|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
Thread Tools |
01-20-2005, 08:56 AM
|
#1 (permalink) |
|
Registered User
Join Date: Jan 2005
Posts: 17
OS: win2000
|
Followed your suggestion and this is new log file. pls advice
====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 1/16/05 Get updates at http://www.greyknight17.com/download.htm#programs ***Security Programs Detected*** C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE C:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe O23 - Service: Panda Firewall Service - Unknown - C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Logfile of HijackThis v1.99.0 Scan saved at 10:39:15 PM, on 20/01/2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv50.exe C:\WINNT\Twain_32\3600\HotKey.exe C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Program Files\Ananda Computers\Bijoy 2000\Bijoy.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://ie.search.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.search.msn.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir...r=6&ar=msnhome R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dhaka.net:8080 O4 - HKLM\..\Run: [HotKey] C:\WINNT\Twain_32\3600\HotKey.exe O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=012305 serial=DR12WEX-1504397-KTY lang=EN O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s O4 - Global Startup: Bijoy 2000.lnk = C:\Program Files\Ananda Computers\Bijoy 2000\Bijoy.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/act...a/SymAData.cab O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - http://www.symantec.com/techsupp/act...ActiveData.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = cdd.com O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = cdd.com O23 - Service: Panda anti-virus service - Unknown - C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv50.exe End of KRC HijackThis Analyzer Log. ==================================================================== |
|
     
|
|
01-20-2005, 09:02 AM
|
#2 (permalink) |
|
Analyst, Security Team
|
Your log is clean.
To help prevent future spyware installations/infections, please read the Anti-Spyware Tutorial (http://www.greyknight17.com/spyware.htm#prevent) and use the tools provided. Are there any problems now? If not, you should be set to go.
__________________
Please do NOT PM me. Post whatever questions you may have in the forum and we will take a look at it when we get to it. If you have waited for more than 3 days, you may then and ONLY then PM me for assistance. I will take a look at it. |
|
|
|
|
| Thread Tools | |
|
|
