Hijackthis oppaassa kerrottiin pasteemaan esim. jonnekkin voorumiin tää logi jotta paremmin tietävät voisivat kertoa mitä noista kuuluisi poistaa Joten viitsisikö expertit avittaa mua Logfile of HijackThis v1.99.1 Scan saved at 22:33:44, on 26.6.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\MSI\Live Update 3\LMonitor.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\CAPRPCSK.EXE C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Microsoft Office\Office\1035\OLFSNT40.EXE C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\CAPPSWK.EXE C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure Internet Security\backweb\4476822\Program\fspex.exe C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE C:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe C:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE C:\Program Files\F-Secure Internet Security\Common\FCH32.EXE C:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE C:\Program Files\F-Secure Internet Security\Anti-Virus\fsav32.exe C:\Program Files\F-Secure Internet Security\FSPC\fspc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure Internet Security\FSGUI\fsguiexe.exe C:\WINDOWS\System32\wuauclt.exe E:\eMule\emule.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\nyberg\Työpöytä\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure Internet Security\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [CAPON] C:\WINDOWS\System32\Spool\Drivers\w32x86\3\CAPONN.EXE O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1035\OLFSNT40.EXE O4 - Global Startup: Canon LBP-810 tilaikkuna.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Web-suodatin - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Näytä &Web-sivuluettelo... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: &Keskeytä Web-sivujen suodatus - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: &Kiellä tämä Web-sivusto - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: &Salli tämä Web-sivusto - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?111 6912614436 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: F-Secure Internet Security 2005 (BackWeb Plug-in - 4476822) - Unknown owner - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSPC\fshttps\fshttps.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
Virukset ja haittaohjelmat-alue on näille mutta no samapa tuo.. täältä huomataan yhtähyvin joten älä ihmeessä sinne tee toista samanlaista sinne odotellaan että expertti-Toymaatti tulis auttaa sua kohta
Jotenki tosi ärsyttävää lukee tota logia kun se on noin hajallaan. En tuossa äkkiseltään huomaa mitään muuta kuin tuon. O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing Ei välttämättä tarpeen, mutta tuolta löytyy ohjeet korjaamiseen. http://keskustelu.afterdawn.com/thread_view.cfm/190953 Ja sitten tietenkin tuo windowsin päivitys pitäis hoitaa kohdalleen. Älä kuitenkaan päivitä ennen kuin logi on varmasti puhdas = Toymaatti. HJT:n oikea paikka C:\hjt\hijackthis.exe, Eli c:n juuressa omassa kansiossa.
