Aivan järkyttävää hitautta koneessa...

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by Clonez, Jul 28, 2010.

  1. Clonez

    Clonez Guest

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 19:43:07, on 28.7.2010
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\WTablet\Wacom_TabletUser.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\WindowsMobile\wmdcBase.exe
    C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
    C:\Windows\System32\DeltaIITray.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
    C:\Program Files\DAEMON Tools Lite\DTLite.exe
    C:\Users\Elkku\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe
    C:\Program Files\TechTracker\VersionTracker Pro\VersionTrackerPro.exe
    C:\Program Files\Vidalia Bundle\Tor\tor.exe
    C:\Program Files\Vidalia Bundle\Polipo\polipo.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Program Files\Spotify\spotify.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Windows\system32\svchost.exe
    C:\Users\Elkku\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Windows\system32\ntvdm.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\ntvdm.exe
    C:\Windows\system32\conhost.exe
    C:\Users\Elkku\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Elkku\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Elkku\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
    O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\system32\DeltaIITray.exe
    O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Elkku\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
    O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Startup: wwwqxk32.exe
    O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
    O4 - Global Startup: VersionTrackerPro.lnk = ?
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
    O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\Windows\system32\Wacom_Tablet.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe

    --
    End of file - 7108 bytes
     
    Clonez, Jul 28, 2010
    #1
  2. kalminen

    kalminen Regular member

    Joined:
    May 4, 2007
    Messages:
    3,915
    Likes Received:
    0
    Trophy Points:
    46
    .
    Täällä on niinpaljon tauhkaa, että tee
    nämä ensiksi ja laita sen jäkeen uusi HJT logi.

    Tässä nekon ohjeet sammuttaa turhaan käynnistyviä ohjelmia => TÄÄLTÄ

    :)
     
    kalminen, Jul 29, 2010
    #2

Share This Page