Witam,
od kilku dni mam problem ze stale pojawiającym się komunikatem: prawdopodobnie masz wirusa Win 32/agent (lub jakiś inny).
Program Nod32 niestety nie jest w stanie go usunąc:/
prośba o pomoc.
poniżej log.
Logfile of HijackThis v1.99.1
Scan saved at 18:41:55, on 2009-01-01
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\svshost.exe
C:\WINDOWS\System32\Clock.exe
C:\WINDOWS\System32\eXtream.exe
C:\WINDOWS\System32\KB15763.exe
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\htpatch.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\System32\algs.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\Gayarab.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Gadu-Gadu\gg.exe
C:\Documents and Settings\Kozi\Pulpit\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM…\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM…\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM…\Run: [egui] “C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe” /hide /waitservice
O4 - HKLM…\Run: [mmsass] mmdmm.exe
O4 - HKLM…\Run: [Application Layer Gateway Service] C:\WINDOWS\System32\algs.exe
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [Windows Insecure] Clock.exe
O4 - HKLM…\Run: [WinDLL (tmp.exe)] rundll32.exe C:\WINDOWS\System32\tmp.exe,start
O4 - HKLM…\Run: [MicroSoft ssadsadas3s1] eXtream.exe
O4 - HKLM…\Run: [XP HOT F1XS] KB15763.exe
O4 - HKLM…\Run: [sECRETSERVICE] C:\WINDOWS\System32\Gayarab.exe
O4 - HKLM…\Run: [WinDLL (redyLive.exe)] rundll32.exe C:\WINDOWS\System32\redyLive.exe,start
O4 - HKLM…\Run: [WinDLL (vinampd.exe)] rundll32.exe C:\WINDOWS\System32\vinampd.exe,start
O4 - HKLM…\RunServices: [mmsass] mmdmm.exe
O4 - HKLM…\RunServices: [Windows Insecure] Clock.exe
O4 - HKLM…\RunServices: [MicroSoft ssadsadas3s1] eXtream.exe
O4 - HKLM…\RunServices: [XP HOT F1XS] KB15763.exe
O4 - HKLM…\RunOnce: [Windows Insecure] Clock.exe
O4 - HKLM…\RunOnce: [MicroSoft ssadsadas3s1] eXtream.exe
O4 - HKLM…\RunOnce: [XP HOT F1XS] KB15763.exe
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [bitTorrent DNA] “C:\Program Files\DNA\btdna.exe”
O4 - HKCU…\Run: [Windows Insecure] Clock.exe
O4 - HKCU…\Run: [MicroSoft ssadsadas3s1] eXtream.exe
O4 - HKCU…\Run: [XP HOT F1XS] KB15763.exe
O4 - HKCU…\Run: [Orb] “C:\Program Files\Winamp Remote\bin\OrbTray.exe” /background
O4 - HKCU…\RunOnce: [Windows Insecure] Clock.exe
O4 - HKCU…\RunOnce: [MicroSoft ssadsadas3s1] eXtream.exe
O4 - HKCU…\RunOnce: [XP HOT F1XS] KB15763.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O15 - Trusted Zone: http://mks.com.pl
O15 - Trusted Zone: http://*.grono.net
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: q4v11r9 - Unknown owner - C:\WINDOWS\system32\svshost.exe