x-kom hosting

Dziwne wirusy

bartEEEk
utworzono
utworzono

Comodo wyskanował mi takie zagrożenia. Usunąć je, do kwarantanny czy ignorować ?

[code]Win32.Jeefo.A@66575 C:\Windows\svchost.exe
Win32.Jeefo.A@66575 C:\$INPLACE.~TR\Machine\DATA\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe
Win32.Jeefo.A@66575 C:\$INPLACE.~TR\Machine\DATA\Windows\System32\nvcplui.exe
Win32.Jeefo.A@66575 C:\$INPLACE.~TR\Machine\DATA\Windows\System32\spreview.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Program Files\Internet Explorer\ExtExport.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Program Files\Internet Explorer\iecleanup.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Program Files\Internet Explorer\ielowutil.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Program Files\Synaptics\SynTP\SynAcer.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Program Files\Synaptics\SynTP\SynMood.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Program Files\Synaptics\SynTP\InstNT.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Program Files\Synaptics\SynTP\SynTPEnh.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Program Files\Synaptics\SynTP\SynZMetr.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Program Files\Synaptics\SynTP\Tutorial.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Windows\RtlUpd.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Windows\System32\dpinst.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Windows\System32\nvcolor.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Windows\System32\nvudisp.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Windows\System32\nvuhda.exe
Win32.Jeefo.A@66575 C:\$WINDOWS.~Q\DATA\Windows\System32\nvusmu.exe
Win32.Jeefo.A@66575 C:\ACER\ACERPATCH\WaitAndLaunchProcess.exe
Win32.Jeefo.A@66575 C:\ACER\ACERREG\ASSIST\install.exe
Win32.Jeefo.A@66575 C:\ACER\Mobility Center\MobilityCenter.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\Adobe Flash Player\Flash_Player_9_ActiveX_9.0.124.0.exe
Win32.Jeefo.A@66575 C:\ACER\Mobility Center\ShareFolderUI.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\Arcade Deluxe\PCinema\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\Arcade Deluxe\PMovie\Setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\Arcade Deluxe\SDMA\Setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\Arcade Deluxe\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\eAudio Management\Setxx.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\Empowering Technology Framework\ETF_v3.0.3006_20080321_1325.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\ePower Management\ePower v3.0.3010_20080509_1434.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\eSettings Management\eSettings_v3.0.3007_20080526_1443.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\Google Desktop\GoogleDesktopSetup_all_release_r57_sign_c7923525_080708_050100.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\GridVista\Setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\NTI Media Maker\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\Power Director (trial)\PhotoNow\Setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\APP\Power Director (trial)\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\AutorunX\AutorunX.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\CheckFiles.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Atheros Wireless LAN 3rd WiFi BG\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Authentec Finger Print AES1610\Install\doc\FingerprintTutorial.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Authentec Finger Print AES1610\Install\doc\FingerprintTutorial_JPN.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Authentec Finger Print AES1610\Install\doc\Function.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Authentec Finger Print AES1610\Install\doc\Function_JPN.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Authentec Finger Print AES1610\Install\doc\SystemWizard.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Authentec Finger Print AES1610\Install\doc\SystemWizard_JPN.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Authentec Finger Print AES1610\Install\Drivers\ATMinInst32.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Bison Camera utility Crystal Eye\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Broadcom Wireless LAN 3rd WiFi BG\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Dritek Launch Manager\QtZgAcer.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Dritek Launch Manager\Setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Dritek Launch Manager\UNINST32.EXE
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Foxconn Bluetooth BT 2.0\Setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Foxconn Bluetooth BT 2.0\Win32\brcm\DPInst.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Foxconn Bluetooth BT 2.0\Win32\BtwMM.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Foxconn Bluetooth BT 2.0\Win32\Inst.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Foxconn Bluetooth BT 2.0\Win32\Setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Foxconn Bluetooth BT 2.0\Win64\BtwMM.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Foxconn Bluetooth BT 2.0\Win64\Inst.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Foxconn Modem Fox+Con MC4Z 3.3V\UIU32m.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Foxconn Modem Fox+Con MC4Z 3.3V\Setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Liteon TV Tuner DVB-T Mini-card\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\nVidia NB Chipset NVMCP77MH\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\nVidia NB Chipset NVMCP77MH\SMBus\nvusmb.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\nVidia NB Chipset NVMCP77MH\SMU\nvusmu.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\nVidia VGA Chip NVMCP77MH 9MGSHM 9PGSHM\Display\nvudisp.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\nVidia VGA Chip NVMCP77MH 9MGSHM 9PGSHM\Display\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\nVidia VGA Chip NVMCP77MH 9MGSHM 9PGSHM\HDAudio\nvuhda.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\nVidia VGA Chip NVMCP77MH 9MGSHM 9PGSHM\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\RAlink Wireless LAN 3rd WiFi BGN\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Realtek Audio ALC888S\AP\WinVista\RTKVADDA.EXE
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Realtek Audio ALC888S\MSHDQFE\Win2K3\us\kb888111srvrtm.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Realtek Audio ALC888S\MSHDQFE\Win2K_XP\us\kb888111xpsp1.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Realtek Audio ALC888S\MSHDQFE\Win2K_XP\us\kb888111w2ksp4.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Realtek Audio ALC888S\MSHDQFE\Win2K_XP\us\kb888111xpsp2.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Realtek Audio ALC888S\Setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Realtek Audio ALC888S\Vista\RtkSmbus.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Realtek Audio ALC888S\Vista\RtlUpd.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Realtek Audio ALC888S\WDM\MicCal.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Realtek Audio ALC888S\WDM\RtlUpd.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Realtek Cardbus1 RTS5158E-GR\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Suyin Camera utility Crystal Eye\Setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\Setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinNT5\x64\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinNT5\x64\SynMood.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinNT5\x64\Tutorial.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinNT5\x64\SynZMetr.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinNT5\x86\InstNT.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinNT5\x86\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinNT5\x86\SynAcer.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinNT5\x86\SynMood.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinNT5\x86\SynTPEnh.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinNT5\x86\SynZMetr.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinWDF\x64\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinNT5\x86\Tutorial.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinWDF\x64\SynMood.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinWDF\x64\SynZMetr.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinWDF\x64\Tutorial.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinWDF\x86\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinWDF\x86\dpinst.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinWDF\x86\SynAcer.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinWDF\x86\InstNT.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinWDF\x86\SynMood.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinWDF\x86\SynTPEnh.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinWDF\x86\Tutorial.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Synaptics Touchpad\WinWDF\x86\SynZMetr.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Autorun\DRV\Winbond CIR\setup.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Command\AlaunchX\AppInRun.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Command\AlaunchX\AlaunchX.exe
Win32.Jeefo.A@66575 C:\ACER\Preload\Command\AlaunchX\LaunchAlaunchX.exe
Win32.Jeefo.A@66575 C:\ACER\TONLINE\Internet-Erlebniswelt.exe
Win32.Jeefo.A@66575 C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\setup.exe
Win32.Jeefo.A@66575 C:\MSOCache\All Users\{90120000-006E-0415-0000-0000000FF1CE}-C\DW20.EXE
Win32.Jeefo.A@66575 C:\MSOCache\All Users\{90120000-006E-0415-0000-0000000FF1CE}-C\dwtrig20.exe
Win32.Jeefo.A@66575 C:\OEM\Upgrade Kit\DVDMainStart.Launcher.exe
Win32.Jeefo.A@66575 C:\OEM\Upgrade Kit\DisBT.exe
Win32.Jeefo.A@66575 C:\OEM\Upgrade Kit\DVDMainStart.View.VistaPageLauncher.exe
Win32.Jeefo.A@66575 C:\OEM\Upgrade Kit\EnBT.exe
Win32.Jeefo.A@66575 C:\OEM\Upgrade Kit\Remove_eRecovery.exe
Win32.Jeefo.A@66575 C:\OEM\Upgrade Kit\SetResolution2.exe
Win32.Jeefo.A@66575 C:\OEM\Upgrade Kit\UpgradeKit.Launcher.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\eDSMgr.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDScsp.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\Decryption.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSDTS.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\edsMsgrProxy.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSrf.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDS_CCPSD.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\IMSignInPrompt.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\Encryption.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\MsnVane.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
Win32.Jeefo.A@66575 C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
Heur.Pck.PUNiSHER C:\Program Files\WinRAR\RAR Slayer v1.1.exe[/code]

Gość
komentarz
komentarz

[quote]
Comodo wyskanował mi takie zagrożenia. Usunąć je, do kwarantanny czy ignorować ?
[/quote]
Wyleczyć. ;]

Masz JEFFO czyli ... zarażone exe.

[b]1.[/b] Ściągnij szczepionkę >>> http://www.sophos.com/support/cleaners/jeefogui.com
[b]2.[/b] Uruchom komputer ponownie i wejdź do Trybu Awaryjnego (F8 przed bootem Windows'a).
[b]3.[/b] Odpal szczepionke.
[b]4.[/b] Naciśnij [b]Accept[/b].
[b]5.[/b] Pojawi Ci się okienko, wciśnij przycisk [b]Configuration[/b] i zaznacz tak samo jak tutaj:
[url=http://img121.imageshack.us/i/beztytuu3w.png/][img]http://img121.imageshack.us/img121/1656/beztytuu3w.png[/img][/url]

[b]6.[/b] Po zaznaczeniu 3 opcji naciskasz [b]OK[/b].
[b]7.[/b] Naciskasz [b]Start Scan[/b] i pozwalasz na leczenie zarażonych plików.
[b]8.[/b] Czekaż, aż skończy i wklejasz potem raport na Forum.

bartEEEk
komentarz
komentarz

[code]
System scan finished at 17:09 on 4 February 2010

Infected processes found : 0
Processes terminated or disinfected : 0
Infected files found : 145
Infected files deleted : 0
Infected files disinfected : 143
[/code]

svhost.exe nie wyleczyło, było tylko czy usunąć plik, dałem nie.

Gość
komentarz
komentarz (edytowane)

[quote]
svhost.exe nie wyleczyło, było tylko czy usunąć plik, dałem nie.[/quote]
To źle, bo to wirus.

Daj log z ComboFixa: http://www.forumpc.pl/index.php?showtopic=120614&st=0&p=837303&fromsearch=1&#entry837303
, on zajmie sie tym plikiem i innymi. ;]

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.