a tu jest ostatni raport z MKS online
to jest mój log:
Logfile of HijackThis v1.99.1
Scan saved at 22:00:32, on 2007-12-16
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C
rogram FilesNVIDIA CorporationNetworkAccessManagerApache GroupApache2binapache.exe
C
rogram FilesNVIDIA CorporationNetworkAccessManagerbinnSvcIp.exe
C
rogram FilesNVIDIA CorporationNetworkAccessManagerbinnSvcLog.exe
C:WINDOWSsystem32nvsvc32.exe
C
rogram FilesNVIDIA CorporationNetworkAccessManagerApache GroupApache2binapache.exe
C:WINDOWSsystem32wdfmgr.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32ctfmon.exe
C
rogram FilesCommon FilesAheadLibNMBgMonitor.exe
C
rogram FilesCommon FilesAheadLibNMIndexingService.exe
C
rogram FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:WINDOWSsystem32svchost.exe
C
rogram FilesGadu-Gadugg.exe
C
rogram FilesMozilla Firefoxfirefox.exe
D:SetupHijackHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
rogram FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [ZoneAlarm Client] "C
rogram FilesZone LabsZoneAlarmzlclient.exe"
O4 - HKLM..Run: [NeroFilterCheck] C
rogram FilesCommon FilesAheadLibNeroCheck.exe
O4 - HKLM..Run: [BearShare] "C
rogram FilesBearShareBearShare.exe" /pause
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Gadu-Gadu] "C
rogram FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [DAEMON Tools Pro Agent] "C
rogram FilesDAEMON Tools ProDTProAgent.exe"
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C
rogram FilesCommon FilesAheadLibNMBgMonitor.exe"
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C
ROGRA~1MICROS~1OFFICE11EXCEL.EXE/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C
ROGRA~1MICROS~1OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exe
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) -
http://www.mks.com.pl/skaner/SkanerOnline.cab
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C
rogram FilesNVIDIA CorporationNetworkAccessManagerApache GroupApache2binapache.exe" -k runservice (file missing)
O23 - Service: NBService - Nero AG - C
rogram FilesNeroNero 7Nero BackItUpNBService.exe
O23 - Service: NMIndexingService - Nero AG - C
rogram FilesCommon FilesAheadLibNMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C
rogram FilesNVIDIA CorporationNetworkAccessManagerbinnSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C
rogram FilesNVIDIA CorporationNetworkAccessManagerbinnSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C
rogram FilesSpyware Doctorsvcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C
rogram FilesSpyware Doctorswdsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32ZoneLabsvsmon.exe
niby trojan został usunięty a problem cały czas jest.