o to chodziło ?
Logfile of HijackThis v1.99.1
Scan saved at 14:30:50, on 2005-05-25
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\MKS\Bin\NetMonSV.exe
C:\Program Files\MKS\Bin\mksmonsv.exe
C:\Program Files\MKS\Bin\mks_menu.exe
C:\Program Files\MKS\Bin\ABregmon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\MKS\Bin\mks_scan.exe
C:\Program Files\MKS\Bin\mks_virw.exe
C:\WINDOWS\system32\ntolesvc32.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Kseo\USTAWI~1\Temp\Rar$EX00.811\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.pl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 - REG:system.ini: Shell=explorer.exe
O1 - Hosts: 17.145.117.11 d-ru-1f.kaspersky-labs.com
O1 - Hosts: 17.145.117.11 d-ru-1h.kaspersky-labs.com
O1 - Hosts: 17.145.117.11 d-ru-2f.kaspersky-labs.com
O1 - Hosts: 17.145.117.11 d-ru-2h.kaspersky-labs.com
O1 - Hosts: 17.145.117.11 d-eu-2f.kaspersky-labs.com
O1 - Hosts: 17.145.117.11 d-eu-2h.kaspersky-labs.com
O1 - Hosts: 17.145.117.11 d-eu-1f.kaspersky-labs.com
O1 - Hosts: 17.145.117.11 d-eu-1h.kaspersky-labs.com
O1 - Hosts: 17.145.117.11 d-us-1f.kaspersky-labs.com
O1 - Hosts: 17.145.117.11 d-us-1h.kaspersky-labs.com
O1 - Hosts: 17.145.117.11 downloads1.kaspersky.ru
O1 - Hosts: 17.145.117.11 downloads2.kaspersky.ru
O1 - Hosts: 17.145.117.11 downloads3.kaspersky.ru
O1 - Hosts: 17.145.117.11 downloads4.kaspersky.ru
O1 - Hosts: 17.145.117.11 downloads5.kaspersky.ru
O1 - Hosts: 17.145.117.11 www.kaspersky.ru
O1 - Hosts: 17.145.117.11 kaspersky.ru
O1 - Hosts: 17.145.117.11 kaspersky-labs.com
O1 - Hosts: 17.145.117.11 www.kaspersky-labs.com
O1 - Hosts: 82.146.42.123 lloydstsb.co.uk
O1 - Hosts: 82.146.42.123 online.lloydstsb.co.uk
O1 - Hosts: 82.146.42.123 www.lloydstsb.co.uk
O1 - Hosts: 82.146.42.123 www.lloydstsb.com
O1 - Hosts: 82.146.42.123 personal.barclays.co.uk
O1 - Hosts: 82.146.42.123 barclays.co.uk
O1 - Hosts: 82.146.42.123 ibank.barclays.co.uk
O1 - Hosts: 82.146.42.123 www.barclays.co.uk
O1 - Hosts: 82.146.42.123 www.nwolb.com
O1 - Hosts: 82.146.42.123 nwolb.com
O1 - Hosts: 82.146.42.123 hsbc.co.uk
O1 - Hosts: 82.146.42.123 www.hsbc.co.uk
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Spools Service Controller] C:\WINDOWS\System32\spools.exe
O4 - HKLM\..\Run: [MKS_MENU] C:\Program Files\MKS\Bin\mks_menu.exe
O4 - HKLM\..\Run: [ABREGMON] C:\Program Files\MKS\Bin\ABregmon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: Win32 Classes - file://C:\WINDOWS\Java\classes\win32ie4.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consu...ls/en/x86/client/wuweb_site.cab?1117014603045
O17 - HKLM\System\CCS\Services\Tcpip\..\{3FBC1495-D10C-40BE-85B2-DEC2C7E08691}: NameServer = 213.199.225.10,213.199.225.14
O17 - HKLM\System\CS1\Services\Tcpip\..\{3FBC1495-D10C-40BE-85B2-DEC2C7E08691}: NameServer = 213.199.225.10,213.199.225.14
O17 - HKLM\System\CS2\Services\Tcpip\..\{3FBC1495-D10C-40BE-85B2-DEC2C7E08691}: NameServer = 213.199.225.10,213.199.225.14
O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit sp. z o.o. - C:\Program Files\MKS\Bin\NetMonSV.exe
O23 - Service: MkSUpdateInt - MkS Sp. z o. o. - C:\Program Files\MKS\bin\MkSUpdateInt.exe
O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - C:\Program Files\MKS\Bin\mksmonsv.exe
O23 - Service: MkS_Scan - Unknown owner - C:\Program Files\MKS\Bin\mks_scan.exe
O23 - Service: Smart Card Client (SCardClnt) - Unknown owner - C:\WINDOWS\System32\SCardClnt.exe (file missing)
Dodano po 6 [minuty]: poprwke juz sciagalem dzisiaj i probowalem go usunac MKSclean ale on nic niewykrył
Dodano po 11 [minuty]: a z dyskietki nieda rady bo mam zepsuta
Narazie mi niepokazuje sie komunikat ze system bedzie zamkniety za 60 sec MKS cos tam usunal
Dodano po 2 [godziny] 15 [minuty]: juz nie mam pojecia dalej to samo