|
HJT-logi pandan scannin jälkeen?(Ipwindows-kansio)
|
|
|
Mestaus
Senior Member
1 tuotearvio
|
1. tammikuuta 2007 @ 19:20 |
Linkki tähän viestiin
|
Jotai örkkejä pääs koneelleni aika lailla,niin tälläi Ipwindows -Kansio löytyi sieltä ja sitä ei saa poistettua millään.
Logfile of HijackThis v1.99.1
Scan saved at 4:44:03, on 2.1.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\SYSTEM32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
f:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
F:\WINDOWS\system32\CTsvcCDA.EXE
F:\WINDOWS\system32\nvsvc32.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
F:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
F:\Program Files\MessengerPlus! 3\MsgPlus.exe
F:\WINDOWS\system32\RunDLL32.exe
F:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
F:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
F:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
F:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\CTHELPER.EXE
F:\Program Files\Ipwindows\ipwins.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE
F:\Program Files\Messenger\msmsgs.exe
F:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\Program Files\Logitech\SetPoint\SetPoint.exe
F:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
F:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
F:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
f:\program files\panda software\panda internet security 2007\WebProxy.exe
F:\Program Files\PeerGuardian2\pg2.exe
F:\Documents and Settings\Omistaja\Työpöytä\Kama\sdc203\StrongDC.exe
F:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\HijackThis_v1.99.1\HijackThis_v1.99.1.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\avciman.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\psimreal.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] F:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTDVDDET] "F:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] F:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "F:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "F:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] F:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [IpWins] F:\Program Files\Ipwindows\ipwins.exe
O4 - HKLM\..\Run: [APVXDWIN] "F:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "F:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\RunOnce: [BorraP2006tmp] cmd /C RD /s/q "F:\DOCUME~1\OMIST~1\LOCALS~1\Temp\P2006tmp\"
O4 - HKCU\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "F:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] F:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [msnmsgr] "F:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Download all links using BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: avldr - F:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - F:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM+ Messages - Unknown owner - F:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000245 (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - F:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - F:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - F:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - F:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - F:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - f:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - F:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - F:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
Mestaus
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 9. tammikuuta 2007 @ 07:17
|
AfterDawn Addict
|
2. tammikuuta 2007 @ 07:41 |
Linkki tähän viestiin
|
Kokeilepa, jos lisää/poista sovellus-kohdasta löytyy:
Ipwins tai ipwindows
Jos löytyy, niin poista se.
Jollei löydy, käynnistä vikasietotilaan ja poista se siellä
Nämä myös fixiin:
O4 - HKLM\..\Run: [IpWins] F:\Program Files\Ipwindows\ipwins.exe
O23 - Service: COM+ Messages - Unknown owner - F:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000245 (file missing)
Ja nämä pois vikasiedossa:
F:\Program Files\Ipwindows
F:\WINDOWS\system32\svchosts.exe (EI ole svchost.exe!)
Käynnistä uudelleen ja lähetä uusi HjT-loki.
Ei HjT-lokeja tms. yksityisviestillä!
|
|
Mestaus
Senior Member
1 tuotearvio
|
2. tammikuuta 2007 @ 09:47 |
Linkki tähän viestiin
|
Sain poistettuu Ipwindows:sin.
Tossa F:\WINDOWS\system32\svchosts.exe ei pystynnyt se oli jotenki käytössä.
Logfile of HijackThis v1.99.1
Scan saved at 14:46:53, on 2.1.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\SYSTEM32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
f:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\MessengerPlus! 3\MsgPlus.exe
F:\WINDOWS\system32\RunDLL32.exe
F:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
F:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
F:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
F:\WINDOWS\CTHELPER.EXE
F:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE
F:\Program Files\Messenger\msmsgs.exe
F:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
F:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
F:\Program Files\Logitech\SetPoint\SetPoint.exe
F:\WINDOWS\system32\CTsvcCDA.EXE
F:\WINDOWS\system32\nvsvc32.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
F:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
F:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
f:\program files\panda software\panda internet security 2007\WebProxy.exe
F:\PROGRA~1\MOZILL~1\FIREFOX.EXE
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\psimreal.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\avciman.exe
C:\HijackThis_v1.99.1\HijackThis_v1.99.1.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] F:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTDVDDET] "F:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] F:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "F:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "F:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] F:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [APVXDWIN] "F:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "F:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "F:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] F:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [msnmsgr] "F:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Download all links using BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: avldr - F:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - F:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - F:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - F:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - F:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - F:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - F:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - f:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - F:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - F:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
Mestaus
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 2. tammikuuta 2007 @ 10:01
|
AfterDawn Addict
|
2. tammikuuta 2007 @ 10:07 |
Linkki tähän viestiin
|
Katotaan vielä tällä:
Hae KillBox
http://www.bleepingcomputer.com/files/spyware/KillBox.zip
Pura,avaa ja täppi kohtaan Delete on Reboot
Sitte kopioi rivi tosta alapuolelta yhellä kertaa
F:\WINDOWS\system32\svchosts.exe
Sitten KillBoxissa ylhäältä File > Paste from Clipboard
Valitse "All Files".Sen jälkeen paina Delete (punainen, jossa on valkonen X)
Vastaa myöntävästi kysymyksiin ja jos kone ei itestään käynnisty uudestaan,niin käynnistä se.
Lähetä sen jälkeen uus Hijack-logi.
Ei HjT-lokeja tms. yksityisviestillä!
|
|
Mestaus
Senior Member
1 tuotearvio
|
2. tammikuuta 2007 @ 10:28 |
Linkki tähän viestiin
|
Tuttu softa on.
Logfile of HijackThis v1.99.1
Scan saved at 15:27:50, on 2.1.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\SYSTEM32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
f:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\MessengerPlus! 3\MsgPlus.exe
F:\WINDOWS\system32\RunDLL32.exe
F:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
F:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
F:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
F:\WINDOWS\CTHELPER.EXE
F:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE
F:\Program Files\Messenger\msmsgs.exe
F:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
F:\Program Files\Logitech\SetPoint\SetPoint.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
F:\WINDOWS\system32\CTsvcCDA.EXE
F:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
F:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
F:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
f:\program files\panda software\panda internet security 2007\WebProxy.exe
F:\WINDOWS\system32\rsvp.exe
F:\WINDOWS\system32\wuauclt.exe
F:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\HijackThis_v1.99.1\HijackThis_v1.99.1.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\psimreal.exe
F:\Program Files\Panda Software\Panda Internet Security 2007\avciman.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] F:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTDVDDET] "F:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] F:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "F:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "F:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] F:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [APVXDWIN] "F:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "F:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "F:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] F:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [msnmsgr] "F:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Download all links using BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: avldr - F:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - F:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - F:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - F:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - F:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - F:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - F:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - f:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - F:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - F:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
No sainko poistettuu sitä ?
Mestaus
|
AfterDawn Addict
|
2. tammikuuta 2007 @ 10:39 |
Linkki tähän viestiin
|
|
Ei näy lokissa, koska O4-rivi on poistettu eikä näin ollen käynnisty, vaikka olisikin. Jos c:\!KillBox-kansiossa on ko. filu, niin sitten sait :) Toki sitä ei tarvinnut enää olla olemassa ennen killboxausta.
Loki on puhdas. Vielä ongelmia?
Ei HjT-lokeja tms. yksityisviestillä!
|
|
Mainos
|
|
|
|
Mestaus
Senior Member
1 tuotearvio
|
2. tammikuuta 2007 @ 16:47 |
Linkki tähän viestiin
|
|
Kiitokset sulle kemisti. =)
Jees,ei näytä mitää onkelmaa olevan koneen kanssa, hyvin tää rullaa.
Mestaus
|
