.124.20 www.doommovie.com
O1 - Hosts: 66.152.93.119 www.ysbweb.com
O1 - Hosts: 62.23.84.252 iem-pl-candidate.adeccoweb.net
O1 - Hosts: 66.194.38.206 advnt05.com
O1 - Hosts: 66.77.63.110 www.sonypictures.com
O1 - Hosts: 62.42.232.207 shop.pandasoftware.com
O1 - Hosts: 157.25.56.83 www.hbozabawa.pl
O1 - Hosts: 213.158.196.6 www.era.pl
O1 - Hosts: 213.158.196.13 i-boa.era.pl
O1 - Hosts: 213.158.194.150 www.eraomnix.pl
O1 - Hosts: 193.108.177.68 www.bph.pl
O1 - Hosts: 193.219.28.105 www.pandasoftware.com
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: HomepageBHO - {e9ccf15d-4c68-4b5a-9e9a-8e12e4bd39bd} - C:\WINDOWS\system32\hpF4F0.tmp
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O3 - Toolbar: (no name) - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - (no file)
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [MultiRes] c:\program files\multires\multires.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Tłumacz na angielski - {CCCE5D70-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\translatica\bin\win\int\browser\iepolengextension.dll (HKCU)
O9 - Extra 'Tools' menuitem: Tłumacz na angielski - {CCCE5D70-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\translatica\bin\win\int\browser\iepolengextension.dll (HKCU)
O9 - Extra button: Tłumacz na polski - {CCCE5D71-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\translatica\bin\win\int\browser\iepolengextension.dll (HKCU)
O9 - Extra 'Tools' menuitem: Tłumacz na polski - {CCCE5D71-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\translatica\bin\win\int\browser\iepolengextension.dll (HKCU)
O9 - Extra button: Zachowaj przetłumaczoną stronę - {CCCE5D72-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\translatica\bin\win\int\browser\iepolengextension.dll (HKCU)
O9 - Extra 'Tools' menuitem: Zachowaj przetłumaczoną stronę - {CCCE5D72-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\translatica\bin\win\int\browser\iepolengextension.dll (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1122725231281
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/pi/components/SignActivX.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} (GameDesire Slots 70th) - http://67.15.101.3/g_bin/pl/slots70_2_0_0_25.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
====================================
Uwaga: Jak wklejasz loga to obejmuj go znacznikiem (tagiem) CODE lub QUOTE
Proponuje poczytać TEN temat i zobacz jaka jest prośba do userów wklejających loga.
Pozdrawiam kuz5