Tarkistakaa HJT-Logi

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi Tikkuneq 22.08.2006.

Viestiketjun tila:
Viestiketju on suljettu.
  1. Tikkuneq

    Tikkuneq Regular member

    Liittynyt:
    10.01.2006
    Viestejä:
    585
    Kiitokset:
    0
    Pisteet:
    26
    Tämmönen tarkistus että kaikki on kunnossa. meinaa ku ewido teki complete scannauksen tuli 18 medium riskiä ja 51 infected objectia. voiko ne sit poistaa karanteenista ne pöpöt scannauksen jälkeen?

    ewidon raportti:

    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 13:22:13 22.8.2006

    + Scan result:



    :mozilla.77:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
    :mozilla.31:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.32:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.33:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.41:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.42:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.43:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.44:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.45:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.46:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.138:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
    :mozilla.139:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
    :mozilla.82:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
    :mozilla.83:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
    :mozilla.123:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.124:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.125:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.126:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.36:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.35:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
    C:\Documents and Settings\Ville\Cookies\ville@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
    :mozilla.49:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
    :mozilla.50:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.57:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.117:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Clickhype : No action taken.
    :mozilla.118:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Clickhype : No action taken.
    :mozilla.23:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
    :mozilla.7:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
    C:\Documents and Settings\Ville\Cookies\ville@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
    :mozilla.83:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.165:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.63:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.64:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.121:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
    :mozilla.15:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.16:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.175:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.176:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.177:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.178:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.179:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.17:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.18:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.20:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.26:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.30:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.174:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.34:C:\Documents and Settings\Iskä ja Äiti\Application Data\Mozilla\Firefox\Profiles\skww5xbi.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.6:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Web-stat : No action taken.
    :mozilla.27:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.28:C:\Documents and Settings\Ville\Application Data\Mozilla\Firefox\Profiles\q78n5voh.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    (KAIKKI NYT KARANTEENISSÄ VIELÄ)


    ::Report end


    sitte hjt-logi:

    Logfile of HijackThis v1.99.1
    Scan saved at 13:23:31, on 22.8.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5346.0005)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\ATI-CPanel\atiptaxx.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Norman\bin\ZLH.EXE
    C:\Documents and Settings\All Users\Application Data\csrss\csrss.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\BlockHome\Block.exe
    C:\WINDOWS\System32\cisvc.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Norman\Bin\Zanda.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Norman\Nvc\BIN\NIP.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Norman\Nvc\BIN\NVCSCHED.EXE
    C:\Norman\bin\NJEEVES.EXE
    C:\Norman\Nvc\BIN\nipsvc.exe
    C:\Norman\Nvc\bin\nvcoas.exe
    C:\WINDOWS\System32\alg.exe
    C:\Norman\Nvc\bin\cclaw.exe
    C:\Documents and Settings\Tikki\Omat tiedostot\mIRC\mirc.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\HJT\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
    O4 - HKLM\..\Run: [csrss] C:\Documents and Settings\All Users\Application Data\csrss\csrss.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\blocklsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\blocklsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\blocklsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\blocklsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\blocklsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\blocklsp.dll
    O11 - Options group: [INTERNATIONAL] International*
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
    O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE
     
    Tikkuneq, 22.08.2006
    #1
  2.  
  3. Tikkuneq

    Tikkuneq Regular member

    Liittynyt:
    10.01.2006
    Viestejä:
    585
    Kiitokset:
    0
    Pisteet:
    26
    kai nyt joku voi tarkistaa?
     
    Tikkuneq, 25.08.2006
    #2
Viestiketjun tila:
Viestiketju on suljettu.

Jaa tämä sivu