hjt log

Discussion in 'Virukset ja haittaohjelmat' started by lam0r, May 17, 2005.

  1. lam0r

    lam0r Guest

    Logfile of HijackThis v1.99.1
    Scan saved at 22:28:41, on 17.5.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
    C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe
    C:\Program Files\F-Secure Anti-Virus\Anti-Virus\FSGK32.EXE
    C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fssm32.exe
    C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE
    C:\Program Files\F-Secure Anti-Virus\Common\FSMB32.EXE
    C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    C:\Program Files\F-Secure Anti-Virus\Common\FCH32.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\F-Secure Anti-Virus\Common\FAMEH32.EXE
    C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fsav32.exe
    C:\Program Files\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\WINDOWS\htpatch.exe
    C:\Program Files\F-Secure Anti-Virus\Common\FSM32.EXE
    C:\PROGRA~1\PHILIP~1\VProperty.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\F-Secure Anti-Virus\FSGUI\fsguiexe.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\F-Secure Anti-Virus\backweb\4476822\Program\fspex.exe
    C:\Documents and Settings\saatana666\Omat tiedostot\Vastaanotetut tiedostot\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Program Files\TeleWell\ADSL USB Router\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Anti-Virus\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Anti-Virus\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure Anti-Virus\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: F-Secure Anti-Virus 2005 (BackWeb Plug-in - 4476822) - Unknown owner - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE
    O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe

     
  2. jepu010

    jepu010 Regular member

    Joined:
    Mar 9, 2004
    Messages:
    136
    Likes Received:
    0
    Trophy Points:
    26
    Ja mikä järki tässä on?? Olisi ehkä kannattanut käyttää käsiään ja kirjoittaa jotain itekin..
     
  3. pkaksp

    pkaksp Moderator Staff Member

    Joined:
    Jan 10, 2005
    Messages:
    12,231
    Likes Received:
    53
    Trophy Points:
    128
    Kyllä se sun konees pysyy pöpöiltä turvas ku hoidat vain virusskannaukset ja päivitykset ajallaan. Kuten myös spywaren poisto ohjelmien kohdal. Ei niitä hjt lokeja tänne tarvi joka välis tukkia.
     
  4. Toymaatti

    Toymaatti Active member

    Joined:
    Feb 4, 2005
    Messages:
    1,038
    Likes Received:
    0
    Trophy Points:
    66
  5. lam0r

    lam0r Guest

Share This Page