Messengervirus, hjt-logi

Yksityisviestit

Luo uusi yksityisviesti

Kaikki uudet viestit

Ilman vastauksia olevat viestiketjut

Hae viestejä

torstai 13.11.2025 / 17:44

Hae keskustelualueilta:

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > messengervirus, hjt-logi

Aiheet

Keskustelualueet

Vastaa

Aloita uusi viestiketju

Messengervirus, hjt-logi

Siirry:

Kirjoittaja

Viesti

643000

Suspended due to non-functional email address

5. kesäkuuta 2008 @ 12:30

Linkki tähän viestiin

Moi!

Jos joku voisi katsoa nämä läpi niin olisin todella kiitollinen!

ComboFix:

ComboFix 08-06-04.3 - Juuso 2008-06-05 12:16:51.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1508 [GMT 3:00]
Running from: C:\Documents and Settings\Juuso\Application Data\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Juuso\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\WINDOWS\service.exe

.
((((((((((((((((((((((((( Files Created from 2008-05-05 to 2008-06-05 )))))))))))))))))))))))))))))))
.

2008-06-05 00:15 . 2008-06-05 00:15 290,110 --a------ C:\WINDOWS\ftp.exe
2008-06-04 22:59 . 2008-06-04 22:59 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-04 22:40 . 2008-06-01 19:13 <DIR> d-------- C:\SDFix
2008-06-04 22:00 . 2008-06-04 22:00 86,528 --a------ C:\Documents and Settings\Juuso\stp.exe
2008-06-04 14:50 . 2008-06-04 14:58 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-04 14:50 . 2008-06-04 15:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-03 22:58 . 2008-06-03 23:24 86,548 --a------ C:\Documents and Settings\Juuso\setupa.exe
2008-06-03 13:12 . 2008-06-04 12:58 3,419 --a------ C:\WINDOWS\is154890.exe
2008-06-03 13:08 . 2008-06-03 13:08 96,950 -r-hs---- C:\WINDOWS\mservice.exe
2008-06-03 01:46 . 2008-06-05 12:09 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-03 01:45 . 2008-06-03 01:45 <DIR> d-------- C:\Fraps
2008-06-03 01:39 . 2008-06-03 01:39 <DIR> d-------- C:\WINDOWS\system32\AGEIA
2008-06-03 01:39 . 2008-06-03 01:39 <DIR> d-------- C:\Program Files\AGEIA Technologies
2008-06-03 01:00 . 2008-06-03 01:01 104,078 --a------ C:\WINDOWS\sb.exe
2008-06-03 00:55 . 2008-06-04 13:58 <DIR> d-------- C:\Documents and Settings\Juuso\Application Data\teamspeak2
2008-06-03 00:54 . 2008-06-03 00:54 <DIR> d-------- C:\Program Files\VentriloMIX
2008-06-02 23:06 . 2008-06-02 23:06 <DIR> d-------- C:\Documents and Settings\Juuso\Application Data\BSplayer Pro
2008-06-02 23:06 . 2008-06-02 23:09 <DIR> d-------- C:\Documents and Settings\Juuso\Application Data\BSplayer
2008-06-02 23:05 . 2008-06-02 23:05 <DIR> d-------- C:\Program Files\Webteh
2008-06-02 21:35 . 2008-06-04 16:03 3,424 --a------ C:\Documents and Settings\Juuso\setup.exe
2008-06-01 23:53 . 2008-06-01 23:53 <DIR> d-------- C:\Program Files\Lavasoft
2008-06-01 23:53 . 2008-06-01 23:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-01 21:21 . 2008-06-02 14:44 <DIR> d-------- C:\Documents and Settings\Juuso\Application Data\Ventrilo
2008-06-01 21:20 . 2008-06-01 21:20 <DIR> d-------- C:\Program Files\Ventrilo
2008-06-01 21:19 . 2008-06-03 01:38 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-31 11:00 . 2008-05-31 11:00 <DIR> d-------- C:\WINDOWS\Sun
2008-05-31 10:54 . 2008-05-31 10:54 <DIR> d-------- C:\Program Files\Sun
2008-05-31 10:53 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-31 10:52 . 2008-05-31 10:53 <DIR> d-------- C:\Program Files\Java
2008-05-31 10:50 . 2008-05-31 10:50 <DIR> d-------- C:\Program Files\Common Files\Java
2008-05-30 23:42 . 2004-08-04 00:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-05-30 23:42 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-05-30 23:42 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-05-30 23:42 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-05-30 20:13 . 2008-05-30 20:13 <DIR> d-------- C:\Documents and Settings\Raija\Application Data\Comodo
2008-05-30 20:13 . 2008-05-30 20:13 <DIR> d-------- C:\Documents and Settings\Raija\Application Data\ATI
2008-05-30 20:13 . 2008-05-30 21:49 <DIR> d-------- C:\Documents and Settings\Raija
2008-05-29 17:47 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-05-29 17:27 . 2008-05-29 17:27 <DIR> d-------- C:\Documents and Settings\Ismo\Application Data\Comodo
2008-05-29 17:27 . 2008-05-29 17:27 <DIR> d-------- C:\Documents and Settings\Ismo\Application Data\ATI
2008-05-29 17:26 . 2008-05-29 17:27 <DIR> d-------- C:\Documents and Settings\Ismo
2008-05-28 09:09 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-28 09:09 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-05-28 09:09 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-27 23:54 . 2008-06-02 23:01 <DIR> d-------- C:\Jotain ihmejuttuja
2008-05-27 23:04 . 2008-05-27 23:07 <DIR> d-------- C:\Program Files\Winamp
2008-05-27 23:04 . 2008-05-27 23:27 <DIR> d-------- C:\Documents and Settings\Juuso\Application Data\Winamp
2008-05-27 19:33 . 2008-06-03 01:39 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-05-27 19:33 . 2008-05-27 19:37 <DIR> d-------- C:\Documents and Settings\Juuso\Contacts
2008-05-27 16:14 . 2008-05-27 16:14 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-05-27 15:29 . 2006-06-14 11:47 172,416 -----c--- C:\WINDOWS\system32\dllcache\kmixer.sys
2008-05-27 15:29 . 2006-06-14 12:00 82,944 -----c--- C:\WINDOWS\system32\dllcache\wdmaud.sys
2008-05-27 15:29 . 2006-06-14 11:47 6,400 -----c--- C:\WINDOWS\system32\dllcache\splitter.sys
2008-05-27 15:27 . 2006-05-05 12:41 453,120 -----c--- C:\WINDOWS\system32\dllcache\mrxsmb.sys
2008-05-27 15:04 . 2008-05-27 15:05 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-05-27 14:31 . 2008-05-27 14:31 <DIR> d-------- C:\Installerit
2008-05-27 14:30 . 2008-05-27 14:30 <DIR> d-------- C:\Program Files\uTorrent
2008-05-27 14:30 . 2008-06-03 18:03 <DIR> d-------- C:\Documents and Settings\Juuso\Application Data\uTorrent
2008-05-27 14:29 . 2008-06-03 15:16 <DIR> d-------- C:\Pelit
2008-05-27 14:28 . 2008-06-01 20:27 <DIR> d-------- C:\Musat
2008-05-27 14:28 . 2008-06-02 23:09 <DIR> d-------- C:\Leffat
2008-05-27 13:52 . 2008-05-27 13:52 <DIR> d-------- C:\Documents and Settings\Juuso\Application Data\ATI
2008-05-27 13:52 . 2008-05-27 13:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-05-27 13:46 . 2008-05-27 13:46 <DIR> d-------- C:\WINDOWS\OPTIONS
2008-05-27 13:46 . 2008-05-27 13:46 <DIR> d-------- C:\Program Files\Realtek
2008-05-27 13:46 . 2006-03-14 06:23 82,048 -ra------ C:\WINDOWS\system32\drivers\Rtenicxp.sys
2008-05-27 13:45 . 2008-05-27 13:28 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-05-27 13:45 . 2008-05-27 13:45 <DIR> d-------- C:\Program Files\Analog Devices
2008-05-27 13:44 . 2008-06-05 12:10 <DIR> d-------- C:\Program Files\mIRC
2008-05-27 13:44 . 2008-05-27 13:27 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-05-27 13:44 . 2008-06-05 12:17 <DIR> d-------- C:\Documents and Settings\Juuso\Application Data\NoNameScript
2008-05-27 13:44 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-05-27 13:43 . 2008-05-27 13:43 15,891 --a------ C:\WINDOWS\Ascd_tmp.ini
2008-05-27 13:43 . 2004-04-27 10:26 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2008-05-27 13:43 . 2004-08-13 05:56 5,810 -ra------ C:\WINDOWS\system32\drivers\ASACPI.sys
2008-05-27 13:40 . 2008-05-27 13:44 <DIR> d-------- C:\Documents and Settings\Juuso\Application Data\mIRC
2008-05-27 13:39 . 2008-06-03 13:59 <DIR> d-------- C:\Program Files\Windows Live
2008-05-27 13:39 . 2008-05-27 19:32 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-27 13:39 . 2008-05-27 19:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-27 13:35 . 2006-03-17 03:38 28,672 --------- C:\WINDOWS\system32\verclsid.exe
2008-05-27 13:33 . 2008-06-05 12:13 <DIR> d-------- C:\Program Files\Steam
2008-05-27 13:31 . 2008-05-29 09:49 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-05-27 13:29 . 2008-05-27 13:29 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-05-27 13:28 . 2008-05-12 10:49 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-05-27 13:27 . 2008-05-27 13:28 <DIR> d-------- C:\Program Files\ATI Technologies
2008-05-27 13:27 . 2008-05-27 13:27 <DIR> d-------- C:\ATI
2008-05-27 13:22 . 2008-05-27 13:22 <DIR> d-------- C:\Program Files\Opera
2008-05-27 13:22 . 2008-05-27 13:22 <DIR> d-------- C:\Program Files\COMODO
2008-05-27 13:22 . 2008-05-27 13:22 <DIR> d-------- C:\Program Files\AskSBar
2008-05-27 13:22 . 2008-05-27 13:22 <DIR> d-------- C:\Documents and Settings\Juuso\Application Data\Comodo
2008-05-27 13:22 . 2008-05-27 13:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-05-27 13:22 . 2008-05-27 13:22 143,104 --a------ C:\WINDOWS\system32\guard32.dll
2008-05-27 13:22 . 2008-05-27 13:22 87,056 --a------ C:\WINDOWS\system32\drivers\cmdguard.sys
2008-05-27 13:22 . 2008-05-27 13:22 24,208 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-05-27 13:21 . 2008-05-27 13:21 <DIR> d-------- C:\Program Files\Alwil Software
2008-05-27 13:20 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-05-16 11:58 . 2008-05-16 11:58 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe
2008-05-12 19:30 . 2008-05-12 19:30 3,007,488 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-05-12 19:30 . 2008-05-12 19:30 3,007,488 --a--c--- C:\WINDOWS\system32\dllcache\ati2mtag.sys
2008-05-12 18:56 . 2008-05-12 18:56 397,312 --a------ C:\WINDOWS\system32\ATIDEMGX.dll
2008-05-12 18:54 . 2008-05-12 18:54 305,152 --a--c--- C:\WINDOWS\system32\dllcache\ati2dvag.dll
2008-05-12 18:54 . 2008-05-12 18:54 305,152 --a------ C:\WINDOWS\system32\ati2dvag.dll
2008-05-12 18:53 . 2008-05-12 18:53 307,200 --a------ C:\WINDOWS\system32\atiiiexx.dll
2008-05-12 18:45 . 2008-05-12 18:45 180,224 --a------ C:\WINDOWS\system32\atipdlxx.dll
2008-05-12 18:45 . 2008-05-12 18:45 139,264 --a------ C:\WINDOWS\system32\Oemdspif.dll
2008-05-12 18:45 . 2008-05-12 18:45 43,520 --a------ C:\WINDOWS\system32\ati2edxx.dll
2008-05-12 18:45 . 2008-05-12 18:45 26,112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2008-05-12 18:44 . 2008-05-12 18:44 139,264 --a------ C:\WINDOWS\system32\ati2evxx.dll
2008-05-12 18:43 . 2008-05-12 18:43 10,153,984 --a------ C:\WINDOWS\system32\atioglx2.dll
2008-05-12 18:43 . 2008-05-12 18:43 540,672 --a------ C:\WINDOWS\system32\ati2evxx.exe
2008-05-12 18:41 . 2008-05-12 18:41 53,248 --a------ C:\WINDOWS\system32\ATIDDC.DLL
2008-05-12 18:32 . 2008-05-12 18:32 3,203,168 --a--c--- C:\WINDOWS\system32\dllcache\ati3duag.dll
2008-05-12 18:32 . 2008-05-12 18:32 3,203,168 --a------ C:\WINDOWS\system32\ati3duag.dll
2008-05-12 18:22 . 2008-05-12 18:22 3,107,788 --a------ C:\WINDOWS\system32\ativvaxx.dat
2008-05-12 18:22 . 2008-05-12 18:22 3,107,788 --a------ C:\WINDOWS\system32\ativva5x.dat
2008-05-12 18:22 . 2008-05-12 18:22 1,999,616 --a--c--- C:\WINDOWS\system32\dllcache\ativvaxx.dll
2008-05-12 18:22 . 2008-05-12 18:22 1,999,616 --a------ C:\WINDOWS\system32\ativvaxx.dll
2008-05-12 18:22 . 2008-05-12 18:22 887,724 --a------ C:\WINDOWS\system32\ativva6x.dat
2008-05-12 18:09 . 2008-05-12 18:09 47,104 --a------ C:\WINDOWS\system32\amdpcom32.dll
2008-05-12 18:05 . 2008-05-12 18:05 327,680 --a------ C:\WINDOWS\system32\atikvmag.dll
2008-05-12 18:03 . 2008-05-12 18:03 19,968 --a------ C:\WINDOWS\system32\atiadlxx.dll
2008-05-12 18:03 . 2008-05-12 18:03 17,408 --a------ C:\WINDOWS\system32\atitvo32.dll
2008-05-12 18:02 . 2008-05-12 18:02 241,664 --a------ C:\WINDOWS\system32\atiok3x2.dll
2008-05-12 18:02 . 2008-05-12 18:02 49,152 --a------ C:\WINDOWS\system32\drivers\ati2erec.dll
2008-05-12 17:57 . 2008-05-12 17:57 548,864 --a--c--- C:\WINDOWS\system32\dllcache\ati2cqag.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-02 21:54 --------- d-----w C:\Program Files\VentriloMIX
2008-06-01 18:20 --------- d-----w C:\Program Files\Ventrilo
2008-05-27 20:06 --------- d-----w C:\Program Files\Windows Media Player
2008-05-27 13:01 --------- d-----w C:\Program Files\WinRAR
2008-05-26 20:27 --------- d-----w C:\Program Files\microsoft frontpage
2008-05-26 20:26 --------- d--h--w C:\Program Files\WindowsUpdate
2008-05-26 20:23 --------- d-----w C:\Program Files\Windows NT
2008-04-29 08:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 08:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 08:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-03-26 08:09 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 07:20 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-05-27 13:22 66912 --a------ C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" [2008-05-27 13:22 262144]

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15:00 15360]
"Steam"="c:\program files\steam\steam.exe" [2008-05-27 13:33 1271032]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"Fraps"="C:\FRAPS\FRAPS.EXE" [2008-01-14 15:53 913064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 15:21 61952 C:\WINDOWS\system32\HdAShCut.exe]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 04:11 925696]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 02:19 79224]
"css"="C:\Program Files\Comodo\Css\cssurf.exe" [2008-05-22 22:57 188160]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-05-27 13:22 1575680]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 21:49 36352]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"Windows svchost"="service.exe" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"= C:\WINDOWS\system32\guard32.dll C:\PROGRA~1\Comodo\Css\cssdll32.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 02:20]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-05-27 13:22]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-05-27 13:22]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 02:16]

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-05 12:17:53
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-05 12:18:27
ComboFix-quarantined-files.txt 2008-06-05 09:18:21

Pre-Run: 192,743,108,608 bytes free
Post-Run: 192,792,240,128 bytes free

212 --- E O F --- 2008-05-29 06:49:51

Ja HJT otettu combofixin, roskakorin tyhjennyksen ja bootin jälkeen:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:25:30, on 5.6.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Comodo\Css\cssurf.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\steam\steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\FRAPS\FRAPS.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comodo.com/search/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [css] C:\Program Files\Comodo\Css\cssurf.exe /s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows svchost] service.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll C:\PROGRA~1\Comodo\Css\cssdll32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe

--
End of file - 6152 bytes


		Käyttäjä	Salasana

		Puuttuuko tunnus? Liity jäseneksi nyt!. Salasana hukassa? Klikkaa tästä.