HijackThis logi

Discussion in 'Virukset ja haittaohjelmat' started by zeniitti, May 27, 2006.

  1. zeniitti

    zeniitti Member

    Joined:
    Jan 21, 2003
    Messages:
    98
    Likes Received:
    0
    Trophy Points:
    16
    Näytti olevan niiiiiin montaa aihetta, että parempi tehdä oma :)

    Onkos puhdas?

    Logfile of HijackThis v1.99.1
    Scan saved at 19:31:42, on 27.5.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    D:\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\WINDOWS\system32\mmm.exe
    D:\F-Secure Internet Security\Common\FSM32.EXE
    D:\MessengerPlus! 3\MsgPlus.exe
    D:\Windows Defender\MSASCui.exe
    C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
    D:\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
    D:\InterVideo\Common\Bin\WinCinemaMgr.exe
    D:\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
    D:\F-Secure Internet Security\backweb\4476822\Program\fspex.exe
    D:\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
    D:\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe
    D:\F-Secure Internet Security\Common\FSMA32.EXE
    D:\F-Secure Internet Security\Anti-Virus\fssm32.exe
    D:\F-Secure Internet Security\Common\FSMB32.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    D:\F-Secure Internet Security\Common\FCH32.EXE
    D:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    D:\F-Secure Internet Security\Common\FAMEH32.EXE
    D:\F-Secure Internet Security\Anti-Virus\fsqh.exe
    D:\F-Secure Internet Security\Anti-Virus\fsrw.exe
    D:\F-Secure Internet Security\Anti-Virus\fsav32.exe
    D:\F-Secure Internet Security\FWES\Program\fsdfwd.exe
    D:\F-SECU~1\ANTI-S~1\fsaw.exe
    D:\F-Secure Internet Security\FSGUI\fsguidll.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    D:\utorrent\utorrent.exe
    D:\AD-AWA~1\Ad-Aware.exe
    D:\Spybot - Search & Destroy\SpybotSD.exe
    D:\HijackThis 1.99.1\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Java\jre1.5.0_06\bin\ssv.dll
    O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe
    O4 - HKLM\..\Run: [KelsPakSoft] C:\WINDOWS\system32\mmm.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "D:\F-Secure Internet Security\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "D:\F-Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "D:\F-Secure Internet Security\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [MessengerPlus3] "d:\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [SmcService] D:\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [Windows Defender] "D:\Windows Defender\MSASCui.exe" -hide
    O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
    O4 - Startup: F-Secure 2006.lnk = D:\F-Secure Internet Security\backweb\4476822\Program\fspex.exe
    O4 - Global Startup: F-Secure 2006.lnk = D:\F-Secure Internet Security\backweb\4476822\Program\fspex.exe
    O8 - Extra context menu item: &Estä tämä kohoikkuna - D:\F-Secure Internet Security\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - D:\F-Secure Internet Security\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - D:\F-Secure Internet Security\Anti-Spyware\ieshield.dll
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1148719955875
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: F-Secure 2006 (BackWeb Plug-in - 4476822) - F-Secure Internet Security 2005 - D:\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - D:\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\F-Secure Internet Security\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\F-Secure Internet Security\Common\FSMA32.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - D:\Sygate\SPF\smc.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
     
    zeniitti, May 27, 2006
    #1
  2. Jurppis

    Jurppis Regular member

    Joined:
    Feb 22, 2006
    Messages:
    659
    Likes Received:
    0
    Trophy Points:
    26
    Tämä on hieman hämärän peitossa eli jos voisit uploadata tämän tiedoston:
    C:\WINDOWS\system32\mmm.exe
    Tänne:
    http://www.virustotal.com
    Eli paina sieltä ylhäältä selaa... / Choose... ja mene tuonne system32 kansioon ja tuplaklikkaa mmm.exe ja paina send
     
    Jurppis, May 27, 2006
    #2
  3. zeniitti

    zeniitti Member

    Joined:
    Jan 21, 2003
    Messages:
    98
    Likes Received:
    0
    Trophy Points:
    16
    zeniitti, May 28, 2006
    #3
  4. Jurppis

    Jurppis Regular member

    Joined:
    Feb 22, 2006
    Messages:
    659
    Likes Received:
    0
    Trophy Points:
    26
    Hyvä homma, loki on siis puhdas :)
     
    Jurppis, May 28, 2006
    #4

Share This Page