Prosze o sprawdzenie loga!


(Dziadoszolszyk) #1

Logfile of HijackThis v1.99.1

Scan saved at 18:27:16, on 2005-03-12

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

D:\WINNT\System32\smss.exe

D:\WINNT\SYSTEM32\winlogon.exe

D:\WINNT\system32\services.exe

D:\WINNT\system32\lsass.exe

D:\WINNT\system32\svchost.exe

D:\WINNT\system32\spoolsv.exe

D:\WINNT\system32\ZoneLabs\isafe.exe

D:\WINNT\System32\svchost.exe

E:\programy\ghoust norton\GhostStartService.exe

D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kavmm.exe

D:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe

D:\WINNT\system32\nvsvc32.exe

D:\WINNT\system32\regsvc.exe

D:\WINNT\system32\MSTask.exe

D:\WINNT\system32\ZONELABS\vsmon.exe

D:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe

D:\WINNT\System32\WBEM\WinMgmt.exe

D:\WINNT\system32\svchost.exe

D:\WINNT\Explorer.EXE

D:\WINNT\SOUNDMAN.EXE

D:\Program Files\D-Tools\daemon.exe

D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe

D:\WINNT\system32\ctfmon.exe

D:\Program Files\Gadu-Gadu\gg.exe

D:\WINNT\system32\RaConfig.exe

D:\WINNT\system32\rundll32.exe

D:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe

D:\Program Files\Internet Explorer\IEXPLORE.EXE

D:\Program Files\BitTorrent\btdownloadgui.exe

E:\download\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 148.244.150.58:80

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - Default URLSearchHook is missing

F2 - REG:system.ini: UserInit=D:\WINNT\svchost32.exe,D:\Documents and Settings\szmelc1\Pulpit\Serwer.exe,D:\WINNT\svchost32.exe,D:\WINNT\system32\userinit.exe,

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - (no file)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINNT\system32\msdxm.ocx

O4 - HKLM..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINNT\system32\NvCpl.dll,NvStartup

O4 - HKLM..\Run: [nwiz] nwiz.exe /install

O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINNT\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM..\Run: [Resume copy] copyfstq.exe /startup

O4 - HKLM..\Run: [KASP] "D:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\OESpamTest.exe"

O4 - HKLM..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM..\Run: [KAV50] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe" -run -n PersonalPro -v 5.0.0.0 -chkss

O4 - HKLM..\Run: [DC++] D:\Program Files\DC++\DCPlusPlus.exe

O4 - HKLM..\Run: [MKS_MENU] D:\Program Files\MKS\Bin\mks_menu.exe

O4 - HKCU..\Run: [ctfmon.exe] ctfmon.exe

O4 - HKCU..\Run: [sys32] D:\WINNT\sys32.exe

O4 - HKCU..\Run: [Gadu-Gadu] "D:\Program Files\Gadu-Gadu\PowerGG.exe"

O4 - HKCU..\Run: [star Downloader Free] D:\Program Files\Star Downloader\stardown.exe

O4 - Global Startup: RaConfig.lnk = D:\WINNT\system32\RaConfig.exe

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm

O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht! http://bin.wordsx.cc/sIls2808UaacOitp5FjP.chm::/on-line.exe

O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - ms-its:mhtml:file://c:\nosuxxx.mht! http://acc2.gateone.ath.cx/script/loud.chm::/Bridge-c139.cab

O17 - HKLM\System\CCS\Services\Tcpip..{7A334118-E46C-4335-98DD-B93E1AB8762D}: NameServer = 194.204.159.1,194.204.152.34

O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - D:\WINNT\system32\ZoneLabs\isafe.exe

O23 - Service: Usługa administracyjna Menedżera dysków logicznych (dmadmin) - VERITAS Software Corp. - D:\WINNT\System32\dmadmin.exe

O23 - Service: GhostStartService - Symantec Corporation - E:\programy\ghoust norton\GhostStartService.exe

O23 - Service: Kaspersky Anti-Virus Service (KLBLMain) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kavmm.exe

O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - D:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINNT\system32\nvsvc32.exe

O23 - Service: Office Source Engine (ose) - Unknown owner - D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - D:\WINNT\system32\ZONELABS\vsmon.exe


(Musg) #2

usun

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/

R3 - Default URLSearchHook is missing

O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - (no file)

O4 - HKCU..\Run: [sys32] D:\WINNT\sys32.exe

O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht! http://bin.wordsx.cc/sIls2808UaacOitp5FjP.chm::/o n-line.exe

O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - ms-its:mhtml:file://c:\nosuxxx.mht! http://acc2.gateone.ath.cx/script/loud.chm::/ Bridge-c139.cab

O23 - Service: Office Source Engine (ose) - Unknown owner - D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)

scan

http://forum.dobreprogramy.pl/viewtopic.php?t=17671

i dajesz raz jeszcze log


(Comend@nte) #3

Tego to juz nie trzeba ??:

F2 - REG:system.ini: UserInit=D:\WINNT\svchost32.exe,D:\Documents and Settings\szmelc1\Pulpit\Serwer.exe,D:\WINNT\svchost32.exe,D:\WINNT\system32\userinit.exe,

Pliki tez won


(Dziadoszolszyk) #4

Wrzucam jeszcze raz loga:

Logfile of HijackThis v1.99.1

Scan saved at 14:45:41, on 2005-03-13

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

D:\WINNT\System32\smss.exe

D:\WINNT\system32\csrss.exe

D:\WINNT\SYSTEM32\winlogon.exe

D:\WINNT\system32\services.exe

D:\WINNT\system32\lsass.exe

D:\WINNT\system32\svchost.exe

D:\WINNT\system32\spoolsv.exe

D:\WINNT\system32\ZoneLabs\isafe.exe

D:\WINNT\System32\svchost.exe

E:\programy\ghoust norton\GhostStartService.exe

D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kavmm.exe

D:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe

D:\WINNT\system32\nvsvc32.exe

D:\WINNT\system32\regsvc.exe

D:\WINNT\system32\MSTask.exe

D:\WINNT\System32\WBEM\WinMgmt.exe

D:\WINNT\system32\svchost.exe

D:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe

D:\WINNT\Explorer.EXE

D:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe

D:\WINNT\SOUNDMAN.EXE

D:\Program Files\D-Tools\daemon.exe

D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe

D:\WINNT\system32\ctfmon.exe

D:\WINNT\system32\rundll32.exe

D:\WINNT\system32\RaConfig.exe

D:\Program Files\Gadu-Gadu\gg.exe

D:\Program Files\Winamp\winamp.exe

D:\Program Files\Internet Explorer\iexplore.exe

D:\Program Files\Outlook Express\msimn.exe

E:\download\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINNT\system32\msdxm.ocx

O4 - HKLM..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINNT\system32\NvCpl.dll,NvStartup

O4 - HKLM..\Run: [nwiz] nwiz.exe /install

O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINNT\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM..\Run: [Resume copy] copyfstq.exe /startup

O4 - HKLM..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM..\Run: [KAV50] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe" -run -n PersonalPro -v 5.0.0.0 -chkss

O4 - HKCU..\Run: [ctfmon.exe] ctfmon.exe

O4 - HKCU..\Run: [Gadu-Gadu] "D:\Program Files\Gadu-Gadu\PowerGG.exe"

O4 - HKCU..\Run: [spySweeper] "D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0

O4 - Global Startup: RaConfig.lnk = D:\WINNT\system32\RaConfig.exe

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm

O17 - HKLM\System\CCS\Services\Tcpip..{7A334118-E46C-4335-98DD-B93E1AB8762D}: NameServer = 194.204.159.1,194.204.152.34

O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - D:\WINNT\system32\ZoneLabs\isafe.exe

O23 - Service: Usługa administracyjna Menedżera dysków logicznych (dmadmin) - VERITAS Software Corp. - D:\WINNT\System32\dmadmin.exe

O23 - Service: GhostStartService - Symantec Corporation - E:\programy\ghoust norton\GhostStartService.exe

O23 - Service: Kaspersky Anti-Virus Service (KLBLMain) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kavmm.exe

O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - D:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINNT\system32\nvsvc32.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - D:\WINNT\system32\ZONELABS\vsmon.exe

Skanowałem tymi skanerami z topicu http://forum.dobreprogramy.pl/viewtopic.php?t=17671. Wykryło troche cookies ale wirków i trojanów nie było!!

MAm jeszcze jedno pytańko. Czy Kerio nie gryzie sie z Zone no bo ja mam to i to naraz zainstalowane i nie wiem czy to dobre wyjście!! Który jest lepszy moze odinstalować któryś??

Aha wrzuce jeszcze loga z Kerio bo mnie ostro niepokoji:

"Ids" action = 'detected', raddr = '84.252.142.78', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan

[12/Mar/2005 16:54:20] "Ids" action = 'detected', raddr = '84.252.142.78', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan

[12/Mar/2005 16:54:47] "Ids" action = 'detected', raddr = '84.252.142.78', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan

[12/Mar/2005 16:55:36] "Ids" action = 'detected', raddr = '84.252.142.78', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan

[12/Mar/2005 17:39:48] "Ids" action = 'detected', raddr = '212.2.101.231', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan

[12/Mar/2005 17:40:39] "Ids" action = 'detected', raddr = '212.2.101.231', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan

[12/Mar/2005 17:41:33] "Ids" action = 'detected', raddr = '212.2.101.231', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan

[12/Mar/2005 18:19:50] "Ids" action = 'detected', raddr = '217.27.212.125', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan

[12/Mar/2005 18:20:32] "Ids" action = 'detected', raddr = '217.27.212.125', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan

[12/Mar/2005 18:21:22] "Ids" action = 'detected', raddr = '217.27.212.125', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan

[12/Mar/2005 19:02:43] "Ids" action = 'deny', raddr = '213.130.246.32', msg = 'BACKDOOR trojan active theprayer1', url = 'http://www.whitehats.com/info/IDS48', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:02:47] "Ids" action = 'deny', raddr = '213.130.246.32', msg = 'BACKDOOR trojan active theprayer1', url = 'http://www.whitehats.com/info/IDS48', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:02:52] "Ids" action = 'deny', raddr = '213.130.246.32', msg = 'BACKDOOR trojan active theprayer1', url = 'http://www.whitehats.com/info/IDS48', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:11:03] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:11:07] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:11:14] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:13:39] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:13:43] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:13:48] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:16:13] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:16:19] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:16:23] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:18:45] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:18:49] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:18:54] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:21:23] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:21:25] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:21:31] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:23:31] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:23:34] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[12/Mar/2005 19:23:40] "Ids" action = 'deny', raddr = '213.114.250.64', msg = 'BACKDOOR trojan active aimspy', url = 'http://www.whitehats.com/info/IDS114', direc = 'in', class = 'successful-user', priority = high

[13/Mar/2005 14:32:31] "Ids" action = 'detected', raddr = '193.110.109.55', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan

Strasznie dużo tych BACKDOORów jest ( to jest 1/20 wszystkiego) !!


(Comend@nte) #5

Zablokowałbym to IP: 213.114.250.64 w hostsie


(Musg) #6

tu masz program do blokowania portow

http://www.firewallleaktester.com/wwdc.htm

a kerio dziala poprawnie.Ja mam firewalla kaspra i tez mam podobna ilosc atakow.Zamknij porty tym programem


(Comend@nte) #7

Tak ale jakich ?? Ja tu widze samo IP, port byłby jakbys miał dwukropek na koncu po IP + numerek portu. np. 192.168.12.1:135 (135 to port w tym przypadku)

Poza tym to zwykłe skanowanie

Chyba ze zablokowac cały ruch sieciowy, ale to szybciej byloby kabel internetowy wypiąć w takim wpadku. :stuck_out_tongue:


(Musg) #8

jasne fajnie ze program

http://www.firewallleaktester.com/wwdc.htm.

blokuje caly ruch w sieci.Gratuluje wiedzy.Napisał przeciez ,ze kerio...ech szkoda slow.Cmydrek zapoznaj sie z programem i poblokuj porty.Zobaczysz ,ze kerio znacznie bardziej przestanie sie uaktywniac.


(Comend@nte) #9

To chyba dobrze ze FW zgłasza jakies skanowania portow chyba od tego jest ?? To ze jakis inny bedzie zgłaszał ich mniej to chyba znaczy lepszy jest, chyba raczej odwrotnie.

Tworzysz regułe ze ma cie nie powiadamiac wiecej o konkretnym alercie i wsio. Masz pare okienek od niego mniej.

lazikar - easy :slight_smile:


(Dziadoszolszyk) #10

No zablokowałem pare portów!! zobacze jak sie teraz kerio bedzie sprawować !!


(Musg) #11

zgadza sie.Mozesz byc spokojny.


(Magik) #12

musq i Comend@nte

usunąłem z waszych postów prywatne docinki, pozostawiając treść merytoryczną.

Prawcie sobie "komplementy" na PW.


(Musg) #13

polecam rowniez zainstalowanie jakiejs alternatywnej przegladarki dla IE

są bezpieczniejsze i nie atakowane tak jak komercyjny IE

mozesz sobie zainstalowac np.

http://www.dobreprogramy.pl/index.php?dz=2&id=638&t=17

to zwiekszy bezpieczenstwo twojego systemu.


(Kuz5) #14

Usuń jeszcze to:

Alexa

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm


(Dziadoszolszyk) #15

scanowałem sobie porty progsem SCANPORT i dalej mam otwarte ok 10 portów!! W kerio dalej mam dużo logów z tymi BACKDOORAMI!! Zainstaluje tego FireFoxa i zobacze jak to bedzie działać !!


(Musg) #16

Kup xp

a moze wyczysc jeszcze rejestr i folder temp.-

?

Tu masz program do czyszczenia rejestru

format i zakup windy xp to ostatecznosc.Po co masz ponosic dodatkowe koszty.


(Dziadoszolszyk) #17

nie robiłem formata!! troszke posprzątałem na dysku i jest lepiej! !!


(Musg) #18

czy czasami nie za bardzo posprzatales?Uzywales programu

jv16 PowerTools 1.3.0.195 do czyszczenia dysku?


(Dziadoszolszyk) #19

a co powiecie na WINDOWSA 2003 Enetrprice Edition (darmowa przez 180dni)???? moze to warto zainstalować?? jak myslicie jest bardziej stabilny niż 2000pro czy nie???