Wirusy....HELP ME!!!
Cze!
Problem z niej tej ziemi..Mam Norotn 2006 zminilem z norotona 2006 system dopiero co po instalacji sp2 zainstalowane....mam drugi dodatkowo antywir NOD32
i co jakis czas........nie doslownie co 5 min cos mio wchdzi jakis wirus.....mam firewall ale tez przechodzi wiec co poradzicie....i co sadzicie o NORTONIE 2006...???
Problem z niej tej ziemi..Mam Norotn 2006 zminilem z norotona 2006 system dopiero co po instalacji sp2 zainstalowane....mam drugi dodatkowo antywir NOD32
i co jakis czas........nie doslownie co 5 min cos mio wchdzi jakis wirus.....mam firewall ale tez przechodzi wiec co poradzicie....i co sadzicie o NORTONIE 2006...???
Odpowiedzi: 4
Tak uzyłem...."BPS Spyware Remover" i usnał smiec jakis tam.....wic git...ale najgorsze to ze sciagam czasmi EMULE....i cos wskakuje a jak mialem norot 2004 to nic nie bylo....ale moze mi sie tak wydaje....
Log masz wporzadku.
oprocz:
Skanowales komputer Ad–aware'em lub SpyRemover'em :?: :?:
oprocz:
R3 – Default URLSearchHook is missing
Skanowales komputer Ad–aware'em lub SpyRemover'em :?: :?:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\KEMailKb\KEMailKb.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Hmonitor\hmonitor.exe
C:\Program Files\D–Tools\daemon.exe
C:\Program Files\MessageStop\MessageStop.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\BulletProofSoft.com\SpywareRemover\SpyWatch.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTask.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Pogoda\pogoda.exe
C:\Program Files\Budzik\budzik.exe
C:\Program Files\BulletProofSoft.com\SpywareRemover\2A33DD5C.DLL
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\oodag.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\r2 studios\HideOE\HideOE.exe
C:\Program Files\outlook express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
F:\Programy Systemowe\Antywirusowe\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.mediatwins.com/products/ac3_decoder/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: NAV Helper – {A8F38D8D–E480–4D52–B7A2–731BB6995FDD} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: Norton AntiVirus – {C4069E3A–68F1–403E–B40E–20066696354B} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 – HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 – HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 – HKLM\..\Run: [KEMailKb] C:\PROGRA~1\KEMailKb\KEMailKb.EXE
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 – HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 – HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 – HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 – HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 – HKLM\..\Run: [hmonitor] C:\Program Files\Hmonitor\hmonitor.exe
O4 – HKLM\..\Run: [DAEMON Tools–1033] "C:\Program Files\D–Tools\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 – HKLM\..\Run: [MessageStop] C:\Program Files\MessageStop\MessageStop.exe
O4 – HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe –startgui
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [spywatch] C:\Program Files\BulletProofSoft.com\SpywareRemover\SpyWatch.exe /STARTUP
O4 – HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 – HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTask.exe"
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [tray] C:\Program Files\Pogoda\pogoda.exe /tray
O4 – Startup: Budzik.lnk = C:\Program Files\Budzik\budzik.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 – DPF: {7B297BFD–85E4–4092–B2AF–16A91B2EA103} (WScanCtl Class) – http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: Symantec Event Manager (ccEvtMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 – Service: Symantec Settings Manager (ccSetMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 – Service: Creative Service for CDROM Access – Creative Technology Ltd – C:\WINDOWS\System32\CTsvcCDA.exe
O23 – Service: Usługa Auto–Protect programu Norton AntiVirus (navapsvc) – Symantec Corporation – C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Unknown owner – C:\Program Files\Eset\nod32krn.exe
O23 – Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) – Symantec Corporation – C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 – Service: Usługa Norton Protection Center (NSCService) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 – Service: O&O Defrag – O&O Software GmbH – C:\WINDOWS\System32\oodag.exe
O23 – Service: Symantec AVScan (SAVScan) – Symantec Corporation – C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 – Service: Sygate Personal Firewall Pro (SmcService) – Sygate Technologies, Inc. – C:\Program Files\Sygate\SPF\smc.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 – Service: SPBBCSvc – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 – Service: Symantec Core LC – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
Wiem wiem ale te 2 sie nie gryza a raczej wspieraja!!
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\KEMailKb\KEMailKb.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Hmonitor\hmonitor.exe
C:\Program Files\D–Tools\daemon.exe
C:\Program Files\MessageStop\MessageStop.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\BulletProofSoft.com\SpywareRemover\SpyWatch.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTask.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Pogoda\pogoda.exe
C:\Program Files\Budzik\budzik.exe
C:\Program Files\BulletProofSoft.com\SpywareRemover\2A33DD5C.DLL
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\oodag.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\r2 studios\HideOE\HideOE.exe
C:\Program Files\outlook express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
F:\Programy Systemowe\Antywirusowe\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.mediatwins.com/products/ac3_decoder/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: NAV Helper – {A8F38D8D–E480–4D52–B7A2–731BB6995FDD} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: Norton AntiVirus – {C4069E3A–68F1–403E–B40E–20066696354B} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 – HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 – HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 – HKLM\..\Run: [KEMailKb] C:\PROGRA~1\KEMailKb\KEMailKb.EXE
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 – HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 – HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 – HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 – HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 – HKLM\..\Run: [hmonitor] C:\Program Files\Hmonitor\hmonitor.exe
O4 – HKLM\..\Run: [DAEMON Tools–1033] "C:\Program Files\D–Tools\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 – HKLM\..\Run: [MessageStop] C:\Program Files\MessageStop\MessageStop.exe
O4 – HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe –startgui
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [spywatch] C:\Program Files\BulletProofSoft.com\SpywareRemover\SpyWatch.exe /STARTUP
O4 – HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 – HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTask.exe"
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [tray] C:\Program Files\Pogoda\pogoda.exe /tray
O4 – Startup: Budzik.lnk = C:\Program Files\Budzik\budzik.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 – DPF: {7B297BFD–85E4–4092–B2AF–16A91B2EA103} (WScanCtl Class) – http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: Symantec Event Manager (ccEvtMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 – Service: Symantec Settings Manager (ccSetMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 – Service: Creative Service for CDROM Access – Creative Technology Ltd – C:\WINDOWS\System32\CTsvcCDA.exe
O23 – Service: Usługa Auto–Protect programu Norton AntiVirus (navapsvc) – Symantec Corporation – C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Unknown owner – C:\Program Files\Eset\nod32krn.exe
O23 – Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) – Symantec Corporation – C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 – Service: Usługa Norton Protection Center (NSCService) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 – Service: O&O Defrag – O&O Software GmbH – C:\WINDOWS\System32\oodag.exe
O23 – Service: Symantec AVScan (SAVScan) – Symantec Corporation – C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 – Service: Sygate Personal Firewall Pro (SmcService) – Sygate Technologies, Inc. – C:\Program Files\Sygate\SPF\smc.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 – Service: SPBBCSvc – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 – Service: Symantec Core LC – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
Wiem wiem ale te 2 sie nie gryza a raczej wspieraja!!
Nie powinno sie korzystac z dwoch antwirow.
A co do wirosow to podaj log z HijackThis'a
i przeskanuj komputer np. Ad–aware'em czy SpyRemover'em.
Z jakiego firewall'a korzystasz :?:
A co do wirosow to podaj log z HijackThis'a
i przeskanuj komputer np. Ad–aware'em czy SpyRemover'em.
Z jakiego firewall'a korzystasz :?:
Strona 1 / 1