Kone hidastelee

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by rikhardo, Dec 5, 2009.

  1. rikhardo

    rikhardo Regular member

    Joined:
    Nov 24, 2005
    Messages:
    277
    Likes Received:
    0
    Trophy Points:
    26
    Koneeni on alkanut hidastella ja tilttailla oudosti

    Hjt-loki:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:16:54, on 6.12.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    D:\Alwil Software\Avast5\setup\avast.setup
    D:\Comodo\Firewall\cmdagent.exe
    C:\WINDOWS\system32\svchost.exe
    D:\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    D:\CDBurnerXP\NMSAccessU.exe
    D:\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\TUProgSt.exe
    D:\Comodo\Firewall\cfp.exe
    D:\ALWILS~1\Avast5\avastUI.exe
    C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe
    C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
    D:\PowerISO\PWRISOVM.EXE
    D:\Java\jre6\bin\jusched.exe
    D:\G15\S15.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\ctfmon.exe
    D:\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe
    D:\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
    D:\Hamachi\hamachi.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Mirc\mirc.exe
    D:\RBTray\RBTray.exe
    D:\Firefox\firefox.exe
    D:\Utorrent\utorrent.exe
    D:\Last.fm\LastFM.exe
    D:\Spotify\spotify.exe
    D:\Windows Live\Messenger\msnmsgr.exe
    D:\Windows Live\Contacts\wlcomm.exe
    D:\WinSCP\WinSCP.exe
    D:\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
    O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - D:\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - D:\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Ask.com\GenericAskToolbar.dll
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "D:\Comodo\Firewall\cfp.exe" -h
    O4 - HKLM\..\Run: [avast5] D:\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe"
    O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
    O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [nwiz] D:\NVIDIA Corporation\nView\nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\system32\dxdllreg.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "D:\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [SpeedConnectStartUp] D:\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run
    O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "D:\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: hamachi.lnk = D:\Hamachi\hamachi.exe
    O4 - Startup: mIRC.lnk = D:\Mirc\mirc.exe
    O4 - Startup: RBTray.lnk = D:\RBTray\RBTray.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4656637A-C2F6-4B66-A72E-143859C265C0}: NameServer = 192.168.11.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B1A5BE49-0053-4342-8A40-1DC61E9CE365}: NameServer = 192.168.11.1
    O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
    O23 - Service: avast! Antivirus - ALWIL Software - D:\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - D:\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - D:\Comodo\Firewall\cmdagent.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google-päivityspalvelu (gupdate) (gupdate) - Google Inc. - D:\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Java\jre6\bin\jqs.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NMSAccessU - Unknown owner - D:\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - D:\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

    --
    End of file - 7485 bytes
     
    rikhardo, Dec 5, 2009
    #1
  2. Hujo

    Hujo Guest

    poista lisää poista sovelutuksesta

    Ask Toolbar

    Poista kansio

    D:\Ask.com

    -----

    scannaa hjt:llä merkkaa paina Fix checked

    O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
    O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [nwiz] D:\NVIDIA Corporation\nView\nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\system32\dxdllreg.exe

    sammuta käynnistä
     
    Hujo, Dec 6, 2009
    #2

Share This Page