Newbielle apua, please. Internet-yhteys on hidas. Pitäisi olla 1 M, mutta nopeustesti näyttää alle 600 kbs. Olen ladannut WMA-tiedostoja WMF-viruksen tulon jälkeen, mutta ilmeisesti eri asioita, vai onko? Jos joku on saanut koneen haltuunsa, näkeekö sen jostakin? Minulla dos-tilassa (Command Prompt) netstat-kommennolla näyttää seuraavan, vaikka internet-selain on suljettu. Mielestäni ei pitäisi näkyä mitään, jos selain on kiinni: Microsoft Windows 2000 [Version 5.00.2195] (C) Copyright 1985-2000 Microsoft Corp. [bold]Active Connections[/bold] Proto Local Address Foreign Address State TCP unknown-cv287ob:3079 a195-197-54-151.deploy.akamaitechnologies.net:ht tp TIME_WAIT TCP unknown-cv287ob:3080 a195-197-54-151.deploy.akamaitechnologies.net:ht tp TIME_WAIT TCP unknown-cv287ob:3074 unknown-cv287ob:3073 TIME_WAIT [bold]Seuraavassa HJT-loki: [/bold] Microsoft Windows 2000 [Version 5.00.2195] (C) Copyright 1985-2000 Microsoft Corp. C:\Documents and Settings\unknown>netstat Active Connections Proto Local Address Foreign Address State TCP unknown-cv287ob:3079 a195-197-54-151.deploy.akamaitechnologies.net:ht tp TIME_WAIT TCP unknown-cv287ob:3080 a195-197-54-151.deploy.akamaitechnologies.net:ht tp TIME_WAIT TCP unknown-cv287ob:3074 unknown-cv287ob:3073 TIME_WAIT C:\Documents and Settings\unknown>copy The syntax of the command is incorrect. C:\Documents and Settings\unknown> Seuraavassa HiJackThis loki: Logfile of HijackThis v1.99.1 Scan saved at 7:59:54 PM, on 1/1/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\WINNT\system32\cisvc.exe C:\WINNT\System32\svchost.exe E:\program files\Ewido\ewido anti-malware\ewidoctrl.exe E:\program files\Ewido\ewido anti-malware\ewidoguard.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Common\FSMB32.EXE C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\WINNT\system32\hidserv.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\F-Secure\Common\FCH32.EXE E:\program files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\WINNT\System32\nvsvc32.exe C:\WINNT\system32\PGPserv.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe E:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\Program Files\Common Files\Symantec Shared\SymTray.exe C:\WINNT\system32\svchost.exe C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Analog Devices\SoundMAX\Smtray.exe E:\program files\OmniPage\opware32.exe C:\WINNT\system32\wfxsnt40.exe E:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe E:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe E:\program files\Logitech\MouseWare\system\em_exec.exe C:\WINNT\system32\spool\DRIVERS\W32X86\3\printray.exe E:\program files\PowerDVD\PDVDServ.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\WINNT\system32\ctfmon.exe E:\program files\PGP\PGPtray.exe C:\WINNT\system32\mapiicon.exe C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\Program Files\F-Secure\FSGUI\fsguiexe.exe C:\WINNT\system32\cidaemon.exe C:\WINNT\system32\ntvdm.exe E:\program files\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://elisa.net/paketti/haku.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mf.launch.yahoo.com/launch/registration/?dest=http://launch.yahoo.com/launchcast/default.asp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Elisa Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;<local> O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\program files\Acrobat Reader\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file) O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - E:\program files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe O4 - HKLM\..\Run: [Omnipage] E:\program files\OmniPage\opware32.exe O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtray.exe SetReg O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] e:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe O4 - HKLM\..\Run: [Lexmark X83 Button Manager] e:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe O4 - HKLM\..\Run: [PrinTray] C:\WINNT\system32\spool\DRIVERS\W32X86\3\printray.exe O4 - HKLM\..\Run: [RemoteControl] "E:\program files\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe O4 - Startup: ADSL Diagnostic Tools.LNK = C:\WINNT\system32\mapiicon.exe O4 - Startup: Vekkari.lnk = E:\program files\Vekkari\Vekkari.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = E:\program files\MS Office\Office10\OSA.EXE O4 - Global Startup: PGPtray.lnk = E:\program files\PGP\PGPtray.exe O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM O8 - Extra context menu item: Search Using Copernic Agent - E:\program files\Copernic Agent\Web\SearchExt.htm O8 - Extra context menu item: Vie Microsoft E&xceliin - res://E:\PROGRA~1\MSOFFI~1\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - E:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - E:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - E:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - E:\program files\Free Surfer\FS20.exe O9 - Extra 'Tools' menuitem: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - E:\program files\Free Surfer\FS20.exe O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - E:\program files\IrfanView\Ebay\Ebay.htm (file missing) O9 - Extra button: Support - {010D7869-48A8-4061-9424-759F83E18A81} - http://tuki.elisa.net/ (file missing) (HKCU) O9 - Extra button: SMS - {07132342-14B5-49CC-8EC0-276586157A67} - http://sms.kolumbus.fi/ (file missing) (HKCU) O9 - Extra button: Service - {1D9DA27F-0D3B-4436-B289-1ED0B7D6DD60} - http://service.kolumbus.fi/ (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/ O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) - O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file) O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: ewido security suite control - ewido networks - E:\program files\Ewido\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - E:\program files\Ewido\ewido anti-malware\ewidoguard.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - E:\program files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe O23 - Service: PGPserv - PGP Corporation - C:\WINNT\system32\PGPserv.exe O23 - Service: Speed Disk service - Symantec Corporation - E:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Ei näy sellaisia, mutta muuta fixattavaa. Fixaa HjT:llä (do a system scan only, merkkaa ja paina fix checked): O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file) O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
Kiitos paljon, kemisti! Hieno foorumi tämä. Minä jo pelkäsin... Poistin nuo kolme ohjeittesi mukaan (mitä sitten ovatkin).
Täysin eri asioita. WMA on äänitiedosto ja WMF on kuvatiedosto. WMV on videotiedosto. Mutta jotta asiat eivät olisi liian yksinkertaisia niin WMA-tiedosto voi olla WMF-tiedosto mutta sille on vaihdettu tiedostopäätettä.
