[vic66]

Hei alle, har det vært en stund, var på sykehuset 2weeks.
Min familie bestemte seg for å overraske meg, og at de gjorde!
de lagt noen nye planer!
OK her er mitt problem.
Jeg kjører Panda Platinum security.which har sitt eget antispionprogram.
Familie besluttet å legge bo ren, spyware blaster, spyware terminater med virkelig tid sikringen avg antispyware 7.5 også med sanntid beskyttelse.
Jeg har også på oppfordring skannere annonsen klar spybot (te timer av) og et kvadrat.
når jeg kom hjem løp skannere og fant 17 trojanere og adware litt useriøs.
Jeg en nå wooried jeg kan være kapret.
kan noen ta en titt behage.


Logfile of Trend Micro HijackThis v2.0.2
Scan lagret på 3:38:57, on 02-10-2007
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ pavsrv51.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ AVENGINE.EXE
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ TPSrv.exe
C: \ Programas \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programas \ a-squared Free \ a2service.exe
C: \ Programas \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.exe
C: \ Programas \ Ficheiros comuns \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PsCtrls.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PavFnSvr.exe
C: \ Programas \ Ficheiros comuns \ Panda Software \ PavShld \ pavprsrv.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ Antispam \ pskmssvc.exe
c: \ programas \ Panda Software \ Panda Internet Security 2007 \ firewall \ PSHOST.EXE
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ psimsvc.exe
C: \ Programas \ SiteAdvisor \ 6172 \ SAService.exe
C: \ Programas \ Spyware Terminator \ sp_rsser.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ Explorer.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ APVXDWIN.EXE
C: \ Programas \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe
C: \ progra ~ 1 \ Comodo \ CBOClean \ BOC425.exe
C: \ Programas \ BillP Studios \ WinPatrol \ WinPatrol.exe
C: \ Programas \ Spyware Terminator \ SpywareTerminatorShield.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programas \ SAGEM \ SAGEM F @ st 800-840 \ dslmon.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ SRVLOAD.EXE
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ WebProxy.exe
C: \ Programas \ SiteAdvisor \ 6172 \ SITEADV.EXE
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PavBckPT.exe
C: \ Programas \ uTorrent \ uTorrent.exe
C: \ Programas \ Bowlfish \ eMule.exe
C: \ Programas \ Internet Explorer \ iexplore.exe
C: \ Programas \ Internet Explorer \ iexplore.exe
C: \ Documents and Settings \ Fabio \ Definições locais \ Temporary Internet Files \ Content.IE5 \ GSE4YWAK \ HiJackThis [2]. Exe
C: \ Programas \ Trend Micro \ HijackThis \ HijackThis.exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.pt/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.pt/
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName = Hiperligações
R3 - URLSearchHook: WorldTV Bar Toolbar - (44c0b463-5a8a-452c-8e72-dc751dac6ec1) - C: \ Programas \ WorldTV_Bar \ tbWorl.dll
R3 - URLSearchHook: World Tv Center Toolbar - (e077da94-6314-41f1-9F08-6607df65952e) - C: \ Programas \ World_Tv_Center \ tbWor1.dll
O2 - BHO: IE7Pro - (00011268-E188-40DF-A514-835FCD78B1BF) - C: \ Programas \ IE7Pro \ IE7Pro.dll
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programas \ Ficheiros comuns \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (089FD14D-132B-48FC-8861-0048AE113215) - C: \ Programas \ SiteAdvisor \ 6172 \ SiteAdv.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ progra ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: Windows Live Toolbar Helper - (BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Programas \ Windows Live Toolbar \ msntb.dll
O2 - BHO: World Tv Center Toolbar - (e077da94-6314-41f1-9F08-6607df65952e) - C: \ Programas \ World_Tv_Center \ tbWor1.dll
O3 - Toolbar: Windows Live Toolbar - (BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Programas \ Windows Live Toolbar \ msntb.dll
O3 - Toolbar: McAfee SiteAdvisor - (0BF43445-2F28-4351-9252-17FE6E806AA0) - C: \ Programas \ SiteAdvisor \ 6172 \ SiteAdv.dll
O3 - Toolbar: World Tv Center Toolbar - (e077da94-6314-41f1-9F08-6607df65952e) - C: \ Programas \ World_Tv_Center \ tbWor1.dll
O4 - HKLM \ .. \ Run: [Cmaudio] rundll32 cmicnfg.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [APVXDWIN] "C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ APVXDWIN.EXE" / s
O4 - HKLM \ .. \ Run: [SCANINICIO] "C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ Inicio.exe"
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Programas \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe" / minimert
O4 - HKLM \ .. \ Run: [BOC-425] C: \ progra ~ 1 \ Comodo \ CBOClean \ BOC425.exe
O4 - HKLM \ .. \ Run: [WinPatrol] C: \ Programas \ BillP Studios \ WinPatrol \ WinPatrol.exe "
O4 - HKLM \ .. \ Run: [SpywareTerminator] "C: \ Programas \ Spyware Terminator \ SpywareTerminatorShield.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'serviço LOKALE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'service Rede')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C: \ Programas \ SAGEM \ SAGEM F @ st 800-840 \ dslmon.exe
O8 - Extra context menu item: & Windows Live Search - res: / / C: \ Programas \ Windows Live Toolbar \ msntb.dll / search.htm
O8 - Extra sammenheng menyelement: Legg til Windows & Live Favorites -- http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E & xportar para o Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res: / / C: \ Programas \ Windows Live Toolbar \ Components \ nb-no \ msntabres.dll.mui/229? 23e13882b2f34d2fb527e50edfede195
O8 - Extra context menu item: Åpne i ny forgrunnen tab - res: / / C: \ Programas \ Windows Live Toolbar \ Components \ nb-no \ msntabres.dll.mui/230? 23e13882b2f34d2fb527e50edfede195
O9 - Extra knappen: IE7Pro Preferences - (0026439F-A980-4f18-8C95-4F1CBBF9C1D8) - C: \ Programas \ IE7Pro \ IE7Pro.dll
O9 - Extra "Verktøy" MENUITEM: IE7Pro Preferences - (0026439F-A980-4f18-8C95-4F1CBBF9C1D8) - C: \ Programas \ IE7Pro \ IE7Pro.dll
O9 - Extra button: Pesquisar - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra knappen: (no name) - (DFB852A3-47F8-48C4-a200-58CAB36FD2A2) - C: \ progra ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra "Verktøy" MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-a200-58CAB36FD2A2) - C: \ progra ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Verktøy" MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programas \ Messenger \ Msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programas \ Messenger \ Msmsgs.exe
Ø16 - DPF: (5ED80217-570B-4DA9-BF44-BE107C0EC166) -- http://cdn.scan.onecare.live.com/res...scbase8300.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klasse) -- http://www.update.microsoft.com/micr...?1189781903812
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
Ø17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (EBEDA096-3520-470A-9F4F-E70844D02643): NameServer = 212.55.154.174
Ø20 - Winlogon Notify:! SASWinLogon - C: \ Programas \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C: \ Programas \ a-squared Free \ a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C: \ Programas \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - Grisoft sro - C: \ Programas \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.exe
O23 - Service: BOCore - Unknown owner - (no file)
O23 - Service: NBService - Nero AG - C: \ Programas \ Nero \ Nero 7 \ Nero BackItUp \ NBService.exe
O23 - Service: NMIndexingService - Nero AG - C: \ Programas \ Ficheiros comuns \ Ahead \ Lib \ NMIndexingService.exe
O23 - Service: AOpen Driver Helper Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C: \ Programas \ Ficheiros comuns \ Panda Software \ PavShld \ pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ Antispam \ pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c: \ programas \ Panda Software \ Panda Internet Security 2007 \ firewall \ PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ psimsvc.exe
O23 - Service: Serviço SiteAdvisor (SiteAdvisor Service) - Unknown owner - C: \ Programas \ SiteAdvisor \ 6172 \ SAService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C: \ Programas \ Spyware Terminator \ sp_rsser.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ TPSrv.exe
--
End of file - 10407 bytes

PS soory om stavefeil må medisinen LOL

[evilfantasy]

Hei Vic. Håper alt går bra.

Jeg vil ta en titt på loggen og komme tilbake til deg i noen få.

[vic66]

Thanks very much evilfantasy.
Og ja begynner å føle seg bedre.

[vic66]

Det er 4 om morgenen her, jeg trenger litt søvn vil være tilbake på 8 i morgen.
Lover å ikke gjøre noe før jeg her fra deg.
Tusen takk for din tid og hjelp.

[evilfantasy]

Gå til
C: \ Documents and Settings \ Fabio \ Definições locais \ Temporary Internet Files \ Content.IE5 \ GSE4YWAK \ HiJackThis [2]. Exe
Slett hele filen.

============

Nå gå til
C: \ Programas \ Trend Micro \ HijackThis \ HijackThis.exe
Høyreklikk HijackThis.exe og velg Rename. Name it Analyze.exe og trykk angir.

============

Er dette din Internett-leverandør?
PT.COM - COMUNICACOES INTERACTIVAS SA

============

Du ser ut til å være ren.

Egentlig ettersom du allerede har sagt at du har litt for mye beskyttelse. Men så lenge det bare er ett antivirus og en brannmur det bør være noen konflikter. Du kan bli bremset ved å ha så mye å kjøre.

Det ser ut som din sikkerhet skanner fjernet alt det de fant.

[vic66]

Evilfantasy Takk for ditt svar, men rememeber jeg en en newbie!
hvordan kan jeg gjøre om disse kravene















'

[vic66]

Oppsann
pt. com er leverandøren

[vic66]

tok vare på hijack logg og nå er analise .. exe
men skrånende finner C dokumenter og innstillinger hvor som helst
behage hjelpe
THANKS

[evilfantasy]

Åpne HijackThis og velg "Do a system scan only.
Sett et merke ved siden av
C: \ Documents and Settings \ Fabio \ Definições locais \ Temporary Internet Files \ Content.IE5 \ GSE4YWAK \ HiJackThis [2]. Exe
Deretter klikker Fix checked.

[vic66]

Sorry evilfantasy men jeg kan ikke finne den. Er det en rekke
som 04 or23 eller 06 noe jeg kan lede meg med