HjT logi

tuhero · Jan 18, 2006

Tässä olis kaverin koneen HjT logi, varmasti löytyy paljon paskaa jotta voisitteko ystävällisesti neuvoa mitä tehdä:

Logfile of HijackThis v1.99.1
Scan saved at 15:20:30, on 18.1.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
E:\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
E:\Elisa tietoturvapalvelu\Anti-Virus\fsgk32st.exe
E:\Elisa tietoturvapalvelu\Anti-Virus\FSGK32.EXE
E:\Elisa tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
E:\Elisa tietoturvapalvelu\Common\FSMA32.EXE
C:\WINDOWS\System32\nvsvc32.exe
E:\Elisa tietoturvapalvelu\Common\FSMB32.EXE
E:\Elisa tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\svchost.exe
E:\Elisa tietoturvapalvelu\Common\FCH32.EXE
E:\Elisa tietoturvapalvelu\Common\FAMEH32.EXE
E:\Elisa tietoturvapalvelu\Anti-Virus\fsav32.exe
E:\Elisa tietoturvapalvelu\Anti-Virus\fsrw.exe
E:\Elisa tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Documents and Settings\lauri\My Documents\MsgPlus.exe
D:\PROGRA~1\MICROS~1\GAMECO~1\common\swtrayv4.exe
E:\program files\powerstrip\pstrip.exe
E:\Elisa tietoturvapalvelu\Common\FSM32.EXE
E:\Elisa tietoturvapalvelu\FSGUI\ispnews.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
E:\ELISAT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
E:\Elisa tietoturvapalvelu\backweb\4119343\Program\fspex.exe
E:\Elisa tietoturvapalvelu\FSGUI\fsguidll.exe
E:\MOZILLA\FIREFOX.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
E:\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
C:\WINDOWS\Explorer.EXE
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.bestwebslinks.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.hbdmpjirdk.com/OgenVFGL0uBhKyTBaB1tVWvb12NGddIl45sNmbIiu6U26IscULZqL9YI7zgu/LMp.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bestwebslinks.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bestwebslinks.com/search.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.bestwebslinks.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53A13A08-ECD2-D0D2-0362-CE21607691F5} - C:\DOCUME~1\lauri\APPLIC~1\BIASLO~1\mfcd flaw.exe (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll (file missing)
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\lauri\My Documents\MsgPlus.exe"
O4 - HKLM\..\Run: [KAZAA] "E:\Program Files\Kazaa Lite K++\kpp.exe" "E:\Program Files\Kazaa Lite K++\KazaaLite.kpp" /SYSTRAY
O4 - HKLM\..\Run: [SideWinderTrayV4] D:\PROGRA~1\MICROS~1\GAMECO~1\common\swtrayv4.exe
O4 - HKLM\..\Run: [PowerStrip] e:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [NvCplScan] nvsc32.exe
O4 - HKLM\..\Run: [RegSvr32] C:\WINDOWS\system32\msmsgs.exe
O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe
O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\system32\intell32.exe
O4 - HKLM\..\Run: [F-Secure Manager] "E:\Elisa tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "E:\Elisa tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "E:\Elisa tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "E:\Elisa tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [Ping Site Idol Eggs] C:\Documents and Settings\All Users\Application Data\vc settings ping site\LESSCOMP.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\RunServices: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [Close Pile] C:\DOCUME~1\lauri\APPLIC~1\TRAYLO~1\About Bows.exe
O4 - HKCU\..\Run: [Steam] "e:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "E:\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\TPT Registry_Cleaner (Trial)\regclean.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Documents and Settings\lauri\My Documents\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = E:\Elisa tietoturvapalvelu\backweb\4119343\Program\fspex.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - E:\Elisa tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - E:\Elisa tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - E:\Elisa tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O18 - Protocol: bw+0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Elisa Tietoturvapalvelu (BackWeb Client - 4119343) - BackWeb Technologies Inc. - E:\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - E:\Elisa tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - E:\Elisa tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - E:\Elisa tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - E:\Elisa tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\alcohol\Alcohol 120\Alcohol 120\StarWind\StarWindService.exe

Tonski · Jan 18, 2006

Nuo ainakin pitää fixata:

O2 - BHO: (no name) - {53A13A08-ECD2-D0D2-0362-CE21607691F5} - C:\DOCUME~1\lauri\APPLIC~1\BIASLO~1\mfcd flaw.exe (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll (file missing)

Tuokin olisi fixattavien joukossa:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.hbdmpjirdk.com/OgenVFGL0uBhKyTBaB1tVWvb12NGddIl45sNmbI...

[bold]Odota että joku ammattilainen vahvistaa nämä!!![/bold]

tuhero · Jan 18, 2006

UP

spertti · Jan 18, 2006

@Tonski. Hyvin löysit taas noita epäköhtia, mutta nyt oli kyllä vaikea loki aloittelijalle =)

@tuhero. Toi ketjun ylösnostaminen on paitsi turhaa, myös todella ärsyttävää. Kyllä me nämä katsotaan heti kun keritään muutenkin!

Kyllä nyt täytyy sanoa, että on koneessa paljon örkkejä!
Väittäisin, että suurin syy tähän löytyy tuosta Kazaa ohjelmasta. Eli otapa nyt näiden fixien jälkeen neuvosta vaari, ja vaihda johonkon toiseen ohjelmaan!

Fixaa nämä HjT:lla

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.bestwebslinks.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.hbdmpjirdk.com/OgenVFGL0uBhKyTBaB1tVWvb12NGddIl45sNmbI...
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bestwebslinks.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bestwebslinks.com/search.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.bestwebslinks.com/
O2 - BHO: (no name) - {53A13A08-ECD2-D0D2-0362-CE21607691F5} -
C:\DOCUME~1\lauri\APPLIC~1\BIASLO~1\mfcd flaw.exe (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll (file missing)
O4 - HKLM\..\Run: [Ping Site Idol Eggs] C:\Documents and Settings\All Users\Application Data\vc settings ping site\LESSCOMP.exe
O4 - HKLM\..\Run: [NvCplScan] nvsc32.exe
O4 - HKLM\..\Run: [RegSvr32] C:\WINDOWS\system32\msmsgs.exe
O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\system32\intell32.exe
O4 - HKCU\..\Run: [Close Pile] C:\DOCUME~1\lauri\APPLIC~1\TRAYLO~1\About Bows.exe
O4 - HKLM\..\RunServices: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe

Laita piilotiedostot näkyviin, ohje ->
http://keskustelu.afterdawn.com/thread_view.cfm/248944

Hae Ewido > http://keskustelu.afterdawn.com/thread_view.cfm/269186
Asenna ja päivitä, mutta älä tee vielä muuta

Käynnistä vikasietotilaan ( F8 käynnistyksen yhteydessä )

Poista seuraavat jos löytyy:

C:\DOCUME~1\lauri\APPLIC~1\BIASLO~1\mfcd flaw.exe
C:\WINDOWS\system32\msmsgs.exe
C:\WINDOWS\system32\intell32.exe
C:\DOCUME~1\lauri\APPLIC~1\TRAYLO~1\About Bows.exe
C:\Documents and Settings\All Users\Application Data\vc settings ping site\LESSCOMP.exe
Skannaa Ewidolla vikasiedossa, ja tallenna raportti. Anna poistaa kaikki minkä löytää.

Laita uusi loki, ja Ewidon raportti

Tonski · Jan 19, 2006

@Tonski. Hyvin löysit taas noita epäköhtia, mutta nyt oli kyllä vaikea loki aloittelijalle =)
Click to expand...

No kiitosta. Olisi kiva jos pistäisit taas niitä "testejä" yksityisviestinä. Puhdistin jo yhden kaverin koneen ja sillä vapautui 12% kovosta.

tuhero · Jan 24, 2006

Tässä nyt viimein tää uus loki:

Logfile of HijackThis v1.99.1
Scan saved at 11:34:46, on 25.1.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
E:\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
E:\ewido anti-malware\ewidoctrl.exe
E:\Elisa tietoturvapalvelu\Anti-Virus\fsgk32st.exe
E:\Elisa tietoturvapalvelu\Anti-Virus\FSGK32.EXE
E:\Elisa tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
E:\Elisa tietoturvapalvelu\Common\FSMA32.EXE
C:\WINDOWS\System32\nvsvc32.exe
E:\Elisa tietoturvapalvelu\Common\FSMB32.EXE
E:\Elisa tietoturvapalvelu\Anti-Virus\fssm32.exe
E:\Elisa tietoturvapalvelu\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
E:\Elisa tietoturvapalvelu\Common\FAMEH32.EXE
E:\Elisa tietoturvapalvelu\Anti-Virus\fsav32.exe
E:\Elisa tietoturvapalvelu\Anti-Virus\fsrw.exe
E:\Elisa tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Documents and Settings\lauri\My Documents\MsgPlus.exe
D:\PROGRA~1\MICROS~1\GAMECO~1\common\swtrayv4.exe
E:\program files\powerstrip\pstrip.exe
E:\Elisa tietoturvapalvelu\Common\FSM32.EXE
E:\ELISAT~1\ANTI-S~1\fsaw.exe
E:\Elisa tietoturvapalvelu\FSGUI\ispnews.exe
E:\Elisa tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
c:\progra~1\intern~1\iexplore.exe
E:\program files\steam\steam.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
E:\Elisa tietoturvapalvelu\backweb\4119343\Program\fspex.exe
E:\MOZILLA\FIREFOX.EXE
C:\WINDOWS\Explorer.EXE
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.bestwebslinks.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\lauri\My Documents\MsgPlus.exe"
O4 - HKLM\..\Run: [KAZAA] "E:\Program Files\Kazaa Lite K++\kpp.exe" "E:\Program Files\Kazaa Lite K++\KazaaLite.kpp" /SYSTRAY
O4 - HKLM\..\Run: [SideWinderTrayV4] D:\PROGRA~1\MICROS~1\GAMECO~1\common\swtrayv4.exe
O4 - HKLM\..\Run: [PowerStrip] e:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe
O4 - HKLM\..\Run: [F-Secure Manager] "E:\Elisa tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "E:\Elisa tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "E:\Elisa tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "E:\Elisa tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [Ping Site Idol Eggs] C:\Documents and Settings\All Users\Application Data\vc settings ping site\LESSCOMP.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [Steam] "e:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "E:\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\TPT Registry_Cleaner (Trial)\regclean.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Documents and Settings\lauri\My Documents\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Close Pile] C:\DOCUME~1\lauri\APPLIC~1\TRAYLO~1\About Bows.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = E:\Elisa tietoturvapalvelu\backweb\4119343\Program\fspex.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - E:\Elisa tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - E:\Elisa tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - E:\Elisa tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O18 - Protocol: bw+0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {92D606EA-5A55-4E0B-A1D7-47CB47B3F07F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Elisa Tietoturvapalvelu (BackWeb Client - 4119343) - BackWeb Technologies Inc. - E:\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
O23 - Service: ewido security suite control - ewido networks - E:\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - E:\ewido anti-malware\ewidoguard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - E:\Elisa tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - E:\Elisa tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - E:\Elisa tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - E:\Elisa tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\alcohol\Alcohol 120\Alcohol 120\StarWind\StarWindService.exe

Ja sitten sen verta oli onkelmaa että ewido ei mee loppuun asti millään, monta kertaa on testannu ja aina jumii lopussa. En tiiä missä on vika :S

aaxxeell · Jan 25, 2006

Onko tuo KaZaa tarpeellinen, meinaan sisältää paljon pahoja örkkejä, suosittelenkin tilalle DC++ tai eMule. Eli mikäli vain mahdollista niin Ohjauspaneelista poisto.
Messenger Plus taitaakin olla sponsoriohjelmalla?

Ohjauspaneeli
Lisää/poista sovellus
Poista:
Messenger Plus 3
(Kazaa)

Kokeiles tuota -> http://www.thespykiller.co.uk/files/lopremover.exe
Aja se, käynnistä kone uudestaan.

Fixaa seuraavat:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.bestwebslinks.com/
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\lauri\My Documents\MsgPlus.exe"
O4 - HKLM\..\Run: [KAZAA] "E:\Program Files\Kazaa Lite K++\kpp.exe" "E:\Program Files\Kazaa Lite K++\KazaaLite.kpp" /SYSTRAY
O4 - HKLM\..\Run: [SideWinderTrayV4] D:\PROGRA~1\MICROS~1\GAMECO~1\common\swtrayv4.exe
O4 - HKLM\..\Run: [PowerStrip] e:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [Ping Site Idol Eggs] C:\Documents and Settings\All Users\Application Data\vc settings ping site\LESSCOMP.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKCU\..\Run: [Close Pile] C:\DOCUME~1\lauri\APPLIC~1\TRAYLO~1\About Bows.exe

Päivitä ewido

<<<<<<<<<<<<<<<<<<<<<<Avaa Vikasietotila>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Poista:
C:\Documents and Settings\All Users\Application Data\-->vc settings ping site<--\
C:\DOCUME~1\lauri\APPLIC~1\-->TRAYLO~1<--\
C:\Documents and Settings\lauri\My Documents\-->MsgPlus.exe

Kokeile nyt ajaa koko kone ewidolla ja tallenna raportti.

Onkos tämä sinun asentama ja tarpeellinen?
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\TPT Registry_Cleaner (Trial)\regclean.exe"

Laita uusi Hjt ja ewidon raportti.

Log in or Sign up

HjT logi

tuhero Guest

Tonski Regular member

tuhero Guest

spertti Active member

Tonski Regular member

tuhero Guest

aaxxeell Regular member

Share This Page

Log in or Sign up

HjT logi

tuhero Guest

Tonski Regular member

tuhero Guest

spertti Active member

Tonski Regular member

tuhero Guest

aaxxeell Regular member

Share This Page

Useful Searches