Jos joku haluaisi tsekata, tänks.

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by Tumpelo666, May 23, 2010.

Thread Status:
Not open for further replies.
  1. Tumpelo666

    Tumpelo666 Regular member

    Joined:
    Jan 9, 2010
    Messages:
    1,265
    Likes Received:
    21
    Trophy Points:
    48
    StartupList report, 23.5.2010, 18:12:00
    StartupList version: 1.52.2
    Started from : C:\Program Files\Trend Micro\HiJackThis\HiJackThis.EXE
    Detected: Windows 7 (WinNT 6.00.3504)
    Detected: Unable to get Internet Explorer version!
    * Using default options
    ==================================================

    Running processes:

    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Alwil Software\Avast4\ashSimp2.exe
    C:\Windows\system32\mmc.exe
    C:\Users\Tumpelo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Tumpelo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Tumpelo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Users\Tumpelo\AppData\Local\Google\Chrome\Application\chrome.exe

    --------------------------------------------------

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\Windows\system32\userinit.exe,

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    avast! = "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    Google Update = "C:\Users\Tumpelo\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    --------------------------------------------------

    Shell & screensaver key from C:\Windows\SYSTEM.INI:

    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*

    Shell & screensaver key from Registry:

    Shell=explorer.exe
    SCRNSAVE.EXE=*Registry value not found*
    drivers=*Registry value not found*

    Policies Shell key:

    HKCU\..\Policies: Shell=*Registry value not found*
    HKLM\..\Policies: Shell=*Registry value not found*

    --------------------------------------------------


    Enumerating Browser Helper Objects:

    (no name) - (no file) - {5C255C8A-E604-49b4-9D64-90988571CECB}
    (no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
    (no name) - C:\Program Files\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    AWC Startup.job
    GoogleUpdateTaskUserS-1-5-21-4038667404-1395535267-3618649577-1001Core.job
    GoogleUpdateTaskUserS-1-5-21-4038667404-1395535267-3618649577-1001UA.job

    --------------------------------------------------

    Enumerating Winsock LSP files:

    NameSpace #1: C:\Windows\system32\NLAapi.dll
    NameSpace #4: C:\Windows\system32\napinsp.dll
    NameSpace #5: C:\Windows\system32\pnrpnsp.dll
    NameSpace #6: C:\Windows\system32\pnrpnsp.dll
    NameSpace #7: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
    NameSpace #8: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

    --------------------------------------------------

    Enumerating Windows NT logon/logoff scripts:

    Windows NT checkdisk command:
    BootExecute = autocheck autochk *

    Windows NT 'Wininit.ini':
    PendingFileRenameOperations: C:\Program Files\IObit\Game Booster\temp.ini||d:\e16ef6b400a99b66bfd2||C:\Users\Tumpelo\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\index.dat||C:\Users\Tumpelo\AppData\Roaming\MICROS~1\Windows\Cookies\index.dat||C:\Users\Tumpelo\AppData\Local\MICROS~1\Windows\History\History.IE5\index.dat||C:\Program Files\IObit\Game Booster\temp.ini||C:\Users\Tumpelo\AppData\Local\Temp\A~NSISu_.exe|||d

    --------------------------------------------------

    Enumerating ShellServiceObjectDelayLoad items:

    WebCheck: *Registry key not found*

    --------------------------------------------------
    End of report, 4 848 bytes
    Report generated in 0,093 seconds
     
    Tumpelo666, May 23, 2010
    #1
Thread Status:
Not open for further replies.

Share This Page