1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

help, i need somebody

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi lapotuna 20.01.2014.

  1. lapotuna

    lapotuna Member

    Liittynyt:
    17.12.2008
    Viestejä:
    17
    Kiitokset:
    0
    Pisteet:
    11
    kone juntturassa ja netti pomppii erinäistä skeidaa.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 2:10:35, on 20.2.2014
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\ibmpmsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\Real\RealPlayer\update\realsched.exe
    C:\Program Files\Mobogenie\DaemonProcess.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Järjestelmänvalvoja\Application Data\uTorrent\uTorrent.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\WinZip\WZQKPICK32.EXE
    C:\Program Files\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe
    C:\Program Files\Mobiililaajakaista\Mobiililaajakaista\LoggerServer.exe
    C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
    C:\Program Files\Emotum\Mobile Broadband Service\mbbsvc.exe
    C:\Program Files\DNA\ESUS_DNA\ESUS_DNA.exe
    C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Emotum\Mobile Broadband Service\NvtlSrvr.exe
    C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Application Data\Torch\Update\TorchCrashHandler.exe
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
    C:\Program Files\DNA\DNA Netti\DNANetti.exe
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
    C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe
    C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe
    C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\WINDOWS\system32\runonce.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Program Files\AVG\AVG2012\avgemcx.exe
    C:\Program Files\AVG\AVG2012\avgidsagent.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.v9.com/?utm_source=b&utm_...EVS-08RST2_WD-WXE208DY5713Y5713&ts=1372188480
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dts.search.ask.com/sidebar.html?src=ssb&gct=ds&appid=362&systemid=406
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-362&v=a9396-134&t=4
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.v9.com/?utm_source=b&utm_...EVS-08RST2_WD-WXE208DY5713Y5713&ts=1372188480
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&...BtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=1616579311&ir=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search.ask.com/sidebar.html?src=ssb&gct=ds&appid=362&systemid=406
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search.ask.com/sidebar.html?src=ssb&gct=ds&appid=362&systemid=406
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com/web/?utm_sourc...DCXWD800BEVS-08RST2_WD-WXE208DY5713Y5713&ts=0
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: VideoPlayerV3beta731 - {1981dc3e-69c7-400b-beda-d5ed1262af28} - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta731\ie\VideoPlayerV3beta731.dll
    O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    O2 - BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
    O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\PROGRA~1\MYSEAR~1\bh\mysearchdial.dll
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
    O3 - Toolbar: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing)
    O3 - Toolbar: mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\PROGRA~1\MYSEAR~1\mysearchdialTlbr.dll
    O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~2.EXE
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Smart Driver Updater] C:\Program Files\Smart Driver Updater\SDULauncher.exe
    O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Järjestelmänvalvoja\Application Data\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - HKCU\..\Run: [NextLive] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Järjestelmänvalvoja\Application Data\newnext.me\nengine.dll",EntryPoint -m l
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User Paikallinen palve)
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User Verkkopalve)
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User SYSTEM)
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User Default user)
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra Tools menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: BecHelperService - Unknown owner - C:\Program Files\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe
    O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe
    O23 - Service: Datamngr Coordinator (DatamngrCoordinator2) - Bandoo Media Inc. - C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Emotum Mobile Broadband Service (EmotumMBBSvc) - Unknown owner - C:\Program Files\Emotum\Mobile Broadband Service\mbbsvc.exe
    O23 - Service: DNA Software Update Service (ESUSClient_DNA) - Unknown owner - C:\Program Files\DNA\ESUS_DNA\ESUS_DNA.exe
    O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Google Päivitä-palvelu (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Päivitä-palvelu (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
    O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NetMeeting etätyöpöydän jakaminen (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
    O23 - Service: NovaCore SDK Service (NvtlService) - Unknown owner - C:\Program Files\Emotum\Mobile Broadband Service\NvtlSrvr.exe
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Etätyöpöydän ohjeen istunnonhallinta (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    O23 - Service: Älykortti (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: Resurssilokit ja -hälytykset (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
    O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Application Data\Torch\Update\TorchCrashHandler.exe
    O23 - Service: Aseman tilannevedos (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
    O23 - Service: WMI resurssisovitin (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

    --
    End of file - 12644 bytes
     
    lapotuna, 20.01.2014
    #1
  2.  
  3. MikroMake

    MikroMake Active member

    Liittynyt:
    03.02.2006
    Viestejä:
    3,864
    Kiitokset:
    4
    Pisteet:
    68
    Ei tuollaista konetta josta puuttuu suurin osa tietoturvapäivityksistä kannatta enää ruveta puhdistamaan.

    Minä ainakin asentaisin tuossa tapauksessa käyttöjärjestelmän uudestaan alusta alkaen ja asentaisin siihen heti Service Pack 3:n ja kaikki muut tietoturvapäivitykset.
     
    MikroMake, 20.01.2014
    #2

Jaa tämä sivu