Aloin tätä jo joskus puhdistella, mutta homma jäi kesken, kun jouduin kotoa poistumaan... Logfile of HijackThis v1.99.1 Scan saved at 21:57:06, on 1.6.2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\a-squared Anti-Malware\a2service.exe C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Common\FSMB32.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\ELISAT~1\4119343\Program\BACKWE~1.EXE C:\Program Files\F-Secure\Common\FCH32.EXE C:\WINDOWS\System32\RUNDLL32.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\System32\devldr32.exe C:\Program Files\F-Secure\Common\FSGK32.EXE C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\WINDOWS\system32\mapiicon.exe C:\Program Files\F-Secure\VPNPlus\Program\fsvpnd.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Opera\Opera.exe C:\Documents and Settings\Arttu\Työpöytä\HijackThis_v1.99.1.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [ADSL_A2] A2Installed O4 - HKLM\..\Run: [Win Update Microsoft] winmode.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\RunServices: [Win Update Microsoft] winmode.exe O4 - HKCU\..\Run: [Win Update Microsoft] winmode.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - Startup: ADSL Diagnostic Tools.LNK = C:\WINDOWS\system32\mapiicon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZS O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by19fd.bay19.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1107272603037 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176192737111 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Elisa Tietoturvapalvelu (BackWeb Client - 4119343) - Unknown owner - C:\PROGRA~1\ELISAT~1\4119343\Program\SERVIC~1.EXE O23 - Service: F-Secure IPsec Daemon - F-Secure Corporation - C:\Program Files\F-Secure\VPNPlus\Program\fsvpnd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Ja ennen kuin kukaan sanoo, että asenna Service Pack 1, niin se ei nyt onnistu epäaidon Windowsin takia. Jos joku siitä huolimatta viitsii tässä auttaa, niin KIITOS.
hijakcthis.de sinne vain laitat lokin niin jo toimii, aja vielä F-Securen online scan , sen löydät kyllä googlella. laitoin sun lokin tuonne hijackthis.de:hen ja tässä pari tulosta: O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZS Nasty The entry &Search has been identified as nasty O4 - HKLM\..\RunServices: [Win Update Microsoft] winmode.exe Unknown application. O4 - HKCU\..\Run: [Win Update Microsoft] winmode.exe Unknown application. ja IE 6 -> IE 7 ps. Niin ja kannataa eheyttää aina välillä , kännistä -> kakki ohjelmat - > apuohjelmat -> järjestelmä työkalut -> levyn eheytys
Escan Ohjeet tuolla sivulla. http://koti.mbnet.fi/pattaya1/escanmwav.htm lataa tuosta http://www.spywareinfo.dk/download/mwav.exe päivitä tuosta http://koti.mbnet.fi/pattaya1/lataus/Mwav.bat laita täpit merkkauksien mukaan http://koti.mbnet.fi/pattaya1/eScan6.jpg scannaa jos ala luukkuun tulee jotain niin kopioi se näin: Käytä komentoa Ctrl+A. Kopioi rivit komennolla Ctrl+C. Liitä rivit komennolla Ctrl+V. Laita virus log tänne.
