Kone jumittaa PER....!!! + hijackthis loki

Viestiketju Virukset ja haittaohjelmat -osiossa. Ketjun avasi petekake 01.12.2005.

  1. petekake

    petekake Member

    Liittynyt:
    18.05.2005
    Viestejä:
    98
    Kiitokset:
    0
    Pisteet:
    16
    Kone alkoi hidasteleen aivan vit...i jostain syystä





    Logfile of HijackThis v1.99.1
    Scan saved at 19:15:22, on 1.12.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    E:\ohjelmia\navapsvc.exe
    E:\ohjelmia\SAVScan.exe
    E:\ohjelmia\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\ohjelmia\adobe reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\ohjelmia\NavShExt.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\ohjelmia\NavShExt.dll
    O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
    O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fi/filesharingctrl.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{0A6A5BFC-833A-4E61-AF44-5BDE056768DC}: NameServer = 193.184.122.21,193.229.0.40
    O17 - HKLM\System\CS2\Services\Tcpip\..\{0A6A5BFC-833A-4E61-AF44-5BDE056768DC}: NameServer = 193.184.122.21,193.229.0.40
    O17 - HKLM\System\CS3\Services\Tcpip\..\{0A6A5BFC-833A-4E61-AF44-5BDE056768DC}: NameServer = 193.184.122.21,193.229.0.40
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Norton AntiVirus -ohjelman automaattinen suojaus (navapsvc) - Symantec Corporation - E:\ohjelmia\navapsvc.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - Unknown owner - E:\ohjelmia\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe (file missing)
    O23 - Service: SAVScan - Symantec Corporation - E:\ohjelmia\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\ohjelmia\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe





    AC3Filter (remove only)
    Acronis PartitionExpert
    ACT LABS Force RS USB Driver
    Adobe Acrobat 7.0.1 and Reader 7.0.1 Update
    Adobe Atmosphere Player for Acrobat and Adobe Reader
    Adobe Download Manager 2.0 (Poista ainoastaan)
    Adobe Reader 7.0 - Suomi
    ArcSoft Panorama Maker 3.5
    ATI Control Panel
    ATI Display Driver
    ATI-ohjelmiston poisto-ohjelma
    Azureus
    BitTorrent 4.1.3-Beta
    BSPlayer
    BSPlayer
    Call of Duty(R) 2
    CC_ccProxyMSI
    CC_ccStart
    ccCommon
    Counter-Strike 1.6
    DAEMON Tools
    DC++ 0.674
    DCPlusPlus
    DigiPosti
    DivX
    DivX 5.0.3 Bundle
    DivX Player
    Doom 3
    DVD Shrink 3.2
    DVD Solution
    EAX(tm) Unified (SHELL)
    EAX4 Unified Redist
    Elasto Mania
    EVEREST Home Edition v2.00
    ExtraFilm Kotona 2
    ffdshow
    FireTune
    FlatOut
    Google Talk (remove only)
    GTA San Andreas
    GUN (TM)
    Hellforces
    HijackThis 1.99.1
    HP Image Zone 3.5
    HP Photosmart -kamerat 3.5
    HP Software Update
    InCD
    Indeo® XP Software
    IsoBuster 1.8
    iTunes
    J2SE Runtime Environment 5.0 Update 1
    J2SE Runtime Environment 5.0 Update 2
    J2SE Runtime Environment 5.0 Update 4
    Java 2 Runtime Environment, SE v1.4.2_05
    Java 2 Runtime Environment, SE v1.4.2_06
    KM400 Display Driver and Utilities
    Labtec Wireless Desktop
    Language pack for Ad-Aware SE
    LiveReg (Symantec Corporation)
    LiveUpdate 2.6 (Symantec Corporation)
    Macromedia Shockwave Player
    MadOnion.com/3DMark2001 SE
    Memories Disc Creator 2.0
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Finnish Language Pack
    Microsoft .NET Framework 1.1 Hotfix (KB886903)
    Microsoft Data Access Components KB870669
    Microsoft Office XP Professional
    Microsoft Windows Journal Viewer
    Mozilla Firefox (1.0.4)
    Mozilla Firefox (1.0.7)
    MSN Gaming Zone
    MSN Messenger 7.5
    MSN Työkalupalkki
    MSRedist
    MSXML 4.0 SP2 Parser and SDK
    Multimedia Launcher
    Nero 6 Enterprise Edition
    NetLimiter 1.30 (remove only)
    Norton AntiSpam
    Norton AntiVirus 2004
    Norton AntiVirus 2004 (Symantec Corporation)
    Norton AntiVirus Parent MSI
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Personal Firewall
    Norton Personal Firewall (Symantec Corporation)
    Norton WMI Update
    PowerDVD
    PowerProducer
    PowerQuest PartitionMagic 8.0
    Päivitys Windows XP:lle (KB894391)
    Päivitys Windows XP:lle (KB896727)
    Päivitys Windows XP:lle (KB898461)
    Quake 4(TM)
    QuickTime
    Realtek AC'97 Audio
    Screensavers Installer
    Shockwave
    Skype 1.4
    Spybot - Search & Destroy 1.3
    Street Racing Syndicate (TM)
    Subtitle Workshop 2.51
    Suojauspäivitys Windows XP:lle (KB883939)
    Suojauspäivitys Windows XP:lle (KB890046)
    Suojauspäivitys Windows XP:lle (KB893756)
    Suojauspäivitys Windows XP:lle (KB896358)
    Suojauspäivitys Windows XP:lle (KB896422)
    Suojauspäivitys Windows XP:lle (KB896423)
    Suojauspäivitys Windows XP:lle (KB896424)
    Suojauspäivitys Windows XP:lle (KB896428)
    Suojauspäivitys Windows XP:lle (KB896688)
    Suojauspäivitys Windows XP:lle (KB899587)
    Suojauspäivitys Windows XP:lle (KB899588)
    Suojauspäivitys Windows XP:lle (KB899589)
    Suojauspäivitys Windows XP:lle (KB899591)
    Suojauspäivitys Windows XP:lle (KB900725)
    Suojauspäivitys Windows XP:lle (KB901017)
    Suojauspäivitys Windows XP:lle (KB901214)
    Suojauspäivitys Windows XP:lle (KB902400)
    Suojauspäivitys Windows XP:lle (KB903235)
    Suojauspäivitys Windows XP:lle (KB904706)
    Suojauspäivitys Windows XP:lle (KB905414)
    Suojauspäivitys Windows XP:lle (KB905749)
    Symantec Script Blocking Installer
    Tactical Ops
    Tiger Woods PGA TOUR 06
    Time Adjuster v2.9 (STANDARD)
    Viewpoint Media Player
    Winamp (remove only)
    WinAVI Video Converter 5.7
    WinAVI VideoConverter
    Windows Installer 3.1 (KB893803)
    Windows Installer 3.1 (KB893803)
    Windows Media Format Runtime
    Windows Media Player 10
    Windows XP Hotfix - KB834707
    Windows XP Hotfix - KB867282
    Windows XP Hotfix - KB873333
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890047
    Windows XP Hotfix - KB890175
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB890923
    Windows XP Hotfix - KB891781
    Windows XP Hotfix - KB893066
    Windows XP Hotfix - KB893086
    Windows XP Service Pack 2
    WinRAR archiver
    VobSub v2.23 (Remove Only)
    XviD Video Codec 14052003-1 (Koepi's developer build)



    Kiitoksia jo etukäteen jos hijackistä ei löydy mitään niin mitä voisin tehdä kysyn vaan ;)
     
  2.  
  3. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Eipä juuri mitään outoa satu silmiin.

    Fixaa tuo:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm

    Voit tietty selvittää, että mikä ohjelma esim. käyttää suoritinta eniten tehtävienhallinnasta, jos siitä on kyse.
     

Jaa tämä sivu