PCTuning fórum

zaujímalo by ma, čo sú to za procesy, lebo mi berú 100% využitia CPU....

csrss.exe - cca 55%
CCAPP.exe - cca 43%

mám WinXP Pro SP2... dix

no můžou to být legitimní procesy
windowsí + norton antivirus,
ale dost často jsou to maskované viry
zkus nahodit log z Hijacku

ccapp neni systemak

a csrss je, ale bude zavirovany nebo nejak jinak zapraseny

neviem, nepracoval som ešte s hijackom, ale keď som dal Scan tak mi otvorilo *.txt s týmto:

Logfile of HijackThis v1.99.1
Scan saved at 12:59:08, on 24. 3. 2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
D:\Software\Norton Antivirus 2006\navapsvc.exe
D:\Software\Norton Antivirus 2006\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Software\Microsoft Office 2007\Office12\GrooveMonitor.exe
D:\Software\WinFast TV\WFWIZ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Common Files\Symantec Shared\NMain.exe
D:\Software\Total Commander 7.0\TOTALCMD.EXE
D:\Software\StrongDC\StrongDC.exe
D:\Software\Total Commander 7.0\TOTALCMD.EXE
D:\Software\QIP\qip.exe
D:\Software\Microsoft Office 2007\Office12\OUTLOOK.EXE
C:\Program Files\Messenger\msmsgs.exe
D:\Software\Mozilla Firefox\firefox.exe
D:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ukpcrepair.com/dlsite/prog.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Software\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - D:\Software\Norton Antivirus 2006\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - D:\Software\Norton Antivirus 2006\NavShExt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Software\Microsoft Office 2007\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WinFast Schedule] D:\Software\WinFast TV\WFWIZ.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BoreTime] C:\DOCUME~1\VLADOM~1\DATAAP~1\MEDIAD~1\CakeBias.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Software\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Software\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Software\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Software\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{030D9758-7652-49F1-9191-E756410A1B04}: NameServer = 172.16.158.254,195.12.128.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{030D9758-7652-49F1-9191-E756410A1B04}: NameServer = 172.16.158.254,195.12.128.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{030D9758-7652-49F1-9191-E756410A1B04}: NameServer = 172.16.158.254,195.12.128.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Software\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Software\Norton Antivirus 2006\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - D:\Software\Norton Antivirus 2006\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - D:\Software\Norton Antivirus 2006\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

to je všetko....

fixni
O4 - HKCU\..\Run: [BoreTime] C:\DOCUME~1\VLADOM~1\DATAAP~1\MEDIAD~1\CakeBias.exe

ok už... a teraz?

a teraz čo?

to mi máš ty povedať :D

je to tvoj komp.neviem čo teraz(po fixe) robí?

ccapp a csrss je norton antivirus. zjevne to mas jebly .) nejspis ti to sejmul ten cakebias...

som sa na všetko vysral a som preinštaloval win ja to mám hlboko v konečníku, s tým sa srať nebudem, ale poraďte mi pls, aký antivirák si mám nainštalovať (momentálne mám Norton Antivirus 2006, ale to len tak narýchlo, potrebujem buď novšiu verziu NAV alebo Norton InternetSecurity alebo úplne niečo iné, zároveň aj spoľahlivé....) dix.

hh to mi veľmi nepomohlo

KalaShniK píše: ...potrebujem buď novšiu verziu NAV alebo Norton InternetSecurity alebo úplne niečo iné, zároveň aj spoľahlivé....) dix.

tak si trhni nohou

nevim na co potrebujes novejsi verzi. update virovy databaze bohate staci. ja jedu na 2005 a na druhem kompu 2004. nav muzu jen doporucit. v kombinaci s norton firewallem nebo s keriem, skvela dvojka...

a pls ten norton firewall je už v inštalačke NAV ? alebo ho treba osobitne sťahovať ?

Pokud nutne nepotrebujes placenej antivir, muzu jen doporucit www.activevirusshield.com

KalaShniK píše:a pls ten norton firewall je už v inštalačke NAV ? alebo ho treba osobitne sťahovať ?

norton firewall ma nav v sobe. obracene ee

ok dix, dal som si 2005 NAV chcel som si zohnať Norton Internet Security ale nejako som to nevedel zohnať v čom je to iné?

v nicem. akorat mas krom antiviru jeste firewall .) ten antivir co je v tom norton internet security je ten samej .)