HijackThis logi

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by Middari, Jul 10, 2008.

  1. Middari

    Middari Member

    Joined:
    Nov 6, 2006
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    11
    No niin, kone on temppuillut. Heittää mm. ruutuun, että minulla ei ole oikeutta muuttaa jonkin ohjelman asetuksia (vaikka en niitä olekaan yrittänyt muuttaa) jokaisen käynnistyksen yhteydessä. Hidastelee, jumittuu, jatkuvaa "päivitystä/lataamista" vaativat sivut eivät toimi kunnolla, kone ei tunnista enää viruksentorjunta ohjelmistoa, vaikka ennen on sen tunnistanut. Viruksen torjuntaohjelma ei välillä suostu skannaamaan vaan lopettaa tarkistuksen nollaan prosenttiin jne.

    Trojan remover, avast ja ad-aware eivät löydä mitään. Löydättekö te?

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:04:25, on 10.7.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\svchost.exe
    D:\Program Files\Windows Defender\MsMpEng.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Ahead\InCD\InCDsrv.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\Explorer.EXE
    D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    D:\Program Files\Alwil Software\Avast4\ashServ.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\WINDOWS\SOUNDMAN.EXE
    D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    D:\Program Files\Ahead\InCD\InCD.exe
    D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    D:\Program Files\Windows Defender\MSASCui.exe
    D:\Program Files\Elisa\Avustaja\Elisa.exe
    D:\Program Files\QuickTime\qttask.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    D:\Program Files\Windows Media Player\WMPNSCFG.exe
    D:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
    D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    D:\Program Files\Logitech\SetPoint\SetPoint.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Microsoft Office\Office10\msoffice.exe
    D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    D:\Program Files\CyberLink\Shared Files\RichVideo.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    D:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    D:\WINDOWS\system32\wscntfy.exe
    D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    D:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    D:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    D:\WINDOWS\system32\wuauclt.exe
    D:\Program Files\Internet Explorer\iexplore.exe
    D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Oma kansio\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://elisa.net/paketti/haku.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://elisa.net/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Toimittaja Elisa Internet
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - D:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O2 - BHO: Elisa Avustaja Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - D:\Program Files\Elisa\Avustaja\IEFixItNowPlugin.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] D:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [MMTray] D:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [Windows Defender] "D:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [Elisa Avustaja] "D:\Program Files\Elisa\Avustaja\Elisa.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [TrojanScanner] D:\Program Files\Trojan Remover\Trjscan.exe
    O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\nbj.exe"
    O4 - HKCU\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [WMPNSCFG] D:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [PC Suite Tray] "D:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User '?')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User '?')
    O4 - HKUS\S-1-5-21-1292428093-776561741-1801674531-1004\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe (User '?')
    O4 - HKUS\S-1-5-21-1292428093-776561741-1801674531-1004\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (User '?')
    O4 - HKUS\S-1-5-21-1292428093-776561741-1801674531-1004\..\Run: [WMPNSCFG] D:\Program Files\Windows Media Player\WMPNSCFG.exe (User '?')
    O4 - HKUS\S-1-5-21-1292428093-776561741-1801674531-1004\..\Run: [PC Suite Tray] "D:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User '?')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-21-1292428093-776561741-1801674531-1004 Startup: Skype with Doro212.lnk = D:\Program Files\DORO\Skype with Doro212 2.4\Skype with Doro212.exe (User '?')
    O4 - Startup: Skype with Doro212.lnk = D:\Program Files\DORO\Skype with Doro212 2.4\Skype with Doro212.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: SMS-viesti - {750B6474-7314-48DC-885E-3AB77A45E7B6} - http://sms.kolumbus.fi/ (file missing) (HKCU)
    O9 - Extra button: Tuki - {CB36C8C6-47D1-43C6-AD8D-83853242F5EE} - http://tuki.elisa.net/ (file missing) (HKCU)
    O9 - Extra button: Palvelut - {DE6F70EA-BE52-401A-9879-78C2E8C601AD} - http://service.kolumbus.fi/ (file missing) (HKCU)
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - D:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 10197 bytes
     
    Middari, Jul 10, 2008
    #1
  2. Middari

    Middari Member

    Joined:
    Nov 6, 2006
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    11
    Eikö kukaan osaa auttaa meikäläistä?
     
    Middari, Jul 28, 2008
    #2

Share This Page