Tökkii ?!

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by viitanen_, Aug 29, 2007.

  1. viitanen_

    viitanen_ Member

    Joined:
    Feb 12, 2006
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    16
    jotain ongelmia varmastikin on kun vähän väliä tökkii ja raksuttaa , kumminkin on alle kuukauden vanha kones. katsotaan mitä tämä sanoo


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:38:57, on 29.8.2007
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ASUS\ASUS Direct Console\LCMP.exe
    C:\Program Files\SetPoint\SetPoint.exe
    C:\Users\viitanen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AsusNbKeys.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ASUS\ASUS Direct Console\D3DCheck.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\Windows\system32\wuauclt.exe
    D:\programs\mIRC\mirc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [DirectMessenger] "C:\Program Files\ASUS\ASUS Direct Console\LCMP.EXE"
    O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Startup: AsusNbKeys.exe
    O4 - Global Startup: SetPoint.lnk = C:\Program Files\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O13 - Gopher Prefix:
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

    --
    End of file - 3933 bytes
     
    Last edited: Aug 29, 2007
    viitanen_, Aug 29, 2007
    #1
  2. viitanen_

    viitanen_ Member

    Joined:
    Feb 12, 2006
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    16
    Kamoon, eikö löydy mitään vai olenko ignoressa
     
    viitanen_, Aug 30, 2007
    #2
  3. Hujo

    Hujo Guest

    Niin tuota missäs on virustorjunta.
     
    Hujo, Aug 30, 2007
    #3
  4. viitanen_

    viitanen_ Member

    Joined:
    Feb 12, 2006
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    16
    Ei ole, mutta about kuukauden välein imasen ja skannaan koneen AVG:lla
     
    viitanen_, Aug 30, 2007
    #4
  5. Hujo

    Hujo Guest

    laitahan sinne virustorjunta kuntoon.
     
    Hujo, Aug 30, 2007
    #5
  6. viitanen_

    viitanen_ Member

    Joined:
    Feb 12, 2006
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    16
    virusturva asennettu ja toiminnnassa , uusi hjt-loki :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:50:46, on 3.9.2007
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUS\ASUS Direct Console\LCMP.exe
    C:\Program Files\ASUS\ASUS Direct Console\D3DCheck.exe
    C:\Windows\System32\rundll32.exe
    D:\programs\avast\ashDisp.exe
    C:\Program Files\SetPoint\SetPoint.exe
    C:\Users\viitanen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AsusNbKeys.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    D:\programs\mIRC\mirc.exe
    D:\programs\Winamp\winamp.exe
    C:\Windows\system32\wbem\unsecapp.exe
    D:\programs\avast\ashSimp2.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [DirectMessenger] "C:\Program Files\ASUS\ASUS Direct Console\LCMP.EXE"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] D:\programs\avast\ashDisp.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Startup: AsusNbKeys.exe
    O4 - Global Startup: SetPoint.lnk = C:\Program Files\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O13 - Gopher Prefix:
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\programs\avast\aswUpdSv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - D:\programs\avast\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - D:\programs\avast\ashMaiSv.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

    --
    End of file - 4016 bytes
     
    viitanen_, Sep 3, 2007
    #6
  7. Hujo

    Hujo Guest

    scannaas hjt:llä merkkaa paina Fix checked

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)


    Kopioi / liitä seuraava teksti alapuolella tyhjään muistioFiluun
    Varmista että tiedoston tyyppi on ”all Files” ja tallenna se Poisto.bat. nimisenä
    työpöydällesi.

    @echo off
    sc stop "Symantec Lic NetConnect service"
    sc delete "Symantec Lic NetConnect service"

    Tupla-klikkaa Poisto.bat. filua työpöydälläsi , ikkuna avautuu ja Sulkeutuu tämä on normaalia.


    =====================

    Poista vikasiedossa

    C:\Program Files\Common Files\Symantec Shared
     
    Hujo, Sep 3, 2007
    #7
  8. viitanen_

    viitanen_ Member

    Joined:
    Feb 12, 2006
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    16
    ei muuta ?
     
    viitanen_, Sep 4, 2007
    #8
  9. Hujo

    Hujo Guest

    eipä muuta
     
    Hujo, Sep 4, 2007
    #9

Share This Page