Spybot to obecnie bardzo słaby program i dlatego napisałem żeby odinstalować.
Norton nadal normalnie działa, bo zobacz w logu uruchomione procesy (PRC), usługi (SRV) i sterowniki (DRV) od tego programu.
PRC - [2011-11-30 04:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe
SRV - [2011-11-30 04:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe -- (NIS)
DRV:[b]64bit:[/b] - [2012-02-22 19:50:22 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2011-11-24 04:23:47 | 001,092,728 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1305000.091\symefa64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2011-11-24 03:50:27 | 000,738,936 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1305000.091\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2011-11-24 03:50:27 | 000,037,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1305000.091\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2011-11-17 05:37:59 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1305000.091\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2011-11-17 05:17:49 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1305000.091\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2011-11-05 01:59:30 | 000,167,048 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1305000.091\ccsetx64.sys -- (ccSet_NIS)
DRV:[b]64bit:[/b] - [2011-05-16 22:03:26 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1305000.091\symds64.sys -- (SymDS)
DRV - [2012-02-25 10:25:49 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20120224.034\ex64.sys -- (NAVEX15)
DRV - [2012-02-25 10:25:49 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20120224.034\eng64.sys -- (NAVENG)
DRV - [2012-02-21 21:54:14 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012-02-17 17:28:52 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20120224.002\IDSviA64.sys -- (IDSVia64)
DRV - [2012-02-15 22:50:02 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20120215.001\BHDrvx64.sys -- (BHDrvx64)
Użyj Norton Removal Tool
Do okna Własne opcje skanowania / skrypt wklej:
:OTL IE - HKLM…\SearchScopes{E627DC4B-8C04-4234-A2D4-1D634EE01C41}: “URL” = http://fastestwebsearch.com/search?q={searchterms} IE - HKU\S-1-5-21-3094126470-2612197122-2740923704-1000…\SearchScopes{E627DC4B-8C04-4234-A2D4-1D634EE01C41}: “URL” = http://fastestwebsearch.com/search?q={searchterms} O4 - HKLM…\Run: [] File not found O4 - HKLM…\Run: [NPSStartup] File not found O4 - HKU\S-1-5-19…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found F3:64bit: - HKU\S-1-5-21-3094126470-2612197122-2740923704-1000 WinNT: Load - (C:\Users\Przemek\LOCALS~1\Temp\ccrzmx.exe) - File not found F3 - HKU\S-1-5-21-3094126470-2612197122-2740923704-1000 WinNT: Load - (C:\Users\Przemek\LOCALS~1\Temp\ccrzmx.exe) - File not found [2013-07-03 21:02:00 | 000,000,392 | ---- | M] () – C:\Windows\tasks\update-sys.job [2013-03-21 21:07:46 | 000,759,908 | ---- | C] ( ) – C:\Users\Przemek\AppData\Local\defsea1.exe :Commands [emptytemp]
Kliknij Wykonaj skrypt i zatwierdź restart.
Pokaż raport z usuwania i nowy log Skanuj.