kone hidas+hjt loki

Discussion in 'Virukset ja haittaohjelmat' started by joonasm88, May 30, 2006.

  1. joonasm88

    joonasm88 Regular member

    Joined:
    Sep 14, 2004
    Messages:
    246
    Likes Received:
    0
    Trophy Points:
    26
    kone todella hidas. suoritinkäyttö koko ajan 100 %

    Logfile of HijackThis v1.99.1
    Scan saved at 12:58:20, on 30.5.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    c:\APPS\HIDSERVICE\HIDSERVICE.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\Program Files\ClamWin\bin\ClamTray.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\slserv.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\ctfmon.exe
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
    C:\Documents and Settings\Lumikki\Työpöytä\EClea2_0\EasyClea.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Lumikki\Työpöytä\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://elisa.net/paketti/haku.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://elisa.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Toimittaja Elisa Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
    O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: SMS-viesti - {9B92254B-B2D1-407F-8229-481726F3F8FF} - http://sms.kolumbus.fi/ (file missing) (HKCU)
    O9 - Extra button: Palvelut - {A5EE670B-7EF4-4DB4-8A9B-ECF155E4BEC4} - http://service.kolumbus.fi/ (file missing) (HKCU)
    O9 - Extra button: Tuki - {C277AA6C-83F9-4BA6-BCD7-600D1752CE01} - http://tuki.elisa.net/ (file missing) (HKCU)
    O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
    O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
    O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     
    joonasm88, May 30, 2006
    #1
  2. Daniii

    Daniii Regular member

    Joined:
    May 11, 2006
    Messages:
    120
    Likes Received:
    0
    Trophy Points:
    26
    Terve!

    Lokissa ei huomautettavaa.

    Katsotaas mitä tämä sanoo:

    Lataa WinPFind täältä: http://www.bleepingcomputer.com/files/oldtimer/WinPFind.zip työpöydällesi.

    Pura tiedoston WinPFind.zip sisältö (kansio WinPFind) C-aseman juureen.

    Mene sitten kansioon C:\WinPFind ja tuplaklikkaa tiedostoa WinPFind.exe, ohjelma käynnistyy.

    Paina Start Scan-painiketta ja odota kunnes skannaus on valmis. Ohjelma skannaa todella suuren määrään tiedostoja etsien vastaavuutta haittaohjelmille tyypillisiin tiedostoihin, joten ole kärsivällinen ja anna ohjelman skannata. Skannaus saattaa kestää jopa yli 30 minuuttia.

    Kun skannaus on valmis, ohjelma näyttää skannaustuloksen. Paina Copy to Clipboard- painiketta, tulos kopioituu leikepöydälle. Avaa sitten Muistio ja liitä tulos siihen, tallenna dokumentti työpöydälle nimellä WinPFind-loki. Liitä sitten tämän dokumentin sisältö viestiketjuusi (loki voi olla pitkä :D).
     
    Last edited: May 30, 2006
    Daniii, May 30, 2006
    #2

Share This Page