HJT logi. auttakee...

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi Hepefin 02.11.2006.

Viestiketjun tila:
Viestiketju on suljettu.
  1. Hepefin

    Hepefin Guest

    Eli pingi on korkea peleissä ja spyware doctor löytää, mutta ei saa poistettua viruksia. Joten jos joku viittis ees vähä vilkasta :).


    Logfile of HijackThis v1.99.1
    Scan saved at 18:28:51, on 2.11.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\WINDOWS\System32\alg.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    F:\Ohjelmat\zone labs\ZoneAlarm\zlclient.exe
    F:\Ohjelmat\Anti-Blaxx2\Anti-Blaxx.exe
    F:\Ohjelmat\Spyware Doctor\swdoctor.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Hepe\Työpöytä\Virus ohjelmat\HijackThis_v1.99.1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Ohjelmat\adobereader\ActiveX\AcroIEHelper.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - F:\Ohjelmat\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - F:\Ohjelmat\SPYWAR~1\tools\iesdpb.dll
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [Zone Labs Client] "F:\Ohjelmat\zone labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Anti-Blaxx Manager] F:\Ohjelmat\Anti-Blaxx2\Anti-Blaxx.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [Spyware Doctor] "F:\Ohjelmat\Spyware Doctor\swdoctor.exe" /Q
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - F:\Ohjelmat\ewido anti-spyware 4.0\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - F:\Ohjelmat\Spyware Doctor\sdhelp.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - F:\Ohjelmat\VNC4\WinVNC4.exe" -service (file missing)


    ei kai tässä kohta muu auta kun itte alkaa sörkkiin tuonne kun kukaan ei eväänsä liikauta :) :D. Auttakaa nyt joku..
     
    Moderaattorin viimeksi muokkaama: 02.11.2006
    Hepefin, 02.11.2006
    #1
  2.  
  3. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Loki on puhdas. Laitapa se spyware doctorin raportti tänne, niin nähdään onko ne todellisia viruksia vai ihan omia löytöjä.
     
    -kemisti-, 03.11.2006
    #2
  4. Hepefin

    Hepefin Guest

    Kiitos, että katsoit :)! Juu eli tässä on logi.

    Scans (basic information only):

    Scan Results:
    scan start: 3.11.2006 16:44:41
    scan stop: 3.11.2006 16:50:47
    scanned items: 85038
    found items: 14
    found and ignored: 0
    tools used: General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner



    Infection Name Location Risk
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP##NextInstance Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000 Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Service Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Legacy Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##ConfigFlags Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Class Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##ClassGUID Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##DeviceDesc Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Capabilities Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000\LogConf Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000\LogConf## Medium

    Scan Results:
    scan start: 3.11.2006 16:52:06
    scan stop: 3.11.2006 16:58:06
    scanned items: 85104
    found items: 14
    found and ignored: 14
    tools used: General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner



    Infection Name Location Risk
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP##NextInstance Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000 Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Service Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Legacy Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##ConfigFlags Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Class Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##ClassGUID Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##DeviceDesc Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Capabilities Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000\LogConf Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000\LogConf## Medium

    Toivottavasti tästä näet jotain :).

     
    Moderaattorin viimeksi muokkaama: 03.11.2006
    Hepefin, 03.11.2006
    #3
  5. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Joo tuo taitaa olla ihan oikea löytö.

    Hae eScan -> http://koti.mbnet.fi/pattaya1/escanmwav.htm .
    Asenna, päivitä, skannaa sivulla olevien ohjeiden mukaan. Lähetä sitten "örkkitulokset" tänne (ohje tuolla sivulla, alin kuva ja sen yläpuolella oleva teksti).
     
    -kemisti-, 03.11.2006
    #4
  6. Hepefin

    Hepefin Guest

    Noniin eli tossa taitaapi olla ne mitä halauat.


    File F:\Ohjelmat\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.62. No Action Taken.
    File F:\Ohjelmat\VNC4\vncconfig.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
    File F:\Ohjelmat\VNC4\vncviewer.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
    File F:\Ohjelmat\VNC4\wm_hooks.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.


    Odotin itse enemmän, mutta ei tarkistuskaan kestänyt kuin 39 min.
    Pitäsköhän koittaa poistaa nuo ohjelmat käsin?
     
    Moderaattorin viimeksi muokkaama: 04.11.2006
    Hepefin, 03.11.2006
    #5
  7. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Nuo löydöt eivät vaadi poistoa (oletettavasti olet asentanut VNC:n itse?)

    Ota ensin rekisteristä näin varmuuskopio:

    Suorita -> regedit -> ok. Sitten Tiedosto -> Vie. Kirjoita sille joku nimi ja sitten Tallenna(ja laita muistiin, mihin tallensit sen).

    Sitten mene regeditissä tänne ->

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP

    Mene muokkaa -> käyttöoikeudet ja sen jälkeen poista ko. avain ja kerro lähtikö pois.
     
    -kemisti-, 04.11.2006
    #6
  8. Hepefin

    Hepefin Guest

    Siis poistin tuon LEGACY_SVKP kansion sisällön kun en oikeen sillain tajunnu ohjettas :) En saanut sieltä käyttöoikeuksista poistettua mitään koska se olis poistanut jonkun mun windowsin käyttäjän tai jonku mutta ei se antanut poistaa. Spywaredoctor löytää vieläkin samat 14 virhettä.
    Logi on tässä.



    Scan Results:
    scan start: 4.11.2006 12:48:23
    scan stop: 4.11.2006 12:50:22
    scanned items: 49576

    found items: 14
    found and ignored: 14
    tools used: General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner



    Infection Name Location Risk
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP##NextInstance Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000 Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Service Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Legacy Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##ConfigFlags Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Class Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##ClassGUID Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##DeviceDesc Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Capabilities Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000\LogConf Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000\LogConf## Medium


    Ei se ollutkaan poistanut mitään :/.
     
    Moderaattorin viimeksi muokkaama: 04.11.2006
    Hepefin, 04.11.2006
    #7
  9. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Ei vaan menet muokkaa -> käyttöoikeudet ja annat itsellesi käyttöoikeudet siihen avaimeen.
     
    -kemisti-, 04.11.2006
    #8
  10. Hepefin

    Hepefin Guest

    Juu poisti :). Mutta nyt se sw doctori näyttää, että koneella on melki 3 kertaa enemmän viiruksia :D. Ja tota LEGACY_SVKP kansiota ei enään ole näkyvissä ainakaan logissa. Mutta tässä logi.



    Scan Results:
    scan start: 4.11.2006 12:48:23
    scan stop: 4.11.2006 12:50:22
    scanned items: 49576
    found items: 14
    found and ignored: 14
    tools used: General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner



    Infection Name Location Risk
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP##NextInstance Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000 Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Service Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Legacy Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##ConfigFlags Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Class Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##ClassGUID Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##DeviceDesc Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000##Capabilities Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000\LogConf Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000\LogConf## Medium

    Scan Results:
    scan start: 4.11.2006 13:31:26
    scan stop: 4.11.2006 13:36:30
    scanned items: 85660
    found items: 31
    found and ignored: 31
    tools used: General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner



    Infection Name Location Risk
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP##ImagePath Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP## Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP##Type Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP##Start Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP##ErrorControl Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP##ImagePath Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP##DisplayName Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Security Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Security## Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Security##Security Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Enum Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Enum## Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Enum##0 Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Enum##Count Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Enum##NextInstance Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP##Type Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP##Start Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP##ErrorControl Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP##DisplayName Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Security Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Security## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Security##Security Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Enum Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Enum## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Enum##0 Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Enum##Count Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Enum##NextInstance Medium
    Common Components Unrelated C:\WINDOWS\system32\SVKP.sys Medium

    Scan Results:
    scan start: 4.11.2006 13:37:32
    scan stop: 4.11.2006 13:39:24
    scanned items: 47571
    found items: 31
    found and ignored: 31
    tools used: General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner



    Infection Name Location Risk
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP##ImagePath Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP## Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP##Type Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP##Start Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP##ErrorControl Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP##ImagePath Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP##DisplayName Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Security Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Security## Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Security##Security Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Enum Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Enum## Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Enum##0 Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Enum##Count Medium
    Common Components Unrelated HKLM\SYSTEM\ControlSet001\Services\SVKP\Enum##NextInstance Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP##Type Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP##Start Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP##ErrorControl Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP##DisplayName Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Security Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Security## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Security##Security Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Enum Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Enum## Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Enum##0 Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Enum##Count Medium
    Common Components Unrelated HKLM\SYSTEM\CurrentControlSet\Services\SVKP\Enum##NextInstance Medium
    Common Components Unrelated C:\WINDOWS\system32\SVKP.sys Medium


    Other Sections:



     
    Moderaattorin viimeksi muokkaama: 04.11.2006
    Hepefin, 04.11.2006
    #9
  11. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Joo mutta nuo ainakin vääriä hälyjä (voi olla että tuo on minkä poistit oli myös), älä välitä niistä, svkp.sys on packer, ei virus.
     
    -kemisti-, 04.11.2006
    #10
  12. Hepefin

    Hepefin Guest

    Selvä. :) Mutta todella SUURI KIITOS Kemistille :)!
     
    Hepefin, 04.11.2006
    #11
  13. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Olepa hyvä :)
     
    -kemisti-, 04.11.2006
    #12
Viestiketjun tila:
Viestiketju on suljettu.

Jaa tämä sivu