KONE HIDAS. MISSÄ VIKA????

Logfile of HijackThis v1.99.1
Scan saved at 19:00:56, on 14.8.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\serv454.exe
C:\dfndrff_9.exe
C:\kybrdff_9.exe
C:\nwnmff_9.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\opt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\serv454.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\TXVyc2FsIEhhc2hp\command.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Common Files\{ECA42CD7-063F-1035-0915-051213040166}\Update.exe
C:\WINDOWS\System32\ZoneLabs\isafe.exe
c:\dfndrfh_10.exe
c:\kybrdfh_10.exe
c:\nwnmfh_10.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\System32\ddaya.dll (file missing)
O2 - BHO: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll
O4 - HKLM\..\Run: [libprm] rundll32.exe C:\WINDOWS\System32\libprm.dll,start
O4 - HKLM\..\Run: [Rout111] serv454.exe
O4 - HKLM\..\Run: [defender] c:\\dfndrfh_10.exe
O4 - HKLM\..\Run: [keyboard] c:\\kybrdfh_10.exe
O4 - HKLM\..\Run: [mcjf475c] RUNDLL32.EXE w002e7f5.dll,n 002f475a0000000a002e7f5
O4 - HKLM\..\Run: [newname] c:\\nwnmfh_10.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [DHCP Hotfix] C:\opt.exe
O4 - HKLM\..\RunServices: [Rout111] serv454.exe
O4 - HKLM\..\RunOnce: [Rout111] serv454.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Rout111] serv454.exe
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\Regclean.exe" -startminimize
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /scan
O4 - HKCU\..\RunOnce: [Rout111] serv454.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O20 - Winlogon Notify: Controls Folder - C:\WINDOWS\system32\lv6u09j9e.dll (file missing)
O20 - Winlogon Notify: ddaya - ddaya.dll (file missing)
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\System32\ZoneLabs\isafe.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TXVyc2FsIEhhc2hp\command.exe
O23 - Service: Print Spooler Service (SpoolSvc213) - Unknown owner - C:\WINDOWS\System32\nlkfev7ulcsj.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

Voi johtua suuresta pöpömäärästä, arvaan ma
Ja toinen syy on windowsin päivittämättömyys.

1. Lataa http://download.bleepingcomputer.com/sUBs/combofix.exe[b]
combofix.exe[/b]tiedosto työpöydällesi.
2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen

Lähetä uusi HjT-loki ja combofixin loki.

Niin ja ÄLÄ KÄYTÄ ISOJA KIRJAIMIA OTSIKOSSA, SITÄ ON TODELLA IKÄVÄÄ LUKEA