mam nortona i nie wiem jak usunac spyware

IP: *.cable.ubr03.craw.blueyonder.co.uk 12.08.06, 12:02
Skanowalam komputer wykryl dwa wirusy i pokazal mi ze zostaly one
automatycznie usuniete..znowu przeskanowalam komp tym razem nic wszystko ok a
mi wyskakuja hasla ostrzezenia o krytycznym stanie i ze mam szpiegowski wirus
co ma dostep do moich hasel i innch reczy. Co mam zrobic? nie wiem jak uzyc
moj antywirus Norton...;/dzieki za jakiekolwiek wskazowki
    • Gość: ANita cdn Re: mam nortona i nie wiem jak usunac spyware IP: *.cable.ubr03.craw.blueyonder.co.uk 12.08.06, 12:08
      Logfile of HijackThis v1.99.1
      Scan saved at 11:06:26, on 2006-08-12
      Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
      C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Norton Internet Security\ISSVC.exe
      C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
      C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      C:\WINDOWS\system32\DVDRAMSV.exe
      C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\Program Files\IntCodec\isamonitor.exe
      C:\Program Files\IntCodec\pmsngr.exe
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\IntCodec\pmmon.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
      C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
      C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming
      Utility\SmoothView.exe
      C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
      C:\WINDOWS\system32\dla\tfswctrl.exe
      C:\Program Files\Common Files\Symantec Shared\ccApp.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Gadu-Gadu\gg.exe
      C:\Program Files\BitTorrent\bittorrent.exe
      C:\WINDOWS\system32\RAMASST.exe
      C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-
      gb\bin\WindowsSearch.exe
      C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
      C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-
      gb\bin\WindowsSearchIndexer.exe
      C:\Program Files\Gadu-Gadu\gg.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
      C:\Program Files\AntivirusGolden\AntivirusGolden.exe
      C:\Program Files\AntivirusGolden\AntivirusGolden.exe
      C:\WINDOWS\explorer.exe
      C:\Documents and Settings\Anita Schwarz\Pulpit\hijackthis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
      g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
      g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
      www.wp.pl/
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
      www.msn.co.uk/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} -
      C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
      C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {1da7dbe8-c51b-4ae4-bc6e-21863349b0b4} - C:\Program
      Files\IntCodec\isaddon.dll
      O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} -
      C:\WINDOWS\system32\dla\tfswshx.dll
      O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} -
      C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
      O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
      C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
      O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
      C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-
      A37C9A5676A7} - C:\Program Files\Common Files\Symantec
      Shared\AdBlocking\NISShExt.dll
      O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
      C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
      C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
      C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: Protection Bar - {a2595f37-48d0-46a1-9b51-478591a97764} -
      C:\Program Files\IntCodec\iesplugin.dll
      O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control
      Panel\atiptaxx.exe"
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows
      Utilities\Hotkey.exe" /lang PL
      O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
      O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Program narzędziowy
      TOSHIBA Zooming Utility\SmoothView.exe
      O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and
      Launch\PadExe.exe
      O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
      O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
      Shared\ccApp.exe"
      O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
      O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --
      force_start_minimized
      O4 - Startup: Szybkie uruchamianie programu Microsoft Office OneNote 2003.lnk =
      C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
      O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
      Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
      O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar
      Suite\DS\02.05.0001.1119\en-gb\bin\WindowsSearch.exe
      O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar
      Suite\TB\02.05.0000.1082\en-gb\msntb.dll/search.htm
      O8 - Extra context menu item: Open in new background tab - res://C:\Program
      Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-gb\msntabres.dll/229?
      1499baf0d9dc47f399ef52ec7ccaa3c
      O8 - Extra context menu item: Open in new foreground tab - res://C:\Program
      Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-gb\msntabres.dll/230?
      1499baf0d9dc47f399ef52ec7ccaa3c
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
      C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
      00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
      O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
      C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
      C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
      00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O21 - SSODL: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} -
      C:\WINDOWS\system32\viruxz.dll
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32
      \Ati2evxx.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation -
      C:\Pro
      • Gość: Kolobos Re: mam nortona i nie wiem jak usunac spyware IP: *.warszawa.sdi.tpnet.pl 12.08.06, 12:27
        Uzyj:
        siri.urz.free.fr/Fix/SmitfraudFix_En.php
        Log z usuwania wklej na forum.

        Odinstaluj: MSN Toolbar Suite o ile nie uzywasz, to samo Yahoo! Toolbar
        (wybierz uninstal z menu olowka na pasku yahoo).

        Jezeli cos zostanie to w menadzerze zadan zakoncz:
        C:\Program Files\IntCodec\isamonitor.exe
        C:\Program Files\IntCodec\pmsngr.exe
        C:\Program Files\IntCodec\pmmon.exe
        C:\Program Files\AntivirusGolden\AntivirusGolden.exe
        C:\Program Files\AntivirusGolden\AntivirusGolden.exe
        Katalogi IntCodec oraz AntyvirusGolden usun z dysku.

        W hjt usun:
        O2 - BHO: (no name) - {1da7dbe8-c51b-4ae4-bc6e-21863349b0b4} - C:\Program
        Files\IntCodec\isaddon.dll
        O3 - Toolbar: Protection Bar - {a2595f37-48d0-46a1-9b51-478591a97764} -
        C:\Program Files\IntCodec\iesplugin.dll
        O21 - SSODL: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} -
        C:\WINDOWS\system32\viruxz.dll <- plik do kasacji.

        Doklej brakujaca czesc od:
        O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation -
        C:\Pro

        Na koniec zrob skan przy pomocy ewido.
        • Gość: Anita Re: mam nortona i nie wiem jak usunac spyware IP: *.cable.ubr03.craw.blueyonder.co.uk 13.08.06, 02:50
          co to znaczy log z usuwania wklej na forum??zrobilam wszystko oprocz doklejenia
          brakujacej czesci nie mam pojecia jak mam to zrobic?
          • Gość: Kolobos Re: mam nortona i nie wiem jak usunac spyware IP: *.warszawa.sdi.tpnet.pl 13.08.06, 11:45
            Program do ktorego link Ci podalem wygeneruje log, ktory masz wkleic na forum,
            przeciez wszystko masz napisane na stronie.
            Brakujaca czesc log'a z hijackthis masz wkleic na forum, zobacz w sowim poscie
            na ktorej linijce sie konczy i wklej dalsza czesc.
Pełna wersja