ATTAKAA JOKU!!!!

Onneton tietsikoiden kanssa

2005-12-15 07:26:24

Kertokaa joku millä sais poistettua tollasen tualta oikeesta alakulmasta,jossa lukee et your computer is infected ja siin on sellanen pallo,mikä vilkkuu.....en osaa tehä mittää sille..virusohjelmat on käyty läpi....

Kiitos etukäteen

277

Äänestä

Vastaukset

Juu
2005-12-15 08:40:17
Pistä Hijack logi niin katotaan miltä se näyttää

http://koti.mbnet.fi/pattaya1/HijackThis.exe
- onneton nainen
  2005-12-15 12:38:09
  Logfile of HijackThis v1.99.1
  Scan saved at 19:03:38, on 14.12.2005
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\LEXBCES.EXE
  C:\WINDOWS\system32\spoolsv.exe
  c:\program files\mcafee.com\agent\mcdetect.exe
  c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
  C:\WINDOWS\System32\nvsvc32.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\SOUNDMAN.EXE
  C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
  C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
  C:\PROGRA~1\mcafee.com\agent\mcagent.exe
  c:\progra~1\mcafee.com\vso\mcvsescn.exe
  C:\WINDOWS\system32\RUNDLL32.EXE
  C:\Program Files\MessengerPlus! 3\MsgPlus.exe
  C:\Program Files\Logitech\Video\LogiTray.exe
  C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
  C:\Program Files\Thfd\Xglhhqt.exe
  C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
  C:\WINDOWS\system32\ctfmon.exe
  C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
  C:\WINDOWS\system32\LVComS.exe
  C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\WinRAR\WinRAR.exe
  C:\DOCUME~1\Manta\LOCALS~1\Temp\Rar$EX01.969\HijackThis.exe
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.saunalahti.fi/
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.saunalahti.fi/
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
  R3 - Default URLSearchHook is missing
  O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpE431.tmp
  O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
  O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
  O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
  O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
  O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
  O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
  O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
  O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
  O4 - HKLM\..\Run: [Loud barb flaw manager] C:\Documents and Settings\All Users\Application Data\Dart The Loud Barb\Joy Logo.exe
  O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
  O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
  O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
  O4 - HKLM\..\Run: [Axis web link ante] C:\Documents and Settings\All Users\Application Data\ping shim axis web\32 start.exe
  O4 - HKLM\..\Run: [Hlhfrwj] C:\Program Files\Thfd\Xglhhqt.exe
  O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
  O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
  O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
  O4 - HKCU\..\Run: [Base meet] C:\DOCUME~1\Manta\APPLIC~1\BOLDBI~1\newdumb.exe
  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
  O8 - Extra context menu item: &Google-haku - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
  O8 - Extra context menu item: &Käännä englanninkielinen sana - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
  O8 - Extra context menu item: Linkit taaksepäin - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
  O8 - Extra context menu item: Samankaltaisia sivuja - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
  O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267. cab
  O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl ient.cab31267.cab
  O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
  O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/supergerball/miniclipGameLoader .dll
  O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/puzzlepirates/miniclipGameLoade r.dll
  O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312 67.cab
  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls /en/x86/client/wuweb_site.cab?1123701299203
  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro ls/en/x86/client/muweb_site.cab?1123701511046
  O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstalle r.cab
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie nt.cab31267.cab
  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown loader.cab
  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca b
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O20 - AppInit_DLLs: MsgPlusLoader.dll
  O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll
  O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
  O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
  O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
  O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
- Juu
  2005-12-15 12:50:50
  onneton nainen kirjoitti:
  Logfile of HijackThis v1.99.1
  Scan saved at 19:03:38, on 14.12.2005
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\LEXBCES.EXE
  C:\WINDOWS\system32\spoolsv.exe
  c:\program files\mcafee.com\agent\mcdetect.exe
  c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
  C:\WINDOWS\System32\nvsvc32.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\SOUNDMAN.EXE
  C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
  C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
  C:\PROGRA~1\mcafee.com\agent\mcagent.exe
  c:\progra~1\mcafee.com\vso\mcvsescn.exe
  C:\WINDOWS\system32\RUNDLL32.EXE
  C:\Program Files\MessengerPlus! 3\MsgPlus.exe
  C:\Program Files\Logitech\Video\LogiTray.exe
  C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
  C:\Program Files\Thfd\Xglhhqt.exe
  C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
  C:\WINDOWS\system32\ctfmon.exe
  C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
  C:\WINDOWS\system32\LVComS.exe
  C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\WinRAR\WinRAR.exe
  C:\DOCUME~1\Manta\LOCALS~1\Temp\Rar$EX01.969\HijackThis.exe
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.saunalahti.fi/
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.saunalahti.fi/
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
  R3 - Default URLSearchHook is missing
  O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpE431.tmp
  O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
  O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
  O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
  O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
  O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
  O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
  O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
  O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
  O4 - HKLM\..\Run: [Loud barb flaw manager] C:\Documents and Settings\All Users\Application Data\Dart The Loud Barb\Joy Logo.exe
  O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
  O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
  O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
  O4 - HKLM\..\Run: [Axis web link ante] C:\Documents and Settings\All Users\Application Data\ping shim axis web\32 start.exe
  O4 - HKLM\..\Run: [Hlhfrwj] C:\Program Files\Thfd\Xglhhqt.exe
  O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
  O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
  O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
  O4 - HKCU\..\Run: [Base meet] C:\DOCUME~1\Manta\APPLIC~1\BOLDBI~1\newdumb.exe
  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
  O8 - Extra context menu item: &Google-haku - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
  O8 - Extra context menu item: &Käännä englanninkielinen sana - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
  O8 - Extra context menu item: Linkit taaksepäin - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
  O8 - Extra context menu item: Samankaltaisia sivuja - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
  O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267. cab
  O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl ient.cab31267.cab
  O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
  O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/supergerball/miniclipGameLoader .dll
  O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/puzzlepirates/miniclipGameLoade r.dll
  O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312 67.cab
  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls /en/x86/client/wuweb_site.cab?1123701299203
  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro ls/en/x86/client/muweb_site.cab?1123701511046
  O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstalle r.cab
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie nt.cab31267.cab
  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown loader.cab
  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca b
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O20 - AppInit_DLLs: MsgPlusLoader.dll
  O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll
  O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
  O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
  O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
  O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  Pistä ensin se Hijackki omaan kansioon tonne
  C:\HjT\HijackThis.exe
  
  Poista Lisää\Poista paneelista jos näkyy
  
  MessengerPlus3
  
  Ota smitrem ja säästä se työpöydälle
  
  http://noahdfear.geekstogo.com/click counter/click.php?id=1
  
  Tuplaklikkaa sitä ja Start niin saat smitrem kansion työpöydälle
  
  Käynnistä sitte kone vikasietotilassa.
  
  Scannaa Hijackillä merkka ja Fix:saa nuo rivit jos näkyy
  
  R3 - Default URLSearchHook is missing
  O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpE431.tmp
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
  O4 - HKLM\..\Run: [Loud barb flaw manager] C:\Documents and Settings\All Users\Application Data\Dart The Loud Barb\Joy Logo.exe
  O4 - HKLM\..\Run: [Axis web link ante] C:\Documents and Settings\All Users\Application Data\ping shim axis web\32 start.exe
  O4 - HKLM\..\Run: [Hlhfrwj] C:\Program Files\Thfd\Xglhhqt.exe
  O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h
  O4 - HKCU\..\Run: [Base meet] C:\DOCUME~1\Manta\APPLIC~1\BOLDBI~1\newdumb.exe
  O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/supergerball/miniclipGameLoader .dll
  O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/puzzlepirates/miniclipGameLoade r.dll
  O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstalle r.cab
  
  Sitte poista piilotiedostot näkyvillä jos löytyy
  
  C:\Program Files\MessengerPlus! 3\ < kansio
  C:\Documents and Settings\All Users\Application Data\Dart The Loud Barb\ < kansio
  C:\Documents and Settings\All Users\Application Data\ping shim axis web\ < kansio
  C:\Program Files\Thfd\ < kansio
  C:\DOCUME~1\Manta\APPLIC~1\BOLDBI~1\ < kansio
  
  Sitte avaa smitrem kansio ja tuplaklikkaa RunThis.bat ja seuraa ohjeita.
  Käynnistä sitte normaalisti ja uus Hijack logi ja smitrem logi (C:\smitfiles.txt.)
- onneton nainen
  2005-12-17 21:51:47
  onneton nainen kirjoitti:
  Logfile of HijackThis v1.99.1
  Scan saved at 19:03:38, on 14.12.2005
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\LEXBCES.EXE
  C:\WINDOWS\system32\spoolsv.exe
  c:\program files\mcafee.com\agent\mcdetect.exe
  c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
  C:\WINDOWS\System32\nvsvc32.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\SOUNDMAN.EXE
  C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
  C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
  C:\PROGRA~1\mcafee.com\agent\mcagent.exe
  c:\progra~1\mcafee.com\vso\mcvsescn.exe
  C:\WINDOWS\system32\RUNDLL32.EXE
  C:\Program Files\MessengerPlus! 3\MsgPlus.exe
  C:\Program Files\Logitech\Video\LogiTray.exe
  C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
  C:\Program Files\Thfd\Xglhhqt.exe
  C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
  C:\WINDOWS\system32\ctfmon.exe
  C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
  C:\WINDOWS\system32\LVComS.exe
  C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\WinRAR\WinRAR.exe
  C:\DOCUME~1\Manta\LOCALS~1\Temp\Rar$EX01.969\HijackThis.exe
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.saunalahti.fi/
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.saunalahti.fi/
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
  R3 - Default URLSearchHook is missing
  O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpE431.tmp
  O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
  O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
  O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
  O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
  O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
  O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
  O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
  O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
  O4 - HKLM\..\Run: [Loud barb flaw manager] C:\Documents and Settings\All Users\Application Data\Dart The Loud Barb\Joy Logo.exe
  O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
  O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
  O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
  O4 - HKLM\..\Run: [Axis web link ante] C:\Documents and Settings\All Users\Application Data\ping shim axis web\32 start.exe
  O4 - HKLM\..\Run: [Hlhfrwj] C:\Program Files\Thfd\Xglhhqt.exe
  O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
  O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
  O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
  O4 - HKCU\..\Run: [Base meet] C:\DOCUME~1\Manta\APPLIC~1\BOLDBI~1\newdumb.exe
  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
  O8 - Extra context menu item: &Google-haku - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
  O8 - Extra context menu item: &Käännä englanninkielinen sana - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
  O8 - Extra context menu item: Linkit taaksepäin - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
  O8 - Extra context menu item: Samankaltaisia sivuja - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
  O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267. cab
  O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl ient.cab31267.cab
  O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
  O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/supergerball/miniclipGameLoader .dll
  O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/puzzlepirates/miniclipGameLoade r.dll
  O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312 67.cab
  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls /en/x86/client/wuweb_site.cab?1123701299203
  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro ls/en/x86/client/muweb_site.cab?1123701511046
  O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstalle r.cab
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie nt.cab31267.cab
  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown loader.cab
  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca b
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O20 - AppInit_DLLs: MsgPlusLoader.dll
  O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll
  O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
  O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
  O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
  O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  KIITTI TUHANNESTI SULLE!!!!LÄHTI POIS

Ketjusta on poistettu 1 sääntöjenvastaista viestiä.

Takaisin ylös

Luetuimmat keskustelut

Kuka paiskasi vauvan betoniin Oulussa?
Nimi esiin.....
22.02.2026 17:07Oulu
113
7247
Riikan kukkaronnyöri on umpisolmussa
Kulutus ei lähde liikkeelle, koska kansalaiset eivät usko, että: – työpaikka säilyy – tulot eivät romahda – talous ei h
22.02.2026 15:48Maailman menoa
98
5233
Tanskan malli perustuu korkeaan ansioturvaan
Ja vahvoihin työllisyys- ja kotoutumispalveluihin. Suomessa Riikka on leikannut juuri näitä: palkkatukea, työttömyysturv
22.02.2026 12:56Maailman menoa
116
3486
Epäily: Räppäri yritti tappaa vauvansa.
https://www.mtvuutiset.fi/artikkeli/epaily-mies-yritti-tappaa-vauvansa/9300728 Tämä on erittäin järkyttävä teko täysin p
23.02.2026 11:36Maailman menoa
33
3412
Anteeksipyyntöni
Jätän tähän anteeksipyyntöni sinulle, koska en voi sanoa sitä missään muuallakaan. Pyydän anteeksi, jos purkamani tuska
22.02.2026 18:55Järki ja tunteet
35
2524
Sydämeni valtiaalle
En täältä aio asioita kysellä. Haluan tuoda tiedoksesi, että pohjimmiltani en ihmisiä tahdo satuttaa ja ajattelen muiden
22.02.2026 09:34Ikävä
119
1856
Oletko tyytyväinen
Tämän hetkiseen tilanteeseenne? Odotatko, että lähennytte vai yritätkö päästä yli ja eteenpäin?
22.02.2026 11:04Ikävä
96
1501
Mikseivät suomalaiset kuluta? istutaan vaan säästötilirahojen päällä..
...Ihan haluamalla halutaan että maa menee konkurssiin? Ihan käsittämätöntä, ennätymäärät säästöjä sekä konkursseja sam
22.02.2026 13:55Maailman menoa
341
1451
Jos oikeasti haluat vielä
Tee mitä miehen täytyy tehdä ja lähesty rohkeasti 📞 laita vaikka viestiä vielä kerran 😚
22.02.2026 20:58Ikävä
131
1346
Onko Sanna menossa Ukrainaan viettämään vuosipäivää?
Kun on bongattu Varsovan lentokentältä?
23.02.2026 18:17Maailman menoa
42
1270

ATTAKAA JOKU!!!!

Vastaukset

onneton nainen kirjoitti:

onneton nainen kirjoitti:

Luetuimmat keskustelut

Kuka paiskasi vauvan betoniin Oulussa?

Riikan kukkaronnyöri on umpisolmussa

Tanskan malli perustuu korkeaan ansioturvaan

Epäily: Räppäri yritti tappaa vauvansa.

Anteeksipyyntöni

Sydämeni valtiaalle

Oletko tyytyväinen

Mikseivät suomalaiset kuluta? istutaan vaan säästötilirahojen päällä..

Jos oikeasti haluat vielä

Onko Sanna menossa Ukrainaan viettämään vuosipäivää?

Kiinnostaako Petolliset? Uudella kaudella radikaali muutos, muttei kaikille katsojille...

81-vuotias Frederik avoimena - Ei omasta mielestä kelpaa tästä syystä realityihin: "Veemäinen..."

Tanskan malli perustuu korkeaan ansioturvaan

Kiinnostaako Iholla-reality? Katsotko?

Tiesitkö? Kohutun L/over sarjan Juha eli Jani Volanen on tämän julkkisnaisen ex-mies!

Mihin menee Suomen maatalous - minun lapsuuteni maisema

Kerttu Niskanen rehellisenä Salkkarit-pestistä!

Seiska: Artturi Sieppi paljastaa "kaljoittelusta" Amazing Race -kulisseissa

Ruokarobotti liikenteessä

Rydmanin nousu sote-ministeriksi on kauttaaltaan irvokas