Underek
(Hilary42)
18 Styczeń 2007 16:26
#1
Witam żeby napisać tego posta czekalem prawie 20 min. ale nie o tym ten post mianowicie caly PC i Internet mi zwalnia wszystko sie tnie i wiesza poznikamy mi zapisy gier i niektóre pliki oraz ktos ukradł mi jakoś pasy do Tibi
Logfile of HijackThis v1.99.1
Scan saved at 17:14:50, on 2007-01-18
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\iTunes\iTunesHelper.exe
C:\windows\system\scvhost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
F:\Program Files\ewido anti-malware\ewidoctrl.exe
D:\Program Files\iPod\bin\iPodService.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Alwil Software\Avast4\ashDisp.exe
D:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
D:\Documents and Settings\bbbb\Pulpit\TORRENT\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.imesh.com/intl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.netscape.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.netscape.com/home/winsearch200.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Gadu-Gadu] "F:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [scvhost] c:\windows\system\scvhost.exe
O4 - Startup: Rozmowa.lnk = F:\Program Files\Wirtualna Polska\System syntezy mowy\rozmowy.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F6AE2BF-D96E-4A81-85CC-08F83FE34199}: NameServer = 194.204.159.1,194.204.152.34
O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - F:\Program Files\Spik\url_wpmsg.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
“Silent Runners.vbs”, revision 43, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} “Gadu-Gadu” = ““F:\Program Files\Gadu-Gadu\gg.exe” /tray” [“Gadu-Gadu S.A.”] “scvhost” = “c:\windows\system\scvhost.exe” [null data] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} “KernelFaultCheck” = “D:\WINDOWS\system32\dumprep 0 -k” [MS] “TkBellExe” = ““D:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot” [“RealNetworks, Inc.”] “QuickTime Task” = ““D:\Program Files\QuickTime\qttask.exe” -atboottime” [“Apple Computer, Inc.”] “iTunesHelper” = ““F:\Program Files\iTunes\iTunesHelper.exe”” [“Apple Computer, Inc.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = “AcroIEHlprObj Class” [from CLSID] -> {CLSID}\InProcServer32(Default) = “F:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx” [empty string] {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}(Default) = “Megaupload Toolbar” [from CLSID] -> {CLSID}\InProcServer32(Default) = “D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL” [“MegaUpload”] {53707962-6F74-2D53-2644-206D7942484F}(Default) = (no title provided) -> {CLSID}\InProcServer32(Default) = “E:\PROGRA~1\SPYBOT~1\SDHelper.dll” [“Safer Networking Limited”] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ “{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Rozszerzenie CPL kadrowania wyświetlania” -> {CLSID}\InProcServer32(Default) = “deskpan.dll” [file not found] “{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu” -> {CLSID}\InProcServer32(Default) = “D:\WINDOWS\System32\hticons.dll” [“Hilgraeve, Inc.”] “{0006F045-0000-0000-C000-000000000046}” = “Microsoft Outlook Custom Icon Handler” -> {CLSID}\InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL” [MS] “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension” -> {CLSID}\InProcServer32(Default) = “E:\Program Files\WinRAR\rarext.dll” [null data] “{21569614-B795-46b1-85F4-E737A8DC09AD}” = “Shell Search Band” -> {CLSID}\InProcServer32(Default) = “D:\WINDOWS\system32\browseui.dll” [MS] “{472083B0-C522-11CF-8763-00608CC02F24}” = “avast” -> {CLSID}\InProcServer32(Default) = “E:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”] “{5E2121EE-0300-11D4-8D3B-444553540000}” = “Dodatki Spika” -> {CLSID}\InProcServer32(Default) = “F:\Program Files\Spik\shellext_wpmsg.dll” [“Wirtualna Polska”] “{B4B924A2-EBDA-11DA-95DA-00E08161165F}” = “Dodatki Spika” -> {CLSID}\InProcServer32(Default) = “F:\Program Files\Spik\shellext_wpmsg.dll” [“Wirtualna Polska”] “{E54B19BC-69B6-43B2-A1F2-15BBC1D72C93}” = “wodShellMenu” -> {CLSID}\InProcServer32(Default) = “D:\WINDOWS\system32\wodShellMenu.dll” [“WeOnlyDo! COM”] “{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}” = “Shell Extensions for RealOne Player” -> {CLSID}\InProcServer32(Default) = “D:\Program Files\Real\RealPlayer\rpshell.dll” [“RealNetworks, Inc.”] “{640167b4-59b0-47a6-b335-a6b3c0695aea}” = “Portable Media Devices” -> {CLSID}\InProcServer32(Default) = “D:\WINDOWS\system32\Audiodev.dll” [MS] “{cc86590a-b60a-48e6-996b-41d25ed39a1e}” = “Portable Media Devices Menu” -> {CLSID}\InProcServer32(Default) = “D:\WINDOWS\system32\Audiodev.dll” [MS] “{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}” = “iTunes” -> {CLSID}\InProcServer32(Default) = “F:\Program Files\iTunes\iTunesMiniPlayer.dll” [“Apple Computer, Inc.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ INFECTION WARNING! “{54D9498B-CF93-414F-8984-8CE7FDE0D391}” = “ewido shell guard” -> {CLSID}\InProcServer32(Default) = “F:\Program Files\ewido anti-malware\shellhook.dll” ["TODO: "] INFECTION WARNING! “{57B86673-276A-48B2-BAE7-C6DBB3020EB8}” = “AVG Anti-Spyware 7.5” -> {CLSID}\InProcServer32(Default) = “F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll” [“Anti-Malware Development a.s.”] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ INFECTION WARNING! AtiExtEvent\DLLName = “Ati2evxx.dll” [“ATI Technologies Inc.”] HKLM\Software\Classes*\shellex\ContextMenuHandlers\ avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}” -> {CLSID}\InProcServer32(Default) = “E:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”] AVG Anti-Spyware(Default) = “{8934FCEF-F5B8-468f-951F-78A921CD3920}” -> {CLSID}\InProcServer32(Default) = “F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll” [“Anti-Malware Development a.s.”] Spik(Default) = “{B4B924A2-EBDA-11DA-95DA-00E08161165F}” -> {CLSID}\InProcServer32(Default) = “F:\Program Files\Spik\shellext_wpmsg.dll” [“Wirtualna Polska”] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {CLSID}\InProcServer32(Default) = “E:\Program Files\WinRAR\rarext.dll” [null data] wodShellMenu(Default) = “{E54B19BC-69B6-43B2-A1F2-15BBC1D72C93}” -> {CLSID}\InProcServer32(Default) = “D:\WINDOWS\system32\wodShellMenu.dll” [“WeOnlyDo! COM”] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ AVG Anti-Spyware(Default) = “{8934FCEF-F5B8-468f-951F-78A921CD3920}” -> {CLSID}\InProcServer32(Default) = “F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll” [“Anti-Malware Development a.s.”] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {CLSID}\InProcServer32(Default) = “E:\Program Files\WinRAR\rarext.dll” [null data] wodShellMenu(Default) = “{E54B19BC-69B6-43B2-A1F2-15BBC1D72C93}” -> {CLSID}\InProcServer32(Default) = “D:\WINDOWS\system32\wodShellMenu.dll” [“WeOnlyDo! COM”] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}” -> {CLSID}\InProcServer32(Default) = “E:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”] Spik(Default) = “{B4B924A2-EBDA-11DA-95DA-00E08161165F}” -> {CLSID}\InProcServer32(Default) = “F:\Program Files\Spik\shellext_wpmsg.dll” [“Wirtualna Polska”] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {CLSID}\InProcServer32(Default) = “E:\Program Files\WinRAR\rarext.dll” [null data] wodShellMenu(Default) = “{E54B19BC-69B6-43B2-A1F2-15BBC1D72C93}” -> {CLSID}\InProcServer32(Default) = “D:\WINDOWS\system32\wodShellMenu.dll” [“WeOnlyDo! COM”] Active Desktop and Wallpaper: ----------------------------- Active Desktop is disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState HKCU\Control Panel\Desktop\ “Wallpaper” = “D:\Documents and Settings\bbbb\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Startup items in “bbbb” & “All Users” startup folders: ------------------------------------------------------ D:\Documents and Settings\bbbb\Menu Start\Programy\Autostart “Rozmowa” -> shortcut to: “F:\Program Files\Wirtualna Polska\System syntezy mowy\rozmowy.exe” [empty string] D:\Documents and Settings\All Users\Menu Start\Programy\Autostart “Microsoft Office” -> shortcut to: “D:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l” [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS] 000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ “{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}” = “Megaupload Toolbar” [from CLSID] -> {CLSID}\InProcServer32(Default) = “D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL” [“MegaUpload”] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ “{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}” = “Megaupload Toolbar” [from CLSID] -> {CLSID}\InProcServer32(Default) = “D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL” [“MegaUpload”] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Ati HotKey Poller, Ati HotKey Poller, “D:\WINDOWS\System32\Ati2evxx.exe” [“ATI Technologies Inc.”] avast! Antivirus, avast! Antivirus, ““E:\Program Files\Alwil Software\Avast4\ashServ.exe”” [null data] avast! iAVS4 Control Service, aswUpdSv, ““E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe”” [null data] avast! Mail Scanner, avast! Mail Scanner, ““E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe” /service” [“ALWIL Software”] avast! Web Scanner, avast! Web Scanner, ““E:\Program Files\Alwil Software\Avast4\ashWebSv.exe” /service” [“ALWIL Software”] ewido security suite control, ewido security suite control, “F:\Program Files\ewido anti-malware\ewidoctrl.exe” [“ewido networks”] iPod Service, iPod Service, ““D:\Program Files\iPod\bin\iPodService.exe”” [“Apple Computer, Inc.”] Windows User Mode Driver Framework, UMWdf, “D:\WINDOWS\system32\wdfmgr.exe” [MS] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ hpzsnt08\Driver = “hpzsnt08.dll” [“HP”] ---------- + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 149 seconds. + The search for all Registry CLSIDs containing dormant Explorer Bars took 34 seconds. ---------- (total run time: 255 seconds)
adam9870
(adam9870)
18 Styczeń 2007 16:31
#2
Ściągasz program KillBox , zaznaczasz Delete on reboot , w polu full path of file wklej ścieżkę:
c:\windows\system\scvhost.exe
Klikasz X czerwony i restart kompa.
Wpisy usuń HJT.
Po wykonaniu wklej nowe logi.
Underek
(Hilary42)
18 Styczeń 2007 16:39
#3
ja mam w na d czyli zamiast c dac d czy nie :o
adam9870
(adam9870)
18 Styczeń 2007 16:41
#4
Plik jest wykrywany na partycji C dlatego właśnie z niej należy go usunąć.
Underek
(Hilary42)
18 Styczeń 2007 16:55
#5
Zrobione ot to log.
Logfile of HijackThis v1.99.1 Scan saved at 17:58:52, on 2007-01-18 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\System32\Ati2evxx.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Common Files\Real\Update_OB\realsched.exe F:\Program Files\iTunes\iTunesHelper.exe E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe E:\Program Files\Alwil Software\Avast4\ashServ.exe F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe F:\Program Files\ewido anti-malware\ewidoctrl.exe D:\Program Files\iPod\bin\iPodService.exe E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe E:\Program Files\Alwil Software\Avast4\ashWebSv.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Documents and Settings\bbbb\Pulpit\TORRENT\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.imesh.com/intl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.netscape.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.netscape.com/home/winsearch200.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM…\Run: [TkBellExe] “D:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot O4 - HKLM…\Run: [QuickTime Task] “D:\Program Files\QuickTime\qttask.exe” -atboottime O4 - HKLM…\Run: [iTunesHelper] “F:\Program Files\iTunes\iTunesHelper.exe” O4 - HKCU…\Run: [Gadu-Gadu] “F:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - Startup: Rozmowa.lnk = F:\Program Files\Wirtualna Polska\System syntezy mowy\rozmowy.exe O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE O17 - HKLM\System\CCS\Services\Tcpip…{5F6AE2BF-D96E-4A81-85CC-08F83FE34199}: NameServer = 194.204.159.1,194.204.152.34 O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - F:\Program Files\Spik\url_wpmsg.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
Co to było jaka mogla byc przyczyna złapania tego czegoś??
adam9870
(adam9870)
18 Styczeń 2007 16:58
#6
Czysto.
Miałeś zwykłego robaka którego można złapać podczas np. przeglądania stron.
Możesz pozamykać porty robakom. W tym celu użyj Windows Worms Doors Cleanera zmień znaczki z disable na enable (wszystkie znaczki maja być na zielono, jeżeli któryś z nich będzie na żółto to go zostaw). Po użyciu narzędzia wymagany jest restart.
Możesz zajrzeć: Optymalizacja i odchudzanie Windowsa XP .
Underek
(Hilary42)
18 Styczeń 2007 16:59
#7
P.S. Jak mozna sie bronić przed tego typu wirami.
Złączono Posty : 18.01.2007 (Czw) 18:01
Napewno sie pobawie tymi programami Dzięki.
adam9870
(adam9870)
18 Styczeń 2007 17:10
#8
Trzeba mieć dobre programy zabezpieczające (Ty mniej więcej je masz), na bieżąco aktualizować system, mieć zainstalowany dodatek Service Pack 2 oraz zamknięte porty. Oczywiście poza tym trzeba w rozsądny sposób korzystać z internetu np. nie odwiedzać nie znanych stron etc.
Underek
(Hilary42)
18 Styczeń 2007 18:01
#9
To co dodac to mojego zestawu??
Joan
(Joan Sunshine)
18 Styczeń 2007 18:47
#10
IMO jest ok. Możesz dorzucić Adaware
http://www.lavasoftusa.com/software/adaware/ i firewalla
Underek
(Hilary42)
22 Styczeń 2007 18:10
#11
Joan:
firewalla
Mam SP2 nie wystarcza???
Złączono Posty : 22.01.2007 (Pon) 19:14
Strona nie chce sie włączyc
Stgmp
(Stgmp)
22 Styczeń 2007 18:23
#12
adam9870
(adam9870)
22 Styczeń 2007 18:25
#13
Joan napisała “możesz” ale nie musisz. Równocześnie może być włączona zapora systemu Windows oraz osobny firewall (np. Kerio). Ale decyzja należy do Ciebie.
Możesz zajrzeć:
http://forum.dobreprogramy.pl/viewtopic.php?t=126537
W takim razie spróbuj pobrać stąd:
http://dobreprogramy.pl/index.php?dz=2&id=107&t=82
Ale skoro masz AVG Anti-Spyware to nie musisz instalować jeszcze ad-adware, ponieważ są to programy tego samego typu, a moim zdaniem AVG jest nieco skuteczniejszy.