Varmenteet + HJT-log

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by Oliw, Mar 2, 2010.

Thread Status:
Not open for further replies.
  1. Oliw

    Oliw Member

    Joined:
    Mar 2, 2010
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    11
    Tulee ilmoitus varmennevirheestä,se on joko vanhentunut tai joku saattaa salakuunnella konettasi.

    Logfile of HijackThis v1.99.1
    Scan saved at 1:41:02, on 3.3.2010
    Platform: Unknown Windows (WinNT 6.00.1906 SP2)
    MSIE: Internet Explorer v8.00 (8.00.6001.18882)

    Running processes:
    C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
    D:\Pelit\Steam\Steam.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Asennetut ohjelmat\DAEMON Tools Lite\daemon.exe
    C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
    C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
    C:\Program Files (x86)\F-Secure\common\FSM32.EXE
    C:\Program Files (x86)\Asennetut ohjelmat\iTunesHelper.exe
    C:\Program Files (x86)\Java\jre6\bin\jusched.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\F-Secure\FSGUI\fsguidll.exe
    C:\Program Files (x86)\Java\jre6\bin\jucheck.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Asennetut ohjelmat\iTunes.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\BlackStorm\Documents\Downloads\HijackThis.exe
    C:\hjt\scanner.exe.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
    O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [BDRegion] "C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [InstantBurn] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\Asennetut ohjelmat\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [TrojanScanner] "C:\Program Files (x86)\Trojan Remover\Trjscan.exe" /boot
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Steam] "d:\pelit\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\Asennetut ohjelmat\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [Google Update] "C:\Users\BlackStorm\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\f-secure\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\f-secure\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\f-secure\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\f-secure\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\f-secure\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\f-secure\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\f-secure\fsps\program\fslsp.dll
    O11 - Options group: [INTERNATIONAL] International
    O13 - Gopher Prefix:
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: Google-päivityspalvelu (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing)
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: SQL Server (MSSMLBIZ) (MSSQL$MSSMLBIZ) - Unknown owner - C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: Remote Procedure Call (HGM) (RPCHGM) - Unknown owner - C:\Program Files (x86)\NetMeeting\secedit.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
     
    Oliw, Mar 2, 2010
    #1
Thread Status:
Not open for further replies.

Share This Page