HJT loki

Discussion in 'Virukset ja haittaohjelmat' started by Ratazz, Jul 2, 2006.

  1. Ratazz

    Ratazz Member

    Joined:
    Jun 11, 2013
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    11
    Logfile of HijackThis v1.99.1
    Scan saved at 21:00:33, on 2.7.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\Program Files\Sygate\SPF\smc.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    F:\Program Files\Alwil Software\Avast4\ashServ.exe
    F:\Program Files\ewido anti-spyware 4.0\guard.exe
    F:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    F:\Program Files\Common Files\Stardock\SDMCP.exe
    F:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
    F:\WINDOWS\Explorer.EXE
    F:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
    F:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    F:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    F:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    F:\Program Files\Motherboard Monitor 5\MBM5.EXE
    F:\Program Files\MSN Messenger\MsnMsgr.Exe
    F:\Program Files\Pulse\Pulse.exe
    F:\Program Files\Logitech\SetPoint\SetPoint.exe
    F:\Program Files\ATITool\ATITool.exe
    F:\Program Files\Samurize\Client.exe
    F:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    F:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    F:\WINDOWS\system32\svchost.exe
    F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    F:\WINDOWS\system32\cmd.exe
    F:\PROGRA~1\irssi\bin\rxvt.exe
    F:\Program Files\irssi\usr\local\bin\irssi.exe
    F:\WINDOWS\system32\wisptis.exe
    F:\WINDOWS\System32\svchost.exe
    F:\Program Files\Opera\Opera.exe
    F:\Documents and Settings\Jukka\Työpöytä\Ohjelmat\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://elisa.net/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O4 - HKLM\..\Run: [PRONoMgr.exe] F:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] F:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "F:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [SmcService] F:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] F:\Program Files\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    O4 - HKLM\..\Run: [!ewido] "F:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKLM\..\Run: [ATICCC] "F:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [MBM 5] "F:\Program Files\Motherboard Monitor 5\MBM5.EXE"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Pulse] F:\Program Files\Pulse\Pulse.exe -splash
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: Adobe Gamma.lnk = F:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: ATITool.lnk = F:\Program Files\ATITool\ATITool.exe
    O4 - Startup: Client Default.lnk = F:\Program Files\Samurize\Client.exe
    O4 - Startup: Natural Desktop.lnk = ?
    O4 - Startup: Stardock ObjectDock.lnk = F:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1151657333450
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151662142373
    O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: MCPClient - F:\Program Files\Common Files\Stardock\mcpstub.dll
    O20 - Winlogon Notify: WB - F:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\fastload.dll
    O23 - Service: Adobe LM Service - Adobe Systems - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - F:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - F:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - F:\Program Files\Sygate\SPF\smc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - F:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
     
    Ratazz, Jul 2, 2006
    #1
  2. sasesi

    sasesi Member

    Joined:
    May 11, 2006
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    16
    Siirrä ensin HijackThis omaan kansioonsa:

    F:\HijackThis\ ---->HijackThis.exe<----

    Örkittömiä mutta turhia mitkä hidastavat koneen käynnistymistä:
    O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    O4 - Startup: Adobe Gamma.lnk = F:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    Logisi on puhdas örkeistä.
     
    sasesi, Jul 2, 2006
    #2

Share This Page