1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

HijackThis -loki, kone hidastelee melkein kokoajan

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi Latexi 01.08.2006.

Viestiketjun tila:
Viestiketju on suljettu.
  1. Latexi

    Latexi Member

    Liittynyt:
    29.12.2005
    Viestejä:
    67
    Kiitokset:
    0
    Pisteet:
    16
    Viittiskö joku takastaa mun HJT -lokin? Kiitos.

    Logfile of HijackThis v1.99.1
    Scan saved at 18:30:29, on 1.8.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    I:\WINDOWS\System32\smss.exe
    I:\WINDOWS\system32\csrss.exe
    I:\WINDOWS\system32\winlogon.exe
    I:\WINDOWS\system32\services.exe
    I:\WINDOWS\system32\lsass.exe
    I:\WINDOWS\system32\Ati2evxx.exe
    I:\WINDOWS\system32\svchost.exe
    I:\WINDOWS\system32\svchost.exe
    I:\WINDOWS\System32\svchost.exe
    I:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    I:\WINDOWS\system32\svchost.exe
    I:\WINDOWS\system32\svchost.exe
    I:\WINDOWS\system32\spoolsv.exe
    I:\WINDOWS\system32\Ati2evxx.exe
    I:\WINDOWS\Explorer.EXE
    I:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    I:\WINDOWS\SOUNDMAN.EXE
    I:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE
    I:\Program Files\Ahead\InCD\InCD.exe
    I:\Program Files\Common Files\Real\Update_OB\realsched.exe
    I:\Program Files\iTunes\iTunesHelper.exe
    I:\Program Files\QuickTime\qttask.exe
    I:\Program Files\MessengerPlus! 3\MsgPlus.exe
    I:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    I:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    I:\Program Files\Winamp\winampa.exe
    I:\WINDOWS\system32\ctfmon.exe
    I:\Program Files\Messenger\msmsgs.exe
    I:\Program Files\Spyware Doctor\swdoctor.exe
    I:\Program Files\MSN Messenger\msnmsgr.exe
    I:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
    I:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    I:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
    I:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    I:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
    I:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
    I:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    I:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe
    I:\Program Files\Elisa Tietoturvapalvelu\Common\FSMB32.EXE
    I:\Program Files\Ahead\InCD\InCDsrv.exe
    I:\Program Files\Elisa Tietoturvapalvelu\Common\FCH32.EXE
    I:\Program Files\Spyware Doctor\sdhelp.exe
    I:\Program Files\Elisa Tietoturvapalvelu\Common\FAMEH32.EXE
    I:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsrw.exe
    I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    I:\WINDOWS\system32\wdfmgr.exe
    I:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe
    I:\Program Files\iPod\bin\iPodService.exe
    I:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    I:\WINDOWS\System32\alg.exe
    I:\PROGRA~1\ELISAT~1\ANTI-S~1\fsaw.exe
    I:\Program Files\Elisa Tietoturvapalvelu\FSGUI\fsguidll.exe
    I:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    I:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    I:\Program Files\BitTornado\btdownloadgui.exe
    I:\Program Files\Mozilla Firefox\firefox.exe
    I:\WINDOWS\system32\rundll32.exe
    I:\Documents and Settings\Lauri\Omat tiedostot\Torrentit\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.luukku.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - I:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar2.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - I:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] I:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [F-Secure Manager] "I:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "I:\Program Files\Elisa Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "I:\Program Files\Elisa Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [NeroCheck] I:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] I:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [News Service] "I:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [MessengerPlus3] "I:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] I:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [ATICCC] "I:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [WinPatrol] I:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
    O4 - HKLM\..\Run: [WinampAgent] I:\Program Files\Winamp\winampa.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "I:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [MessengerPlus3] "I:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [Spyware Doctor] "I:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = I:\Program Files\Ubisoft\Demo\Ghost Recon Advanced Warfighter Demo\Support\Register\RegistrationReminder.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = I:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = I:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = I:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Estä tämä kohoikkuna - I:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Google Search - res://i:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://i:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://i:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://i:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://i:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://i:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - I:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - I:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - I:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll
    O9 - Extra button: @I:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @I:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.2.76.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://munky-1.spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://simcity.ea.com/update/EARTPX.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {C36661D7-3590-45B1-80B5-520839E94DAD} (MaxisSimCity4PatcherX Control) - http://simcity.ea.com/update/MaxisSimCity4PatcherX.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "I:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Elisa Tietoturvapalvelu (BackWeb Plug-in - 4119343) - BackWeb Technologies Inc. - I:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - I:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - I:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - I:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - I:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - I:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPodService - Apple Computer, Inc. - I:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - I:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - I:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: StyleXPService - Unknown owner - I:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
     
    Latexi, 01.08.2006
    #1
  2.  
Viestiketjun tila:
Viestiketju on suljettu.

Jaa tämä sivu