ATTAKAA JOKU!!!!

Onneton tietsikoiden kanssa

Kertokaa joku millä sais poistettua tollasen tualta oikeesta alakulmasta,jossa lukee et your computer is infected ja siin on sellanen pallo,mikä vilkkuu.....en osaa tehä mittää sille..virusohjelmat on käyty läpi....

Kiitos etukäteen

4

266

    Vastaukset

    Anonyymi (Kirjaudu / Rekisteröidy)
    5000
    • Juu
      • onneton nainen

        Logfile of HijackThis v1.99.1
        Scan saved at 19:03:38, on 14.12.2005
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\LEXBCES.EXE
        C:\WINDOWS\system32\spoolsv.exe
        c:\program files\mcafee.com\agent\mcdetect.exe
        c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
        c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
        C:\WINDOWS\System32\nvsvc32.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\ZoneLabs\vsmon.exe
        c:\PROGRA~1\mcafee.com\vso\mcshield.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\Explorer.EXE
        C:\WINDOWS\SOUNDMAN.EXE
        C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
        C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
        C:\PROGRA~1\mcafee.com\agent\mcagent.exe
        c:\progra~1\mcafee.com\vso\mcvsescn.exe
        C:\WINDOWS\system32\RUNDLL32.EXE
        C:\Program Files\MessengerPlus! 3\MsgPlus.exe
        C:\Program Files\Logitech\Video\LogiTray.exe
        C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
        C:\Program Files\Thfd\Xglhhqt.exe
        C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
        C:\WINDOWS\system32\LVComS.exe
        C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
        C:\Program Files\Internet Explorer\iexplore.exe
        C:\Program Files\WinRAR\WinRAR.exe
        C:\DOCUME~1\Manta\LOCALS~1\Temp\Rar$EX01.969\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.saunalahti.fi/
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.saunalahti.fi/
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        R3 - Default URLSearchHook is missing
        O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpE431.tmp
        O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
        O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
        O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
        O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
        O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
        O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
        O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
        O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
        O4 - HKLM\..\Run: [Loud barb flaw manager] C:\Documents and Settings\All Users\Application Data\Dart The Loud Barb\Joy Logo.exe
        O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
        O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
        O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
        O4 - HKLM\..\Run: [Axis web link ante] C:\Documents and Settings\All Users\Application Data\ping shim axis web\32 start.exe
        O4 - HKLM\..\Run: [Hlhfrwj] C:\Program Files\Thfd\Xglhhqt.exe
        O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
        O4 - HKCU\..\Run: [Base meet] C:\DOCUME~1\Manta\APPLIC~1\BOLDBI~1\newdumb.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
        O8 - Extra context menu item: &Google-haku - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
        O8 - Extra context menu item: &Käännä englanninkielinen sana - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
        O8 - Extra context menu item: Linkit taaksepäin - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
        O8 - Extra context menu item: Samankaltaisia sivuja - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
        O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267. cab
        O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl ient.cab31267.cab
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
        O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/supergerball/miniclipGameLoader .dll
        O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/puzzlepirates/miniclipGameLoade r.dll
        O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312 67.cab
        O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls /en/x86/client/wuweb_site.cab?1123701299203
        O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro ls/en/x86/client/muweb_site.cab?1123701511046
        O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstalle r.cab
        O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie nt.cab31267.cab
        O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown loader.cab
        O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca b
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
        O20 - AppInit_DLLs: MsgPlusLoader.dll
        O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll
        O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
        O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
        O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
        O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
        O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
        O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
        O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


      • Juu
        onneton nainen kirjoitti:

        Logfile of HijackThis v1.99.1
        Scan saved at 19:03:38, on 14.12.2005
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\LEXBCES.EXE
        C:\WINDOWS\system32\spoolsv.exe
        c:\program files\mcafee.com\agent\mcdetect.exe
        c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
        c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
        C:\WINDOWS\System32\nvsvc32.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\ZoneLabs\vsmon.exe
        c:\PROGRA~1\mcafee.com\vso\mcshield.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\Explorer.EXE
        C:\WINDOWS\SOUNDMAN.EXE
        C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
        C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
        C:\PROGRA~1\mcafee.com\agent\mcagent.exe
        c:\progra~1\mcafee.com\vso\mcvsescn.exe
        C:\WINDOWS\system32\RUNDLL32.EXE
        C:\Program Files\MessengerPlus! 3\MsgPlus.exe
        C:\Program Files\Logitech\Video\LogiTray.exe
        C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
        C:\Program Files\Thfd\Xglhhqt.exe
        C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
        C:\WINDOWS\system32\LVComS.exe
        C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
        C:\Program Files\Internet Explorer\iexplore.exe
        C:\Program Files\WinRAR\WinRAR.exe
        C:\DOCUME~1\Manta\LOCALS~1\Temp\Rar$EX01.969\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.saunalahti.fi/
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.saunalahti.fi/
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        R3 - Default URLSearchHook is missing
        O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpE431.tmp
        O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
        O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
        O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
        O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
        O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
        O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
        O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
        O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
        O4 - HKLM\..\Run: [Loud barb flaw manager] C:\Documents and Settings\All Users\Application Data\Dart The Loud Barb\Joy Logo.exe
        O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
        O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
        O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
        O4 - HKLM\..\Run: [Axis web link ante] C:\Documents and Settings\All Users\Application Data\ping shim axis web\32 start.exe
        O4 - HKLM\..\Run: [Hlhfrwj] C:\Program Files\Thfd\Xglhhqt.exe
        O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
        O4 - HKCU\..\Run: [Base meet] C:\DOCUME~1\Manta\APPLIC~1\BOLDBI~1\newdumb.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
        O8 - Extra context menu item: &Google-haku - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
        O8 - Extra context menu item: &Käännä englanninkielinen sana - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
        O8 - Extra context menu item: Linkit taaksepäin - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
        O8 - Extra context menu item: Samankaltaisia sivuja - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
        O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267. cab
        O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl ient.cab31267.cab
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
        O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/supergerball/miniclipGameLoader .dll
        O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/puzzlepirates/miniclipGameLoade r.dll
        O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312 67.cab
        O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls /en/x86/client/wuweb_site.cab?1123701299203
        O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro ls/en/x86/client/muweb_site.cab?1123701511046
        O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstalle r.cab
        O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie nt.cab31267.cab
        O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown loader.cab
        O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca b
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
        O20 - AppInit_DLLs: MsgPlusLoader.dll
        O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll
        O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
        O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
        O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
        O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
        O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
        O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
        O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

        Pistä ensin se Hijackki omaan kansioon tonne
        C:\HjT\HijackThis.exe

        Poista Lisää\Poista paneelista jos näkyy

        MessengerPlus3

        Ota smitrem ja säästä se työpöydälle

        http://noahdfear.geekstogo.com/click counter/click.php?id=1

        Tuplaklikkaa sitä ja Start niin saat smitrem kansion työpöydälle

        Käynnistä sitte kone vikasietotilassa.

        Scannaa Hijackillä merkka ja Fix:saa nuo rivit jos näkyy

        R3 - Default URLSearchHook is missing
        O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpE431.tmp
        O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
        O4 - HKLM\..\Run: [Loud barb flaw manager] C:\Documents and Settings\All Users\Application Data\Dart The Loud Barb\Joy Logo.exe
        O4 - HKLM\..\Run: [Axis web link ante] C:\Documents and Settings\All Users\Application Data\ping shim axis web\32 start.exe
        O4 - HKLM\..\Run: [Hlhfrwj] C:\Program Files\Thfd\Xglhhqt.exe
        O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h
        O4 - HKCU\..\Run: [Base meet] C:\DOCUME~1\Manta\APPLIC~1\BOLDBI~1\newdumb.exe
        O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/supergerball/miniclipGameLoader .dll
        O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/puzzlepirates/miniclipGameLoade r.dll
        O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstalle r.cab

        Sitte poista piilotiedostot näkyvillä jos löytyy

        C:\Program Files\MessengerPlus! 3\ < kansio
        C:\Documents and Settings\All Users\Application Data\Dart The Loud Barb\ < kansio
        C:\Documents and Settings\All Users\Application Data\ping shim axis web\ < kansio
        C:\Program Files\Thfd\ < kansio
        C:\DOCUME~1\Manta\APPLIC~1\BOLDBI~1\ < kansio

        Sitte avaa smitrem kansio ja tuplaklikkaa RunThis.bat ja seuraa ohjeita.
        Käynnistä sitte normaalisti ja uus Hijack logi ja smitrem logi (C:\smitfiles.txt.)


      • onneton nainen
        onneton nainen kirjoitti:

        Logfile of HijackThis v1.99.1
        Scan saved at 19:03:38, on 14.12.2005
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\LEXBCES.EXE
        C:\WINDOWS\system32\spoolsv.exe
        c:\program files\mcafee.com\agent\mcdetect.exe
        c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
        c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
        C:\WINDOWS\System32\nvsvc32.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\ZoneLabs\vsmon.exe
        c:\PROGRA~1\mcafee.com\vso\mcshield.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\Explorer.EXE
        C:\WINDOWS\SOUNDMAN.EXE
        C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
        C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
        C:\PROGRA~1\mcafee.com\agent\mcagent.exe
        c:\progra~1\mcafee.com\vso\mcvsescn.exe
        C:\WINDOWS\system32\RUNDLL32.EXE
        C:\Program Files\MessengerPlus! 3\MsgPlus.exe
        C:\Program Files\Logitech\Video\LogiTray.exe
        C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
        C:\Program Files\Thfd\Xglhhqt.exe
        C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
        C:\WINDOWS\system32\LVComS.exe
        C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
        C:\Program Files\Internet Explorer\iexplore.exe
        C:\Program Files\WinRAR\WinRAR.exe
        C:\DOCUME~1\Manta\LOCALS~1\Temp\Rar$EX01.969\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.saunalahti.fi/
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.saunalahti.fi/
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        R3 - Default URLSearchHook is missing
        O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpE431.tmp
        O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
        O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
        O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
        O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
        O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
        O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
        O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
        O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
        O4 - HKLM\..\Run: [Loud barb flaw manager] C:\Documents and Settings\All Users\Application Data\Dart The Loud Barb\Joy Logo.exe
        O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
        O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
        O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
        O4 - HKLM\..\Run: [Axis web link ante] C:\Documents and Settings\All Users\Application Data\ping shim axis web\32 start.exe
        O4 - HKLM\..\Run: [Hlhfrwj] C:\Program Files\Thfd\Xglhhqt.exe
        O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
        O4 - HKCU\..\Run: [Base meet] C:\DOCUME~1\Manta\APPLIC~1\BOLDBI~1\newdumb.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
        O8 - Extra context menu item: &Google-haku - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
        O8 - Extra context menu item: &Käännä englanninkielinen sana - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
        O8 - Extra context menu item: Linkit taaksepäin - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
        O8 - Extra context menu item: Samankaltaisia sivuja - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
        O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267. cab
        O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl ient.cab31267.cab
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
        O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/supergerball/miniclipGameLoader .dll
        O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/puzzlepirates/miniclipGameLoade r.dll
        O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312 67.cab
        O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls /en/x86/client/wuweb_site.cab?1123701299203
        O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro ls/en/x86/client/muweb_site.cab?1123701511046
        O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstalle r.cab
        O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie nt.cab31267.cab
        O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown loader.cab
        O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca b
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
        O20 - AppInit_DLLs: MsgPlusLoader.dll
        O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll
        O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
        O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
        O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
        O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
        O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
        O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
        O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

        KIITTI TUHANNESTI SULLE!!!!LÄHTI POIS


    Ketjusta on poistettu 1 sääntöjenvastaista viestiä.

    Luetuimmat keskustelut

    1. Stefu LOISTAVAA!

      Ilmeisesti joku vedonlyönti tms, selvinpäin-elämästä👍👍👍 ilmankos ei ole Sofiaa näkynyt. Miten tän parin nyt käy, kun viimi ei maksettuna enää virta
      Kotimaiset julkkisjuorut
      133
      1935
    2. Msisa on eronnut

      Mies ei kestänyt jatkuvia syrjähyppyjä eikä totuutta Turun yöstä.
      Kotimaiset julkkisjuorut
      28
      850
    3. Missä sinuun mies voisi

      näin pääsiäisenä vahingossa törmätä? Ei ilmeisesti missään?
      Ikävä
      69
      845
    4. Venäläisiä keksintöjä?

      Kun tässä nyt yritän miettiä venäläisiä keksintöjä, niin ei äkkiseltään tule oikein yhtään mieleen. Onko niitä edes?
      Maailman menoa
      259
      728
    5. Tiedän että on aika luovuttaa

      En vaan osaa. Liian kauan toivonut jotain, mikä ei koskaan tule toteutumaan. Olo ei ole mitenkään hyvä, mutta itken vähemmän kuin silloin kun sinuun r
      Ikävä
      64
      710
    6. Raviskalla tappo?

      Huhuja liikkuu et raviskalla ois joku laitettu kylymäksi?
      Oulainen
      10
      677
    7. Katumuksesta

      Pitkäperjantaina eräässä seurueessa puhuttiin katumisesta ja mitä itse kukin katuu. Yleisintä tuntui olevan pahasti sanominen jollekin läheiselle ja t
      Sinkut
      132
      671
    8. Et arvaa nainen, miten ikävä mulla on sinua.

      Sinua ei voi unohtaa. Pusu sulle musulle!
      Ikävä
      26
      644
    9. Sun mies on mun

      Sinun mies on yksin minun ja sinä et voi sille mitään.
      Ikävä
      77
      642
    10. Sisällissota kiihtyy Ruotsissa

      KaupunkiTaistelut koraanin puolesta kiihtyneet Linköpingissä ja Malmössä. Ruotsin poliisi joutunut vetäytymään suojiin. Päätän raporttini Ruotsista.
      Maailman menoa
      200
      635
    Aihe