Od tygodni zycie zatruwa mi jakis wirus ktory porusza kursorem, zamyka aplikacje, zaznacza, przesuwa itp. Nie moge uzywac Worda, i wlasciwie niczego. Nawet teraz prawie nie jestem w stanie pisac. Prosze, pomozcie. Programy antyvirusowe i antytrojanowe nie pomagaja.
Na początek daj loga.
A co to takiego?
ha ha juz wiem co to takiego
oto co otrzymalam:
Logfile of HijackThis v1.99.1
Scan saved at 17:21:39, on 05/06/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashserv.exe
C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
C:\Program Files\Common Files\eAcceleration\eanthology.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BearShare\BearShare.exe
C:\Program Files\Save\Save.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Documents and Settings\Emi\Desktop\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [VTTimer] VTTimer.exe
O4 - HKLM…\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O4 - HKLM…\Run: [TotalRecorderScheduler] C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM…\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe files\mcafee.com\agent\mcagent.exe
O4 - HKLM…\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM…\Run: [_AntiSpyware] C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
O4 - HKLM…\Run: [VSOCheckTask] “c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe” /checktask
O4 - HKLM…\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM…\Run: [EanthologyApp] “C:\Program Files\Common Files\eAcceleration\eanthology.exe” /b Startup
O4 - HKLM…\Run: [stopSignSsTsMon] Rundll32.exe “C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll”,VerifyStatus
O4 - HKLM…\Run: [webscan] C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe -k
O4 - HKLM…\Run: [bearShare] “C:\Program Files\BearShare\BearShare.exe” /pause
O4 - HKLM…\Run: [WhenUSave] “C:\Program Files\Save\Save.exe”
O4 - HKLM…\Run: [APVXDWIN] “C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE” /s
O4 - HKLM…\RunOnce: [stopSignSsTsMon] Rundll32.exe “C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll”,VerifyStatus /ro
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU…\Run: [Yahoo! Pager] “C:\Program Files\Yahoo!\Messenger\ypager.exe” -quiet
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [p2pnetwork] p2pnetwork.exe
O4 - HKCU…\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra ‘Tools’ menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/share … insctl.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promot … WebAAS.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/share … cgdmgr.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashserv.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
wylacz przywracanie systemu w xp
usuwasz:
-calkowicie i recznie
za pomoca hijacka fixujesz:
dajesz kolejny log
Powiedz jeszcze po co ci są potrzebne 3 programy antywirusowe??
Zastanow sie nad tym 
Zainstaluj SP2.
oto kolejny log, ale nie wydaje mi sie, zeby usuniecie “save” cos zmienilo. To cos przychodzi z BearShare i do tej pory nie bylo zlosliwe. To na pewno cos innego powoduje problem.
A 3 programy antywirusowe to tylko na dzis bo jestem zdesperowana przez ten biegajacy kursor. Przedtem mialam tylko 1, ale jak widzisz nic mi on nie dal bo ciagle wpuszcza wirusy. Nie wiem po co sa programy antywirusowe skoro i tak mam wirusy. A tak poza tym to kazdy program dzisiaj znalazl mi innego wirusa. Co mam o tym sadzic? Czy jak zainstaluje 10 kolejnych programow to znajda mi jeszcze inne wirusy?
Logfile of HijackThis v1.99.1
Scan saved at 00:29:41, on 06/06/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Common Files\eAcceleration\eanthology.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashserv.exe
C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
C:\WINDOWS\System32\wuauclt.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Emi\Desktop\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [VTTimer] VTTimer.exe
O4 - HKLM…\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O4 - HKLM…\Run: [TotalRecorderScheduler] C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM…\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe files\mcafee.com\agent\mcagent.exe
O4 - HKLM…\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
O4 - HKLM…\Run: [_AntiSpyware] C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
O4 - HKLM…\Run: [VSOCheckTask] “c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe” /checktask
O4 - HKLM…\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM…\Run: [EanthologyApp] “C:\Program Files\Common Files\eAcceleration\eanthology.exe” /b Startup
O4 - HKLM…\Run: [stopSignSsTsMon] Rundll32.exe “C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll”,VerifyStatus
O4 - HKLM…\Run: [webscan] C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe -k
O4 - HKLM…\Run: [bearShare] “C:\Program Files\BearShare\BearShare.exe” /pause
O4 - HKLM…\Run: [APVXDWIN] “C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE” /s
O4 - HKLM…\Run: [eanth_critical_update_alert] C:\PROGRA~1\ACCELE~1\ANTI-V~1\EANTH_~1.EXE /Startup
O4 - HKLM…\RunOnce: [stopSignSsTsMon] Rundll32.exe “C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll”,VerifyStatus /ro
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU…\Run: [Yahoo! Pager] “C:\Program Files\Yahoo!\Messenger\ypager.exe” -quiet
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [p2pnetwork] p2pnetwork.exe
O4 - HKCU…\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra ‘Tools’ menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/share … insctl.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promot … WebAAS.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/share … cgdmgr.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashserv.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe