Kone oudon jumissa ja vikana varmaan tuo välkkyvä [sivu 2/2]

Yksityisviestit

Luo uusi yksityisviesti

Kaikki uudet viestit

Ilman vastauksia olevat viestiketjut

Hae viestejä

lauantai 19.7.2025 / 13:37

Hae keskustelualueilta:

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > kone oudon jumissa ja vikana varmaan tuo välkkyvä

Aiheet

Keskustelualueet

Aloita uusi viestiketju

Kone oudon jumissa ja vikana varmaan tuo välkkyvä

Siirry:

Kirjoittaja

Viesti

Sivu:	<	1	2

tottoro

Newbie

18. marraskuuta 2006 @ 22:35

Linkki tähän viestiin

Kertokaas mulle kumpi kannattaa poistaa AVG vai Antivir ?

[ + lainaa]

tottoro

Newbie

19. marraskuuta 2006 @ 02:41

Linkki tähän viestiin

presario 8000 - 06-11-19 7:38:46,84 Service Pack 2
ComboFix 06.11.9 - Running from: "C:\Documents and Settings\presario 8000\Ty?p?yt?\Uusi kansio"

((((((((((((((((((((((((((((((( Files Created from 2006-10-19 to 2006-11-19 ))))))))))))))))))))))))))))))))))

2006-11-19 02:17 28,672 --a------ C:\WINDOWS\system32\drivers\CO_Mon.sys
2006-11-17 06:47 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-14 23:31 15,360 --a------ C:\WINDOWS\system32\BASSMOD.dll
2006-11-14 05:03 3,874 --a------ C:\WINDOWS\system32\tmp.reg
2006-11-14 04:40 57,384 --a------ C:\WINDOWS\system32\avsda.dll
2006-11-14 04:40 32,768 --a------ C:\WINDOWS\system32\drivers\avgntdd.sys
2006-11-14 04:40 14,848 --a------ C:\WINDOWS\system32\drivers\avgntmgr.sys
2006-11-14 04:08 1,060,864 --a------ C:\WINDOWS\system32\mfc71.dll
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-10-30 23:47 14 --a------ C:\WINDOWS\system32\systeminfo.dll
2006-10-26 15:08 40,960 --a------ C:\WINDOWS\system32\frapsvid.dll
2006-10-26 13:41 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2006-10-26 13:40 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2006-10-23 22:47 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2006-10-23 22:47 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2006-10-23 22:47 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2006-10-23 22:47 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2006-10-23 22:47 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2006-10-23 22:47 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2006-10-23 22:46 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2006-10-23 11:41 104,064 -ra------ C:\WINDOWS\system32\drivers\wceusbsh.sys
2006-10-23 11:38 77,899 --a------ C:\WINDOWS\system32\rapi.dll
2006-10-23 11:38 65,615 --a------ C:\WINDOWS\system32\pmailext.dll
2006-10-23 11:38 65,613 --a------ C:\WINDOWS\system32\ppvexp.dll
2006-10-23 11:38 57,423 --a------ C:\WINDOWS\system32\MsgStRPC.dll
2006-10-23 11:38 36,942 --a------ C:\WINDOWS\system32\ppcload.dll
2006-10-23 11:38 24,653 --a------ C:\WINDOWS\system32\ceutil.dll
2006-10-23 11:38 24,652 --a------ C:\WINDOWS\system32\uicom.dll
2006-10-23 11:38 114,688 --a------ C:\WINDOWS\system32\malslib.dll
2006-10-23 10:56 53,248 --a------ C:\WINDOWS\Sti305.exe
2006-10-23 10:56 307,200 --a------ C:\WINDOWS\vidcap32.Exe
2006-10-23 10:32 81,920 -ra------ C:\WINDOWS\system32\VM305STI.dll
2006-10-23 10:32 61,440 --a------ C:\WINDOWS\VM305_STI.exe
2006-10-23 10:32 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2006-10-23 10:32 49,152 -ra------ C:\WINDOWS\amcap.exe
2006-10-23 10:32 392,316 -ra------ C:\WINDOWS\system32\drivers\usbVM305.sys
2006-10-23 10:32 114,688 -ra------ C:\WINDOWS\VM305Cap.exe

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-11-19 07:39 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Azureus
2006-11-19 02:58 -------- d-------- C:\Program Files\WinRAR
2006-11-19 02:58 -------- d-------- C:\Program Files\SmartFTP Client 2.0
2006-11-19 02:57 -------- d-------- C:\Program Files\Multimedia Card Reader
2006-11-19 02:57 -------- d-------- C:\Program Files\MSN Messenger
2006-11-19 02:57 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-11-19 02:56 -------- d-------- C:\Program Files\Internet Explorer
2006-11-19 02:54 -------- d-------- C:\Program Files\AntiVir PersonalEdition Classic
2006-11-19 01:50 -------- d-------- C:\Program Files\Java
2006-11-17 06:47 -------- d-------- C:\Program Files\Grisoft
2006-11-17 06:40 -------- d-------- C:\Program Files\Common Files
2006-11-17 02:26 -------- d-------- C:\Program Files\MSXML 4.0
2006-11-15 04:36 -------- d-------- C:\Program Files\Lavasoft
2006-11-15 04:36 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Lavasoft
2006-11-15 04:16 -------- d-------- C:\Program Files\Uniblue
2006-11-15 04:16 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Uniblue
2006-11-14 23:29 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-14 23:13 -------- d-------- C:\Program Files\Activision
2006-11-14 17:01 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\DriveCleaner 2006 Free
2006-11-14 04:36 -------- d-------- C:\Program Files\AntiVir PersonalEdition Premium
2006-11-14 04:10 0 --a------ C:\Program Files\Common Files\err.log
2006-11-14 03:24 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2006-11-13 17:08 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Skype
2006-11-13 16:20 -------- d-------- C:\Program Files\THQ
2006-11-12 01:42 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\SmartFTP
2006-11-02 15:16 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Ahead
2006-11-02 15:01 -------- d-------- C:\Program Files\Common Files\Ahead
2006-11-02 14:44 -------- d-------- C:\Program Files\Nero
2006-11-02 13:16 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\MSN6
2006-10-30 23:47 -------- d-------- C:\Program Files\DVD X Studios
2006-10-30 23:45 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\BSplayer
2006-10-30 23:41 -------- d-------- C:\Program Files\Webteh
2006-10-30 23:30 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\dvdcss
2006-10-26 11:28 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\InstallShield
2006-10-26 10:45 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\AdobeUM
2006-10-24 11:04 -------- d-------- C:\Program Files\ViaMichelin
2006-10-23 13:54 -------- d-------- C:\Program Files\Skype
2006-10-23 11:41 -------- d---s---- C:\Documents and Settings\presario 8000\Application Data\Microsoft
2006-10-23 11:39 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-10-23 11:39 -------- d-------- C:\Program Files\AvantGo Connect
2006-10-23 10:56 -------- d-------- C:\Program Files\Vimicro
2006-10-23 10:56 -------- d-------- C:\Program Files\Common Files\InstallShield
2006-10-23 09:24 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Nokia Multimedia Player
2006-10-23 09:23 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Nokia
2006-10-23 09:22 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Datalayer
2006-10-23 09:20 -------- d-------- C:\Program Files\Nokia
2006-10-23 09:20 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\PC Suite
2006-10-23 09:19 -------- d-------- C:\Program Files\Common Files\PCSuite
2006-10-23 09:19 -------- d-------- C:\Program Files\Common Files\Nokia
2006-10-22 22:16 -------- d-------- C:\Program Files\Apple Software Update
2006-10-22 13:00 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Identities
2006-10-21 16:17 -------- d-------- C:\Program Files\Microsoft AutoRoute
2006-10-21 16:16 -------- d-------- C:\Program Files\Microsoft Office
2006-10-21 16:14 -------- d-------- C:\Program Files\DAEMON Tools
2006-10-21 12:35 -------- d-------- C:\Program Files\Azureus
2006-10-20 00:40 -------- d-------- C:\Program Files\Winamp
2006-10-18 13:14 -------- d-------- C:\Program Files\QuickTime
2006-10-15 02:28 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\BitTorrent
2006-10-13 14:37 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-13 04:10 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Media Player Classic
2006-10-13 03:29 -------- d-------- C:\Program Files\Common Files\NSV
2006-10-13 03:24 -------- d-------- C:\Program Files\Combined Community Codec Pack
2006-10-13 03:20 -------- d-------- C:\Program Files\XP Codec Pack
2006-10-12 22:31 -------- d-------- C:\Program Files\Common Files\Java
2006-10-12 02:36 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2006-10-11 22:23 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\DivX
2006-10-11 12:23 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Adobe
2006-10-10 14:15 -------- d-------- C:\Program Files\Windows Media Player
2006-10-09 23:25 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Apple Computer
2006-10-09 21:41 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\vlc
2006-10-09 21:34 -------- d-------- C:\Program Files\VideoLAN
2006-10-08 18:15 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Ventrilo
2006-10-06 17:48 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Help
2006-10-06 15:48 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Macromedia
2006-10-06 14:59 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Sun
2006-10-06 13:37 611064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-10-06 10:29 -------- d-------- C:\Program Files\Messenger
2006-10-06 10:23 -------- d-------- C:\Program Files\Outlook Express
2006-10-06 10:23 -------- d-------- C:\Program Files\Common Files\System
2006-10-06 09:52 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\AVG7
2006-10-06 09:50 778656 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-10-06 09:50 4992 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-10-06 09:50 4288 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-10-06 09:50 27904 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-10-06 09:50 -------- d--h----- C:\Program Files\WindowsUpdate
2006-10-04 09:05 -------- d-------- C:\Program Files\Creative
2006-10-04 09:03 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Creative
2006-10-02 22:15 16384 --a------ C:\WINDOWS\system32\ac3config.exe
2006-09-29 13:44 -------- d-------- C:\Program Files\Common Files\Adobe
2006-09-29 13:42 -------- d-------- C:\Program Files\Adobe
2006-09-29 13:41 499712 --a------ C:\WINDOWS\system32\msvcp71.dll
2006-09-29 13:41 348160 --a------ C:\WINDOWS\system32\msvcr71.dll
2006-09-29 13:14 62 --ahs---- C:\Documents and Settings\presario 8000\Application Data\desktop.ini
2006-09-29 13:14 -------- d-------- C:\Program Files\Movie Maker
2006-09-29 13:14 -------- d-------- C:\Program Files\Common Files\SpeechEngines
2006-09-29 13:14 -------- d-------- C:\Program Files\Common Files\ODBC
2006-09-29 13:11 -------- d-------- C:\Program Files\Windows NT
2006-09-29 13:11 -------- d-------- C:\Program Files\NetMeeting
2006-09-29 12:56 -------- d-------- C:\Program Files\Common Files\Nero
2006-09-29 12:46 -------- d--h----- C:\Program Files\Uninstall Information
2006-09-29 12:42 0 -rahs---- C:\MSDOS.SYS
2006-09-29 12:42 0 -rahs---- C:\IO.SYS
2006-09-29 12:42 0 --a------ C:\CONFIG.SYS
2006-09-29 12:42 0 --a------ C:\AUTOEXEC.BAT
2006-09-29 12:42 -------- d-------- C:\Program Files\xerox
2006-09-29 12:42 -------- d-------- C:\Program Files\microsoft frontpage
2006-09-29 12:41 -------- d-------- C:\Program Files\Online Services
2006-09-29 12:40 -------- d-------- C:\Program Files\ComPlus Applications
2006-09-29 12:40 -------- d-------- C:\Program Files\Common Files\Services
2006-09-29 12:40 -------- d-------- C:\Program Files\Common Files\MSSoap
2006-09-29 12:39 -------- d-------- C:\Program Files\MSN Gaming Zone
2006-09-29 12:39 -------- d-------- C:\Program Files\MSN
2006-09-13 07:03 1084416 --------- C:\WINDOWS\system32\msxml3.dll
2006-08-25 17:49 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-25 05:47 129784 --------- C:\WINDOWS\system32\pxafs.dll
2006-08-25 05:47 115880 --------- C:\WINDOWS\system32\pxinsi64.exe
2006-08-21 14:26 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 11:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"BitTorrent"="\"D:\\bittorrent.exe\" --force_start_minimized"
"PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
"H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"AVG7_EMC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgemc.exe"
"CTHelper"="CTHELPER.EXE"
"MpsOnn"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\MpsOnn.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"PCSuiteTrayApplication"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -onlytray"
"DataLayer"="C:\\Program Files\\Common Files\\PCSuite\\DataLayer\\DataLayer.exe"
"BigDog305"="C:\\WINDOWS\\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)"
"Sunkist2k"="C:\\Program Files\\Multimedia Card Reader\\shwicon2k.exe"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"avgnt"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{CFE9E8A8-38C0-4EF8-AEC2-5035EFE81030}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job

Completion time: 06-11-19 7:39:35.54
C:\ComboFix.txt ... 06-11-19 07:39
C:\ComboFix2.txt ... 06-11-17 06:44

[ + lainaa]

tottoro

Newbie

19. marraskuuta 2006 @ 02:44

Linkki tähän viestiin

Logfile of HijackThis v1.99.1
Scan saved at 7:42:44, on 19.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\WINDOWS\VM305_STI.EXE
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\presario 8000\Työpöytä\Uusi kansio\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1AAF2D66-52EA-8B39-5863-07D40A54AD1F} - C:\WINDOWS\system32\awpxxab.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {CFE9E8A8-38C0-4EF8-AEC2-5035EFE81030} - C:\WINDOWS\system32\pmnkihg.dll (file missing)
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [MpsOnn] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\MpsOnn.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "D:\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Startup: .protected
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Share...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

[ + lainaa]

-kemisti-

AfterDawn Addict

19. marraskuuta 2006 @ 06:32

Linkki tähän viestiin

@tottoro:

Fixaa nämä:

O2 - BHO: (no name) - {1AAF2D66-52EA-8B39-5863-07D40A54AD1F} - C:\WINDOWS\system32\awpxxab.dll (file missing)
O2 - BHO: (no name) - {CFE9E8A8-38C0-4EF8-AEC2-5035EFE81030} - C:\WINDOWS\system32\pmnkihg.dll (file missing)

Aja smitfraudfix uudelleen vikasietotilassa optiolla 2 ja lähetä sen loki ja uusi HjT-loki tänne.

[ + lainaa]

Ei HjT-lokeja tms. yksityisviestillä!

tottoro

Newbie

20. marraskuuta 2006 @ 08:59

Linkki tähän viestiin

Logfile of HijackThis v1.99.1
Scan saved at 13:58:32, on 20.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\WINDOWS\VM305_STI.EXE
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\presario 8000\Työpöytä\Uusi kansio\HijackThis_v1.99.1.exe
C:\WINDOWS\System32\imapi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [MpsOnn] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\MpsOnn.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "D:\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Startup: .protected
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Share...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

[ + lainaa]

tottoro

Newbie

20. marraskuuta 2006 @ 09:02

Linkki tähän viestiin

SmitFraudFix v2.122

Scan done at 13:55:55,18, ma 20.11.2006
Run from C:\Documents and Settings\presario 8000\Ty?p?yt?\Uusi kansio\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

[ + lainaa]

Hujo

Suspended permanently

20. marraskuuta 2006 @ 10:14

Linkki tähän viestiin

AVG ja antivir koneella kumpi käytössä ?

Poista noista toinen lisää poista sovelutuksesta

Lähetä:
Uusi HjT-loki

[ + lainaa]

Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 20. marraskuuta 2006 @ 10:27

tottoro

Newbie

20. marraskuuta 2006 @ 11:06

Linkki tähän viestiin

Kummatkin..kumman poistan ?

[ + lainaa]

Mainos

Hujo

Suspended permanently

20. marraskuuta 2006 @ 11:14

Linkki tähän viestiin

Tuota jos olisin tuossa vaiheessa.

Lataisin koneelle avastin setupin valmiiksi ja poistaisin kummatkin.
Avasti pitää rekisteröidä
Netti yhteyshän ei saa olla silloin päällä. Nettipiuha pitää irroitaa.

Taitaisin jättää noista AVG:n

avasti on taas siintä hyvä että suomenkielinen ja pystyy säätelemään
Mikä tärkein Ne päivitykset

Jos Avasti alkoi kiinostamaan
http://www.download.fi/tyopoytaohjelmat/.../avast4home.cfm

Avast rekisteröinti
Linkki

[ + lainaa]

Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 20. marraskuuta 2006 @ 11:43

Viestiketju on suljettu. Uusien viestien lähettäminen ei ole mahdollista.

Sivu:	<	1	2

Aloita uusi viestiketju

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > kone oudon jumissa ja vikana varmaan tuo välkkyvä


		Käyttäjä	Salasana

		Puuttuuko tunnus? Liity jäseneksi nyt!. Salasana hukassa? Klikkaa tästä.