hijackthis loki

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi saamu 25.09.2006.

Viestiketjun tila:
Viestiketju on suljettu.
  1. saamu

    saamu Regular member

    Liittynyt:
    21.10.2003
    Viestejä:
    180
    Kiitokset:
    0
    Pisteet:
    26
    Logfile of HijackThis v1.99.1
    Scan saved at 21:29:39, on 25.9.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\Ati2evxx.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\WINDOWS\system32\Ati2evxx.exe
    F:\WINDOWS\Explorer.EXE
    F:\WINDOWS\SOUNDMAN.EXE
    F:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
    F:\Program Files\Common Files\Real\Update_OB\realsched.exe
    F:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
    F:\Program Files\Skype\Phone\Skype.exe
    F:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
    F:\Program Files\MSN Messenger\msnmsgr.exe
    F:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe
    F:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
    F:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
    F:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe
    F:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE
    F:\WINDOWS\System32\svchost.exe
    F:\Program Files\F-Secure Internet Security\backweb\4476822\Program\fspex.exe
    F:\Program Files\F-Secure Internet Security\Common\FCH32.EXE
    F:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE
    F:\Program Files\F-Secure Internet Security\Anti-Virus\fsqh.exe
    F:\Program Files\F-Secure Internet Security\Anti-Virus\fsrw.exe
    F:\Program Files\F-Secure Internet Security\FSPC\fspc.exe
    F:\Program Files\F-Secure Internet Security\Anti-Virus\fsav32.exe
    F:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
    F:\PROGRA~1\F-SECU~1\ANTI-S~1\fsaw.exe
    F:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
    F:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    F:\WINDOWS\system32\msiexec.exe
    F:\Program Files\ToniArts\EasyCleaner\EasyClea.exe
    F:\Program Files\Mozilla Firefox\firefox.exe
    F:\Documents and Settings\Mika Huttu\Työpöytä\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.traktorit.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
    O4 - HKLM\..\Run: [ATICCC] "F:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [F-Secure Manager] "F:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "F:\Program Files\F-Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "F:\Program Files\F-Secure Internet Security\FSGUI\FSSW.EXE" /reboot
    O4 - HKCU\..\Run: [Skype] "F:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [msnmsgr] "F:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Startup: Xfire.lnk = F:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: F-Secure 2006.lnk = F:\Program Files\F-Secure Internet Security\backweb\4476822\Program\fspex.exe
    O8 - Extra context menu item: &Estä tämä kohoikkuna - F:\Program Files\F-Secure Internet Security\Anti-Spyware\blockpopups.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Web-suodatin - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - F:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - F:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Web-suodatin - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - F:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
    O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - F:\Program Files\F-Secure Internet Security\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - F:\Program Files\F-Secure Internet Security\Anti-Spyware\ieshield.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - F:\WINDOWS\System32\Shdocvw.dll
    O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
    O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int6.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1134217426843
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1134218149906
    O16 - DPF: {81B9C506-46D3-4667-9018-3D6575CBC046} (VacPro.finland_ver10) - http://66.194.38.28/dialer/finland_ver10.CAB
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Filter: text/html - {95FBE109-6042-4A1A-BB94-BC8308F26B40} - F:\Documents and Settings\Mika Huttu\Local Settings\Application Data\microsoft\internet explorer\V0.39.dat
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: F-Secure 2006 (BackWeb Plug-in - 4476822) - F-Secure Internet Security 2005 - F:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - F:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - F:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - F:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - F:\Program Files\F-Secure Internet Security\FSPC\fshttps\fshttps.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - F:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
    O23 - Service: PROSPEKTI Solid FE 3.1 - Unknown owner - F:\PROGRA~1\SOFTWA~1\PROSPE~1\SOLIDF~1.PRO\solfe.exe (file missing)
     
  2.  
Viestiketjun tila:
Viestiketju on suljettu.

Jaa tämä sivu