Tossa olis toi hjt-loki... Ite en näistä ihan hirveästi tajua, mutta jos joku vähän älykkäämpi ihminen voisi auttaa ja kertoa miten noista örkeistä pääsee eroon. Löytyy varmaan muutakin kuin tuo spyfalcon mutta se nyt olisi tässä päälimmäisenä murheena. Logfile of HijackThis v1.99.1 Scan saved at 0:34:25, on 5.3.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\EWIDO anti-malware\ewidoctrl.exe C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\EWIDO anti-malware\ewidoguard.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Common\FSMB32.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\Program Files\Hp-photosmart\HP Software Update\HPWuSchd.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\winamp\winampa.exe C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\quicktime\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Hp-photosmart\Digital Imaging\bin\hpqtra08.exe C:\Program Files\F-Secure\FSGUI\fsguiexe.exe C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\ohjelmatiedostot\Office\OFFICE11\WINWORD.EXE C:\Program Files\Microsoft Works\WkDStore.exe C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\EWIDO anti-malware\SecuritySuite.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\SpyFalcon\SpyFalcon.exe C:\WINDOWS\system32\rundll32.exe C:\HJT\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.fi R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fi R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.fi R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fi R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hp-photosmart\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [WinampAgent] C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\winamp\winampa.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\quicktime\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SpyFalcon] C:\Program Files\SpyFalcon\SpyFalcon.exe /h O4 - HKCU\..\Run: [PicoZip] C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\pico\PicoZip\PicoZipTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp-photosmart\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\DOCUME~1\Markus\TYÖPÖYTÄ\MUNTIE~1\OHJELM~1\Office\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\DOCUME~1\Markus\TYÖPÖYTÄ\MUNTIE~1\OHJELM~1\Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1129141103812 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: ewido security suite control - ewido networks - C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\EWIDO anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\EWIDO anti-malware\ewidoguard.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
Tota noin... Käväsin tossa huvin ja urheilun vuoksi F-securen sivuilla kattelemassa tietoa spyfalconista, sieltä löyty tollanen .zip tiedosto minkä lataamalla koneelle luvattiin et spyfalcon lähtee. Tossa linkki: http://www.f-secure.com/sw-desc/spyaxe.shtml Ja ainakaan ku käynnistin koneen uudelleen ni sitä spyfalconin tekemää varotusilmotusta ei hyökänny tohon ruutuun. Ajoin sit uudelleen ton HjT-login, eikä sielläkään näkyny merkkejä falconista.. olisko mahollista et toi olis jopa toiminu? Tässä olis kuitenki viel toi uusin HjT-logi tarkistettavaksi. Logfile of HijackThis v1.99.1 Scan saved at 11:02:05, on 5.3.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\EWIDO anti-malware\ewidoctrl.exe C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\EWIDO anti-malware\ewidoguard.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Common\FSMB32.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\Program Files\Hp-photosmart\HP Software Update\HPWuSchd.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\winamp\winampa.exe C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\quicktime\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\F-Secure\FSGUI\fsguiexe.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Hp-photosmart\Digital Imaging\bin\hpqtra08.exe C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HJT\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.fi R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fi R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.fi R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fi R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hp-photosmart\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [WinampAgent] C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\winamp\winampa.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\quicktime\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [PicoZip] C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\pico\PicoZip\PicoZipTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp-photosmart\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\DOCUME~1\Markus\TYÖPÖYTÄ\MUNTIE~1\OHJELM~1\Office\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\DOCUME~1\Markus\TYÖPÖYTÄ\MUNTIE~1\OHJELM~1\Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1129141103812 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: ewido security suite control - ewido networks - C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\EWIDO anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Documents and Settings\Markus\Työpöytä\mun tiedostot\Ohjelmatiedostot\EWIDO anti-malware\ewidoguard.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
Fiksaa tämä vielä eli avaa hijackthis, paina do a system scan only ja merkkaa tämä: O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab[/b] Ja paina fix cheked
