Juu eli lähiaikoina koneen käynnistämiseen on kulunut normaalia suurempi aika, muutenkin kone on hieman tökkinyt. Joten voisitteko kertoa onko koneessa jotain? Logfile of HijackThis v1.99.1 Scan saved at 21:14:44, on 15.5.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2800.1106) Running processes: D:\D\WINDOWS\System32\smss.exe D:\D\WINDOWS\system32\csrss.exe D:\D\WINDOWS\system32\winlogon.exe D:\D\WINDOWS\system32\services.exe D:\D\WINDOWS\system32\lsass.exe D:\D\WINDOWS\system32\svchost.exe D:\D\WINDOWS\system32\svchost.exe D:\D\WINDOWS\System32\svchost.exe D:\D\WINDOWS\System32\svchost.exe D:\D\WINDOWS\System32\svchost.exe D:\D\WINDOWS\Explorer.EXE D:\D\WINDOWS\system32\spoolsv.exe D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe D:\D\WINDOWS\System32\atievxx.exe D:\Program Files\Alwil Software\Avast4\ashServ.exe D:\D\WINDOWS\System32\svchost.exe D:\D\WINDOWS\System32\wdfmgr.exe D:\Program Files\MessengerPlus! 3\MsgPlus.exe D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe D:\Program Files\Winamp\winampa.exe D:\D\WINDOWS\System32\ctfmon.exe D:\Program Files\Messenger\MSMSGS.EXE D:\D\WINDOWS\System32\wuauclt.exe D:\Program Files\Alwil Software\Avast4\ashWebSv.exe D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe D:\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = D:\windows\system32\blank.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://messenger.msn.com/flash/?mkt=fi-fi&version=7,0,60,0 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe O4 - HKCU\..\Run: [CTFMON.EXE] D:\D\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\MSMSGS.EXE" /background O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Unknown owner - D:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
Fixaa seuraava, eli do a system scan only, laita rasti seuraavaan ja fix checked: R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = D:\windows\system32\blank.htm Hae täältä -> http://www.ewido.net/en/download ewido, asenna, päivitä ja skannaa. Anna poistaa mitä löytää, tallenna raportti. Lähetä ewidon raportti ja uusi HjT-loki.
@Sorfet Suosittelen koneelle Hosts-tiedostoa, sillä blokkaat haittasivustot ja samalla yleensä haittaohjelmat toki, ennekuin ehdit edes ottaa yhteyttä palvelimeen. Ohjeeni -> http://keskustelu.afterdawn.com/thread_view.cfm/320373
