wirusy:(:(:(

[Czolg]

hej!!!

mam sprawe to cały czas mnie wkuza co10 sekund włacza mi sie taka stronka http://www.0wn3.com/ nie wiem co zrobic zeby sie nie uruchamiała mozecie mi tez polecic jakis dobry program antywirusowy?

pzdr Czolg

[michal1651]

Polecam ci avast super progarm zaraz podam ci linka

[prog]

tutaj masz wersje darmowa avasta po polsku
http://files.avast.com/iavs4pro/setuppol.exe

co10 sekund włacza mi sie taka stronka http://www.0wn3.com/

przeskanuj Ad-aware, spybotem i wrzuć loga z HijackThis i oblookamy

PZDR

PS. może użyj jakiegoś Pop-up killera?

[Czolg]

ale jak skanuje komputer www.mks.com.pl to wykrywa wirusy a jak skanuje avastem to on nic nie wykrywa:(

[prog]

to weż rzuć loga z HijackThis i skannij jakimś SpyBotem czy Ad-aware


PZDR

[Czolg]

Kod: Zaznacz wszystko

Logfile of HijackThis v1.99.1
Scan saved at 17:38:44, on 2005-07-05
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\internet.exe
C:\WINDOWS\System32\secsvc.exe
C:\WINDOWS\System32\wcsnfty.exe
C:\WINDOWS\System32\mouse.exe
C:\WINDOWS\System32\wincfgkop9.exe
C:\WINDOWS\System32\service.exe
C:\Program Files\Tlen.pl\tlen.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\foobar2000\foobar2000.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\win64.exe
C:\Documents and Settings\Neo\Pulpit\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://terrarystyka.pl/forum
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\fcbho.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [internet] C:\WINDOWS\internet.exe
O4 - HKLM\..\Run: [System Event Manager] secsvc.exe
O4 - HKLM\..\Run: [Microsoft Update 32] wininit.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Microsoft Update Services] wcsnfty.exe
O4 - HKLM\..\Run: [mouse] mouse.exe
O4 - HKLM\..\Run: [WinConfig9324] wincfgkop9.exe
O4 - HKLM\..\Run: [Microsoft Services] service.exe
O4 - HKLM\..\Run: [Win64 configuration] win64.exe
O4 - HKLM\..\RunServices: [System Event Manager] secsvc.exe
O4 - HKLM\..\RunServices: [Microsoft Update 32] wininit.exe
O4 - HKLM\..\RunServices: [Microsoft Update Services] wcsnfty.exe
O4 - HKLM\..\RunServices: [mouse] mouse.exe
O4 - HKLM\..\RunServices: [WinConfig9324] wincfgkop9.exe
O4 - HKLM\..\RunServices: [Win64 configuration] win64.exe
O4 - HKCU\..\Run: [IExplorer7 Java Scripting] IExplore327.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [update.exe] C:\Program Files\Common Files\update.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to &Teleport - C:\Program Files\Teleport Pro\teleport.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files\FlashCapture\fciext.dll/FCIEXT.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{867D628E-B97C-49B3-A064-A16185E61A1E}: NameServer = 195.114.181.130 195.114.161.61
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

[prog]

delete

Kod: Zaznacz wszystko

C:\WINDOWS\internet.exe

C:\WINDOWS\System32\secsvc.exe - usun też RĘCZNIE

C:\WINDOWS\System32\win64.exe

O4 - HKLM\..\Run: [internet] C:\WINDOWS\internet.exe

O4 - HKLM\..\Run: [System Event Manager] secsvc.exe

O4 - HKLM\..\Run: [Microsoft Services] service.exe          

O4 - HKLM\..\Run: [Win64 configuration] win64.exe

O4 - HKLM\..\RunServices: [System Event Manager] secsvc.exe

O4 - HKLM\..\RunServices: [Win64 configuration] win64.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
       
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)



PS. SP2 się kłania

PZDR

[Czolg]

ale mozesz mi napisac jak sie usuwa bo ja sie za bardz na tym programiku nie znam

[prog]

poprostu robisz SCAN i wyswietla ci sie lista.....obok każdego wpisu jest kwadracik, obok tych wpisow co podalem klikasz na ten kwadracik i potem klikasz na button Fix checked

PZDR

[Tom@szek]

Kod: Zaznacz wszystko

C:\WINDOWS\System32\win64.exe

- usunąć ręcznie

Kod: Zaznacz wszystko

C:\WINDOWS\internet.exe


- ręcznie
Wpisy kasowac w hijackthis