Dodaj do ulubionych

Proszę o sprawdzenie loga

IP: *.eu.org 04.08.05, 18:01
Cześć!! Proszę o sprawdzenie loga. Mam problemy z tapetą i pojawiły się pliki
xxx :((( Help!!
Wklejam loga:

Logfile of HijackThis v1.99.1
Scan saved at 17:52:55, on 2005-08-04
Platform: Windows 2000 Dodatek SP. 2 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP2 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\WINNT\System32\P2P Networking\P2P Networking.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Media Gateway\MediaGateway.exe
C:\winnt\system32\mdms.exe
C:\WINNT\System32\internat.exe
C:\Program Files\Internet Explorer\shttps\http.exe
C:\Program Files\Internet Explorer\shttps\svchost.exe
C:\WINNT\System32\fkfnhxqlvxdt.exe
C:\WINNT\tool2.exe
C:\WINNT\nmstt.exe
C:\winstall.exe
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\~2.tmp.exe
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\~1.tmp.exe
C:\WINNT\tool2.exe
C:\WINNT\tool2.exe
C:\Corel\Graphics8\programs\MFIndexer.exe
C:\Program Files\180searchassistant\salm.exe
C:\WINNT\System32\4m32589q.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\~4B.tmp.exe
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\~4D.tmp.exe
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\~4F.tmp.exe
C:\WINNT\System32\mdm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\~51.tmp.exe
D:\HiJack2\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
195.95.218.172/index.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
195.95.218.172/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
195.95.218.172/index.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
195.95.218.172/index.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
195.95.218.172/index.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
195.95.218.172/index.php
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,AutoConfigURL = Nowa
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no
file)
O1 - Hosts: 127.0.0.3 n-glx.s-redirect.com
O1 - Hosts: 127.0.0.3 x.full-tgp.net
O1 - Hosts: 127.0.0.3 counter.sexmaniack.com
O1 - Hosts: 127.0.0.3 autoescrowpay.com
O1 - Hosts: 127.0.0.3 www.autoescrowpay.com
O1 - Hosts: 127.0.0.3 www.awmdabest.com
O1 - Hosts: 127.0.0.3 www.sexfiles.nu
O1 - Hosts: 127.0.0.3 awmdabest.com
O1 - Hosts: 127.0.0.3 sexfiles.nu
O1 - Hosts: 127.0.0.3 allforadult.com
O1 - Hosts: 127.0.0.3 www.allforadult.com
O1 - Hosts: 127.0.0.3 www.iframe.biz
O1 - Hosts: 127.0.0.3 iframe.biz
O1 - Hosts: 127.0.0.3 www.newiframe.biz
O1 - Hosts: 127.0.0.3 newiframe.biz
O1 - Hosts: 127.0.0.3 www.vesbiz.biz
O1 - Hosts: 127.0.0.3 vesbiz.biz
O1 - Hosts: 127.0.0.3 www.pi..to.biz
O1 - Hosts: 127.0.0.3 pi..to.biz
O1 - Hosts: 127.0.0.3 www.aaasexypics.com
O1 - Hosts: 127.0.0.3 aaasexypics.com
O1 - Hosts: 127.0.0.3 www.virgin-tgp.net
O1 - Hosts: 127.0.0.3 virgin-tgp.net
O1 - Hosts: 127.0.0.3 www.awmcash.biz
O1 - Hosts: 127.0.0.3 awmcash.biz
O1 - Hosts: 127.0.0.3 buldog-stats.com
O1 - Hosts: 127.0.0.3 www.buldog-stats.com
O1 - Hosts: 127.0.0.3 fregat.drocherway.com
O1 - Hosts: 127.0.0.3 slutmania.biz
O1 - Hosts: 127.0.0.3 www.slutmania.biz
O1 - Hosts: 127.0.0.3 toolbarpartner.com
O1 - Hosts: 127.0.0.3 www.toolbarpartner.com
O1 - Hosts: 127.0.0.3 www.megapornix.com
O1 - Hosts: 127.0.0.3 megapornix.com
O1 - Hosts: 127.0.0.3 www.sp2fucked.biz
O1 - Hosts: 127.0.0.3 sp2fucked.biz
O1 - Hosts: 127.0.0.3 greg-tut.com
O1 - Hosts: 127.0.0.3 www.greg-tut.com
O1 - Hosts: 127.0.0.3 nylonsexy.com
O1 - Hosts: 127.0.0.3 www.nylonsexy.com
O1 - Hosts: 127.0.0.3 vparivalka.com
O1 - Hosts: 127.0.0.3 www.vparivalka.com
O1 - Hosts: 127.0.0.3 iframeprofit.com
O1 - Hosts: 127.0.0.3 www.iframeprofit.com
O1 - Hosts: 127.0.0.3 topsearch10.com
O1 - Hosts: 127.0.0.3 www.topsearch10.com
O1 - Hosts: 127.0.0.3 statscash.biz
O1 - Hosts: 127.0.0.3 www.statscash.biz
O1 - Hosts: 127.0.0.3 vxiframe.biz
O1 - Hosts: 127.0.0.3 www.vxiframe.biz
O1 - Hosts: 127.0.0.3 crazy-toolbar.com
O1 - Hosts: 127.0.0.3 www.crazy-toolbar.com
O1 - Hosts: 127.0.0.3 topcash.biz
O1 - Hosts: 127.0.0.3 www.topcash.biz
O1 - Hosts: 127.0.0.3 loadcash.biz
O1 - Hosts: 127.0.0.3 www.loadcash.biz
O1 - Hosts: 127.0.0.3 txiframe.biz
O1 - Hosts: 127.0.0.3 www.txiframe.biz
O1 - Hosts: 127.0.0.3 procounter.biz
O1 - Hosts: 127.0.0.3 www.procounter.biz
O1 - Hosts: 127.0.0.3 advadmin.biz
O1 - Hosts: 127.0.0.3 www.advadmin.biz
O1 - Hosts: 127.0.0.3 trafficbest.net
O1 - Hosts: 127.0.0.3 www.trafficbest.net
O1 - Hosts: 127.0.0.3 besthvac.com
O1 - Hosts: 127.0.0.3 www.besthvac.com127.0.0.1 www.trendmicro.com
O1 - Hosts: 255.255.255.255 ar.atwola.com atdmt.com avp.ch avp.com avp.ru
awaps.net ca.com dispatch.mcafee.com download.mcafee.com
download.microsoft.com downloads.microsoft.com engine.awaps.net f-secure.com
ftp.f-secure.com ftp.sophos.com go.microsoft.com liveupdate.symantec.com
mast.mcafee.com mcafee.com msdn.microsoft.com my-etrust.com nai.com
networkassociates.com office.microsoft.com phx.corporate-ir.net
secure.nai.com securityresponse.symantec.com service1.symantec.com sophos.com
spd.atdmt.com support.microsoft.com symantec.com update.symantec.com
updates.symantec.com us.mcafee.com vil.nai.com viruslist.ru
windowsupdate.microsoft.com www.avp.ch www.avp.com www.avp.ru www.awaps.net
www.ca.com www.f-secure.com www.kaspersky.ru www.mcafee.com www.my-etrust.com
www.nai.com www.networkassociates.com www.sophos.com www.symantec.com
www.trendmicro.com www.viruslist.com www.viruslist.ru www3.ca.com
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} -
C:\WINNT\nem220.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - c:\program
files\180searchassistant\salmhook.dll
O2 - BHO: Loader Class - {2E246FAE-8420-11D9-870D-000C2917DE7F} - (no file)
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} -
C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\PROGRA~1
\INSTAF~1\INSTAF~1.DLL
O2 - BHO: (no name) - {A0269420-A638-4509-889C-8FC3CC85DA7E} -
C:\WINNT\drexinit.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: @msdxmLC.dll,-1@1045,&Radio - {8E718888-423F-11D2-876E-
00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar1.dll
O3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} - (no file)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital
Imaging\bin\hpotdd01.exe
O4 -
Obserwuj wątek
    • Gość: Kolobos Re: Proszę o sprawdzenie loga IP: *.warszawa.sdi.tpnet.pl 04.08.05, 18:22
      Tylko sie powiesic jak sie patrzy na taki log... do tego nawet nie zmiescil sie
      caly, oczywiscie o programie antyvirusowym nigdy nie slyszalas? to samo o
      aktualizacjach?

      Skan i usuwanie wszystkiego tym:
      download.microsoft.com/download/8/1/5/815d2d60-49b5-44dc-ae35-fca2f2c6f0cc/MicrosoftAntiSpywareInstall.exe
      download.ewido.net/ewido-setup.exe <- zrob update przed skanowaniem, po
      przeskanowaniu odinstaluj.
      Zamknij porty tym:
      www.firewallleaktester.com/tools/wwdc.exe
      I jeszcze to:
      www.searchengines.pl/phpbb203/index.php?
      s=5debf1bfeab0c89e54567f66c39699f0&act=Attach&type=post&id=459

      Jak juz to wszystko zrobisz to wklej nowy log.

Popularne wątki

Nie pamiętasz hasła

lub ?

 

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka