tuntuu että koneella on jotain pöpöjä... ainaki oli aika paljo... hyvät joulut kaikille... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:03:25, on 24.12.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Sygate\SPF\smc.exe D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe D:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe D:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe D:\WINDOWS\system32\PSIService.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\Explorer.exe D:\WINDOWS\system32\RunDll32.exe D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe D:\Program Files\ATI Technologies\ATI.ACE\cli.exe D:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe D:\Program Files\Java\jre6\bin\jusched.exe D:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe D:\Program Files\Cyberlink\Shared Files\brs.exe D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe D:\Documents and Settings\Jaska\Local Settings\Application Data\Google\Update\GoogleUpdate.exe D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe D:\Program Files\ppcbooster\ppcb_32.exe D:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe D:\WINDOWS\System32\regsvr32.exe D:\Program Files\ATI Technologies\ATI.ACE\cli.exe D:\Program Files\ATI Technologies\ATI.ACE\cli.exe D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit F2 - REG:system.ini: Shell=Explorer.exe D:\WINDOWS\system32\fservice.exe O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: My-Tool Toolbar - {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} - D:\Program Files\My-Tool\tbMy-T.dll O2 - BHO: adsoftinc browser enhancer - {15CEA4AB-27BE-53B8-148C-E7535FC500FC} - D:\WINDOWS\system32\kmdirahjxibaml.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: TBSB05288 - {6714ADBD-C6C1-42A8-BD84-9C9339059421} - D:\Program Files\IEToolbar\ECO Bar\ecobar.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: adsoftinc - {ad96d8f5-c150-b691-8eaa-b6d67ca37cd8} - D:\WINDOWS\system32\nse71.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: My-Tool Toolbar - {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} - D:\Program Files\My-Tool\tbMy-T.dll O3 - Toolbar: ECO Bar - {10000000-1000-1000-1000-100000000000} - D:\Program Files\IEToolbar\ECO Bar\ecobar.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "D:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "D:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [DefragTaskBar] "D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SecurDisc] D:\Program Files\Nero\Nero8\InCD\NBHGui.exe O4 - HKLM\..\Run: [InCD] D:\Program Files\Nero\Nero8\InCD\InCD.exe O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [RemoteControl8] "D:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "D:\Program Files\CyberLink\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [BDRegion] D:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [SiteVacuum] D:\Program Files\EasySearch\SiteVacuumClient.exe O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [AnyDVD] D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Jaska\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKLM\..\Policies\Explorer\Run: [DirectX For Microsoft® Windows] D:\WINDOWS\system32\fservice.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: p2pmax.lnk = D:\Program Files\p2pmax\p2pmax.exe O4 - Startup: ppcb_32.lnk = D:\Program Files\ppcbooster\ppcb_32.exe O4 - Startup: runit_32.lnk = D:\Program Files\runit\runit_32.exe O4 - Global Startup: BlueSoleil.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1198922079984 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BA848A3E-F7B7-4AA8-B47B-FD51F6FF63E4}: NameServer = 212.50.211.242 212.50.192.226 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - D:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AshampooDefragService - - D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodata Limited License Service - Autodata Limited - D:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero8\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - D:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - D:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - D:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe O23 - Service: ProtexisLicensing - Unknown owner - D:\WINDOWS\system32\PSIService.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - D:\Program Files\Sygate\SPF\smc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - D:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 13366 bytes
