1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

viruksia kenties?

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by p2pman, Jan 29, 2009.

Page 2 of 2
  1. p2pman

    p2pman Regular member

    Joined:
    Apr 27, 2007
    Messages:
    540
    Likes Received:
    0
    Trophy Points:
    26
    eipä löydy mitään tollaista..
     
    p2pman, Feb 10, 2009
    #21
  2. Hujo

    Hujo Guest

    Lataa NoLop työpöydällesi yhdestä seuraavista linkeistä...
    Linkki1
    Linkki2
    Linkki3

    1.Sulje kaikki ohjelmat, koska tämä vaihe vaatii uudelleenkäynnistyksen
    2.Tuplaklikkaa NoLop.exe ajaaksesi sen
    3.Klikkaa nappulaa "Search and Destroy"
    <<Tietokoneesi skannataan saastuneiden tiedostojen osalta>>
    4, Kun skannaus on valmis, sinua pyydetään käynnistämään kone uudestaan, jos infektio löytyy. Klikkaa OK
    5. Klikkaa "REBOOT"-painiketta.
    6. NoLopin pitäisi antaa viesti. Jos ei, tuplaklikkaa ohjelmaa ja se valmistuu. Lähetä C:\NoLop.log-tiedoston sisältö uuden HijackThis-lokin kera.
    -- Jos saat seuraavan virheen, "mscomctl.ocx or one of its dependencies are not correctly registered," lataa mscomctl.ocx ja tallenna se system32-hakemistoosi (yleensä c:\Windows\system32). Tämän jälkeen aja ohjelma uudestaan.
     
    Hujo, Feb 10, 2009
    #22
  3. p2pman

    p2pman Regular member

    Joined:
    Apr 27, 2007
    Messages:
    540
    Likes Received:
    0
    Trophy Points:
    26
    ëi löytäny mitään..

    NoLop! Log by Skate_Punk_21

    Fix running from: C:\Documents and Settings\Johtaja\Desktop
    [2009-02-11]
    [18:18:04]

    ---Infection Files Found/Removed---
    NO INFECTION FILES FOUND - Cleaning Aborted.

    ---Listing AppData sub directories---

    C:\Documents and Settings\Administrator\Application Data\Adobe
    C:\Documents and Settings\Administrator\Application Data\Apple Computer
    C:\Documents and Settings\Administrator\Application Data\Ati -- EMPTY Directory
    C:\Documents and Settings\Administrator\Application Data\Bsplayer
    C:\Documents and Settings\Administrator\Application Data\Divx
    C:\Documents and Settings\Administrator\Application Data\F-secure
    C:\Documents and Settings\Administrator\Application Data\Getrighttogo
    C:\Documents and Settings\Administrator\Application Data\Identities
    C:\Documents and Settings\Administrator\Application Data\Ispnews
    C:\Documents and Settings\Administrator\Application Data\Lavasoft -- EMPTY Directory
    C:\Documents and Settings\Administrator\Application Data\Macromedia
    C:\Documents and Settings\Administrator\Application Data\Media Player Classic
    C:\Documents and Settings\Administrator\Application Data\Microsoft
    C:\Documents and Settings\Administrator\Application Data\Mozilla
    C:\Documents and Settings\Administrator\Application Data\Pex
    C:\Documents and Settings\Administrator\Application Data\Sun
    C:\Documents and Settings\Administrator\Application Data\Talkback
    C:\Documents and Settings\Administrator\Application Data\Tor
    C:\Documents and Settings\Administrator\Application Data\Vidalia
    C:\Documents and Settings\Administrator\Application Data\Vso -- EMPTY Directory
    C:\Documents and Settings\Administrator\Application Data\Winrar -- EMPTY Directory
    C:\Documents and Settings\Administrator.jk-cf13c05ee1e2\Application Data\Microsoft
    C:\Documents and Settings\All Users\Application Data\1click Dvd Copy
    C:\Documents and Settings\All Users\Application Data\Acronis
    C:\Documents and Settings\All Users\Application Data\Adobe
    C:\Documents and Settings\All Users\Application Data\Ahead
    C:\Documents and Settings\All Users\Application Data\Apple
    C:\Documents and Settings\All Users\Application Data\Apple Computer
    C:\Documents and Settings\All Users\Application Data\Dvd Shrink
    C:\Documents and Settings\All Users\Application Data\F-secure
    C:\Documents and Settings\All Users\Application Data\Google
    C:\Documents and Settings\All Users\Application Data\Grisoft
    C:\Documents and Settings\All Users\Application Data\Installations
    C:\Documents and Settings\All Users\Application Data\Mcafee
    C:\Documents and Settings\All Users\Application Data\Microsoft
    C:\Documents and Settings\All Users\Application Data\Nero
    C:\Documents and Settings\All Users\Application Data\Pc Suite
    C:\Documents and Settings\All Users\Application Data\River Past G5
    C:\Documents and Settings\All Users\Application Data\Siteadvisor -- EMPTY Directory
    C:\Documents and Settings\All Users\Application Data\Slysoft
    C:\Documents and Settings\All Users\Application Data\Temp -- EMPTY Directory
    C:\Documents and Settings\All Users\Application Data\Trymedia
    C:\Documents and Settings\All Users\Application Data\Vsosdk
    C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    C:\Documents and Settings\All Users.windows\Application Data\Adobe
    C:\Documents and Settings\All Users.windows\Application Data\Ahead
    C:\Documents and Settings\All Users.windows\Application Data\Apple
    C:\Documents and Settings\All Users.windows\Application Data\Apple Computer
    C:\Documents and Settings\All Users.windows\Application Data\Ati
    C:\Documents and Settings\All Users.windows\Application Data\Avs4you
    C:\Documents and Settings\All Users.windows\Application Data\Corel
    C:\Documents and Settings\All Users.windows\Application Data\Driverscanner
    C:\Documents and Settings\All Users.windows\Application Data\F-secure
    C:\Documents and Settings\All Users.windows\Application Data\Fssg
    C:\Documents and Settings\All Users.windows\Application Data\Google
    C:\Documents and Settings\All Users.windows\Application Data\Grisoft
    C:\Documents and Settings\All Users.windows\Application Data\Hkpobqdg -- EMPTY Directory
    C:\Documents and Settings\All Users.windows\Application Data\Installations
    C:\Documents and Settings\All Users.windows\Application Data\Logishrd
    C:\Documents and Settings\All Users.windows\Application Data\Logitech
    C:\Documents and Settings\All Users.windows\Application Data\Malwarebytes
    C:\Documents and Settings\All Users.windows\Application Data\Messenger Plus!
    C:\Documents and Settings\All Users.windows\Application Data\Microsoft
    C:\Documents and Settings\All Users.windows\Application Data\Microsoft Help
    C:\Documents and Settings\All Users.windows\Application Data\Nero
    C:\Documents and Settings\All Users.windows\Application Data\Nokia
    C:\Documents and Settings\All Users.windows\Application Data\Nos -- EMPTY Directory
    C:\Documents and Settings\All Users.windows\Application Data\Office Genuine Advantage
    C:\Documents and Settings\All Users.windows\Application Data\Passmark -- EMPTY Directory
    C:\Documents and Settings\All Users.windows\Application Data\Pc Suite
    C:\Documents and Settings\All Users.windows\Application Data\Pc Tools
    C:\Documents and Settings\All Users.windows\Application Data\R2 Studios
    C:\Documents and Settings\All Users.windows\Application Data\Sectaskman
    C:\Documents and Settings\All Users.windows\Application Data\Softperfect
    C:\Documents and Settings\All Users.windows\Application Data\Spybot - Search & Destroy
    C:\Documents and Settings\All Users.windows\Application Data\Superantispyware.com
    C:\Documents and Settings\All Users.windows\Application Data\Temp -- EMPTY Directory
    C:\Documents and Settings\All Users.windows\Application Data\Trymedia
    C:\Documents and Settings\All Users.windows\Application Data\Tuneup Software
    C:\Documents and Settings\All Users.windows\Application Data\Ubisoft
    C:\Documents and Settings\All Users.windows\Application Data\Vsosdk
    C:\Documents and Settings\All Users.windows\Application Data\Windows Genuine Advantage
    C:\Documents and Settings\All Users.windows\Application Data\Wlinstaller
    C:\Documents and Settings\All Users.windows\Application Data\X-setup Pro
    C:\Documents and Settings\All Users.windows\Application Data\{3276be95_af08_429f_a64f_ca64cb79bcf6}
    C:\Documents and Settings\All Users.windows\Application Data\{51019853-129c-4ede-9030-d5fd7bbd9ad0} -- EMPTY Directory
    C:\Documents and Settings\All Users.windows\Application Data\{55a29068-f2ce-456c-9148-c869879e2357}
    C:\Documents and Settings\All Users.windows\Application Data\{d5abffad-d592-4f98-b02b-587125b4801f}
    C:\Documents and Settings\Default User\Application Data\Microsoft
    C:\Documents and Settings\Default User.windows\Application Data\Microsoft
    C:\Documents and Settings\Ghjf\Application Data\Accuraterip -- EMPTY Directory
    C:\Documents and Settings\Ghjf\Application Data\Acronis
    C:\Documents and Settings\Ghjf\Application Data\Adobe
    C:\Documents and Settings\Ghjf\Application Data\Ahead
    C:\Documents and Settings\Ghjf\Application Data\Apple Computer
    C:\Documents and Settings\Ghjf\Application Data\Ati -- EMPTY Directory
    C:\Documents and Settings\Ghjf\Application Data\Bsplayer Pro
    C:\Documents and Settings\Ghjf\Application Data\Divx
    C:\Documents and Settings\Ghjf\Application Data\Dvdcss
    C:\Documents and Settings\Ghjf\Application Data\Dvdfab
    C:\Documents and Settings\Ghjf\Application Data\F-secure
    C:\Documents and Settings\Ghjf\Application Data\Foxiespywareswiftsweeper
    C:\Documents and Settings\Ghjf\Application Data\Google
    C:\Documents and Settings\Ghjf\Application Data\Grisoft
    C:\Documents and Settings\Ghjf\Application Data\Hamachi
    C:\Documents and Settings\Ghjf\Application Data\Help -- EMPTY Directory
    C:\Documents and Settings\Ghjf\Application Data\Identities
    C:\Documents and Settings\Ghjf\Application Data\Installshield
    C:\Documents and Settings\Ghjf\Application Data\Ispnews
    C:\Documents and Settings\Ghjf\Application Data\Limewire
    C:\Documents and Settings\Ghjf\Application Data\Macromedia
    C:\Documents and Settings\Ghjf\Application Data\Microsoft
    C:\Documents and Settings\Ghjf\Application Data\Mozilla
    C:\Documents and Settings\Ghjf\Application Data\Mp3tag
    C:\Documents and Settings\Ghjf\Application Data\Newsleecher
    C:\Documents and Settings\Ghjf\Application Data\Nokia
    C:\Documents and Settings\Ghjf\Application Data\Nokia Multimedia Player
    C:\Documents and Settings\Ghjf\Application Data\Openoffice.org2
    C:\Documents and Settings\Ghjf\Application Data\Pc Suite
    C:\Documents and Settings\Ghjf\Application Data\Pgcedit
    C:\Documents and Settings\Ghjf\Application Data\River Past G5
    C:\Documents and Settings\Ghjf\Application Data\Securom
    C:\Documents and Settings\Ghjf\Application Data\Siteadvisor
    C:\Documents and Settings\Ghjf\Application Data\Sun
    C:\Documents and Settings\Ghjf\Application Data\Talkback
    C:\Documents and Settings\Ghjf\Application Data\Teracopy
    C:\Documents and Settings\Ghjf\Application Data\Tor
    C:\Documents and Settings\Ghjf\Application Data\Tvu Networks
    C:\Documents and Settings\Ghjf\Application Data\Uniblue
    C:\Documents and Settings\Ghjf\Application Data\Urusoft
    C:\Documents and Settings\Ghjf\Application Data\Utorrent
    C:\Documents and Settings\Ghjf\Application Data\Vidalia
    C:\Documents and Settings\Ghjf\Application Data\Vlc
    C:\Documents and Settings\Ghjf\Application Data\Vso
    C:\Documents and Settings\Ghjf\Application Data\Winrar -- EMPTY Directory
    C:\Documents and Settings\Guest\Application Data\Ispnews
    C:\Documents and Settings\Guest\Application Data\Microsoft
    C:\Documents and Settings\Guest\Application Data\Mozilla
    C:\Documents and Settings\Guest\Application Data\Orbit
    C:\Documents and Settings\Guest\Application Data\Pc Suite
    C:\Documents and Settings\Johtaja\Application Data\.wyzo -- EMPTY Directory
    C:\Documents and Settings\Johtaja\Application Data\Adobe
    C:\Documents and Settings\Johtaja\Application Data\Adobeum -- EMPTY Directory
    C:\Documents and Settings\Johtaja\Application Data\Ahead
    C:\Documents and Settings\Johtaja\Application Data\Apple Computer
    C:\Documents and Settings\Johtaja\Application Data\Ati
    C:\Documents and Settings\Johtaja\Application Data\Avsmedia
    C:\Documents and Settings\Johtaja\Application Data\Bsplayer Pro
    C:\Documents and Settings\Johtaja\Application Data\Com.adobe.mauby.4875e02d9fb21ee389f73b8d1702b320485df8ce.1
    C:\Documents and Settings\Johtaja\Application Data\Command & Conquer 3 Tiberium Wars
    C:\Documents and Settings\Johtaja\Application Data\Corel
    C:\Documents and Settings\Johtaja\Application Data\Daemon Tools
    C:\Documents and Settings\Johtaja\Application Data\Deepburner Pro
    C:\Documents and Settings\Johtaja\Application Data\Divx
    C:\Documents and Settings\Johtaja\Application Data\Dvdcss
    C:\Documents and Settings\Johtaja\Application Data\Dvdfab
    C:\Documents and Settings\Johtaja\Application Data\Ecsoftware
    C:\Documents and Settings\Johtaja\Application Data\Editplus 3
    C:\Documents and Settings\Johtaja\Application Data\Eltima Software -- EMPTY Directory
    C:\Documents and Settings\Johtaja\Application Data\F-secure
    C:\Documents and Settings\Johtaja\Application Data\Filezilla
    C:\Documents and Settings\Johtaja\Application Data\Ftweak -- EMPTY Directory
    C:\Documents and Settings\Johtaja\Application Data\Google
    C:\Documents and Settings\Johtaja\Application Data\Grabit -- EMPTY Directory
    C:\Documents and Settings\Johtaja\Application Data\Grabpro
    C:\Documents and Settings\Johtaja\Application Data\Gtk-2.0
    C:\Documents and Settings\Johtaja\Application Data\Help -- EMPTY Directory
    C:\Documents and Settings\Johtaja\Application Data\Hide Ip Ng
    C:\Documents and Settings\Johtaja\Application Data\Identities
    C:\Documents and Settings\Johtaja\Application Data\Installshield
    C:\Documents and Settings\Johtaja\Application Data\Iobit
    C:\Documents and Settings\Johtaja\Application Data\Ispnews
    C:\Documents and Settings\Johtaja\Application Data\Joost
    C:\Documents and Settings\Johtaja\Application Data\Kc Softwares
    C:\Documents and Settings\Johtaja\Application Data\Leadertech
    C:\Documents and Settings\Johtaja\Application Data\Limewire
    C:\Documents and Settings\Johtaja\Application Data\Macromedia
    C:\Documents and Settings\Johtaja\Application Data\Malwarebytes
    C:\Documents and Settings\Johtaja\Application Data\Media Player Classic
    C:\Documents and Settings\Johtaja\Application Data\Microsoft
    C:\Documents and Settings\Johtaja\Application Data\Mozilla
    C:\Documents and Settings\Johtaja\Application Data\Mp3tag
    C:\Documents and Settings\Johtaja\Application Data\Nero
    C:\Documents and Settings\Johtaja\Application Data\Nerodigital(tm) -- EMPTY Directory
    C:\Documents and Settings\Johtaja\Application Data\Newsleecher
    C:\Documents and Settings\Johtaja\Application Data\Nokia
    C:\Documents and Settings\Johtaja\Application Data\Openoffice.org2
    C:\Documents and Settings\Johtaja\Application Data\Orbit
    C:\Documents and Settings\Johtaja\Application Data\Pc Suite
    C:\Documents and Settings\Johtaja\Application Data\R2 Studios
    C:\Documents and Settings\Johtaja\Application Data\Realvnc
    C:\Documents and Settings\Johtaja\Application Data\Securom
    C:\Documents and Settings\Johtaja\Application Data\Simplogs
    C:\Documents and Settings\Johtaja\Application Data\Software Informer
    C:\Documents and Settings\Johtaja\Application Data\Sun
    C:\Documents and Settings\Johtaja\Application Data\Superantispyware.com
    C:\Documents and Settings\Johtaja\Application Data\Systemrequirementslab
    C:\Documents and Settings\Johtaja\Application Data\Talkback
    C:\Documents and Settings\Johtaja\Application Data\Teamviewer
    C:\Documents and Settings\Johtaja\Application Data\Teracopy
    C:\Documents and Settings\Johtaja\Application Data\Tigerplayer
    C:\Documents and Settings\Johtaja\Application Data\Tuneup Software
    C:\Documents and Settings\Johtaja\Application Data\Ubisoft
    C:\Documents and Settings\Johtaja\Application Data\Uniblue
    C:\Documents and Settings\Johtaja\Application Data\Utorrent
    C:\Documents and Settings\Johtaja\Application Data\Vlc
    C:\Documents and Settings\Johtaja\Application Data\Vso
    C:\Documents and Settings\Johtaja\Application Data\Webcam Recorder
    C:\Documents and Settings\Johtaja\Application Data\Winrar -- EMPTY Directory
    C:\Documents and Settings\Johtaja\Application Data\X-setup Pro
    C:\Documents and Settings\Localservice\Application Data\Microsoft
    C:\Documents and Settings\Localservice\Application Data\Mozilla
    C:\Documents and Settings\Localservice\Application Data\Siteadvisor
    C:\Documents and Settings\Localservice\Application Data\Talkback
    C:\Documents and Settings\Localservice.nt Authority\Application Data\Macromedia
    C:\Documents and Settings\Localservice.nt Authority\Application Data\Microsoft
    C:\Documents and Settings\Localservice.nt Authority\Application Data\Mozilla
    C:\Documents and Settings\Networkservice\Application Data\Microsoft
    C:\Documents and Settings\Networkservice.nt Authority\Application Data\Microsoft
    C:\Documents and Settings\Tyu\Application Data\Adobe
    C:\Documents and Settings\Tyu\Application Data\Ati -- EMPTY Directory
    C:\Documents and Settings\Tyu\Application Data\F-secure
    C:\Documents and Settings\Tyu\Application Data\Google -- EMPTY Directory
    C:\Documents and Settings\Tyu\Application Data\Identities
    C:\Documents and Settings\Tyu\Application Data\Ispnews
    C:\Documents and Settings\Tyu\Application Data\Limewire
    C:\Documents and Settings\Tyu\Application Data\Microsoft
    C:\Documents and Settings\Tyu\Application Data\Mozilla
    C:\Documents and Settings\Tyu\Application Data\Pc Suite
    C:\Documents and Settings\Tyu\Application Data\Siteadvisor
    C:\Documents and Settings\Tyu\Application Data\Talkback




    hijackthis


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:25, on 2009-02-11
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    D:\Työkalut & Ohjelmat\Unlocker\UnlockerAssistant.exe
    C:\Program Files\Tietoturvapalvelu\ExploitShield\fsesgui.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    D:\Työkalut & Ohjelmat\NetWorx\networx.exe
    D:\Työkalut & Ohjelmat\WinSnap\WinSnap.exe
    D:\Työkalut & Ohjelmat\PeerGuardian2\pg2.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
    D:\Työkalut & Ohjelmat\Orbitdownloader\orbitdm.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Tietoturvapalvelu\ExploitShield\fsessrv.exe
    C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
    C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
    C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
    D:\Työkalut & Ohjelmat\Orbitdownloader\orbitnet.exe
    C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsqh.exe
    C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\WINDOWS\system32\IoctlSvc.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\TUProgSt.exe
    D:\Työkalut & Ohjelmat\VNC4\WinVNC4.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Tietoturvapalvelu\FSAUA\program\fsaua.exe
    C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
    C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Tietoturvapalvelu\FSAUA\program\fsus.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\inetsrv\DavCData.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\hjt\scanner.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
    O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Työkalut & Ohjelmat\Orbitdownloader\orbitcth.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Työkalut & Ohjelmat\BitComet\tools\BitCometBHO_1.2.8.7.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\TYKALU~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Työkalut & Ohjelmat\Orbitdownloader\GrabPro.dll
    O3 - Toolbar: &NetWorx Desk Band - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - D:\TYKALU~1\NetWorx\deskband.dll
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [UnlockerAssistant] "D:\Työkalut & Ohjelmat\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [F-Secure ExploitShield] "C:\Program Files\Tietoturvapalvelu\ExploitShield\fsesgui.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [NetWorx] "D:\Työkalut & Ohjelmat\NetWorx\networx.exe" /auto
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [WinSnap] "D:\Työkalut & Ohjelmat\WinSnap\WinSnap.exe" /startup
    O4 - HKCU\..\Run: [PeerGuardian] D:\Työkalut & Ohjelmat\PeerGuardian2\pg2.exe
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Työkalut & Ohjelmat\Alcohol 120%\axcmd.exe" /automount
    O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
    O4 - HKCU\..\Run: [BitComet] "D:\Työkalut & Ohjelmat\BitComet\BitComet.exe" /tray
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
    O4 - Global Startup: Orbit.lnk = ?
    O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Työkalut & Ohjelmat\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Työkalut & Ohjelmat\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Työkalut & Ohjelmat\BitComet\BitComet.exe/AddAllLink.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Työkalut & Ohjelmat\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Työkalut & Ohjelmat\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Työkalut & Ohjelmat\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\TYKALU~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\TYKALU~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra button: Messenger Backup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\Työkalut & Ohjelmat\Messenger Backup\Messenger Backup (file missing)
    O9 - Extra 'Tools' menuitem: &Messenger Backup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - D:\Työkalut & Ohjelmat\Messenger Backup\Messenger Backup (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O20 - Winlogon Notify: !SASWinLogon - D:\Työkalut & Ohjelmat\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
    O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: F-Secure Exploit Shield Service (ExploitShield) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\ExploitShield\fsessrv.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\ORSP Client\fsorsp.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod-palvelu (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe (file missing)
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe (file missing)
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
    O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - D:\Työkalut & Ohjelmat\VNC4\WinVNC4.exe

    --
    End of file - 15120 bytes
     
    p2pman, Feb 11, 2009
    #23
Page 2 of 2

Share This Page