Koneella viiruksia,netti hidastelee

ssepe · Jul 20, 2006

netti on hidastunut todella paljon,paljon yli puolet. tässä ois tuo Hjt-logi.
Logfile of HijackThis v1.99.1
Scan saved at 23:38:43, on 20.7.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe
C:\PROGRA~1\TIETOT~1\ANTI-S~1\fsaw.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ylpqtnoqsqqzdcvbmybzrz.c...pQapDBrx_SQCwFQT2JJHreBJjtjR_PIbhC/YKT23.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uktyoxhqvbdpjtykpawsxovn.biz/vjS5jTQYSeE/CsReYWzc55yELUqayAA58huEL9gpPbc.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O2 - BHO: (no name) - {E3373239-D26E-53F8-A618-FC55BC5AE5F8} - C:\DOCUME~1\SEBAST~1\APPLIC~1\proccurb\eggs plus.exe (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\SEBAST~1\LOCALS~1\Temp\MsgPlusUninst.bat"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DR_S] C:\Program Files\DR_S\DR_S.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [HDDHealth] C:\Program Files\HDD Health\hddhealth.exe -wl
O4 - HKCU\..\RunOnce: [remititit13915] C:\WINDOWS\system32\command.com /c del C:\DOCUME~1\SEBAST~1\APPLIC~1\TRUSTI~1\764.del
O4 - HKCU\..\RunOnce: [remititit5387] C:\WINDOWS\system32\command.com /c del C:\DOCUME~1\SEBAST~1\APPLIC~1\TRUSTI~1\764.del
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Tietoturvapalvelu.lnk = C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Tietoturvapalvelu (BackWeb Client - 227364) - BackWeb Technologies Inc. - C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe

kairis · Jul 20, 2006

Jep, koneellasi on LOP-tartunta.
Aloitetaan tällä:
Lataa Findlop
http://metallica.geekstogo.com/findlop.zip
pura zippi, tuplaklikkaa findlop.bat
loki on täällä -> C:\findlop.txt
Lähetä tuo findlopin txt.

ssepe · Jul 21, 2006

mitä lop-tartunta tarkalleen ottaen meinaa? ai siis kopioin sen tekstin tähän?

Marku2 · Jul 21, 2006

mitä lop-tartunta tarkalleen ottaen meinaa? ai siis kopioin sen tekstin tähän?
Click to expand...

Sitä en tiedä mitä lop tartunta meinaa, mutta koneessasi on se. Kyllä, kopiot se tekstin tähän, niin Kairis jatkaa koneesi puhdistusta.

ssepe · Jul 21, 2006

[TRACE] Enumerating jobs and queues
[TRACE] Activating job 'Scheduled scanning task.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\PROGRA~1\TIETOT~1\ANTI-V~1\fsav.exe'
Parameters: ' /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\TIETOT~1\ANTI-V~1\report.txt '
WorkingDirectory: 'C:\PROGRA~1\TIETOT~1\ANTI-V~1'
Comment: 'F-Secure Anti-Virus -ohjelman lisäämä tehtävä.'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: INFINITE
IdleWait: 5
IdleDeadline: 999
MostRecentRun: 07/14/2006 0:56:05
NextRun: 07/28/2006 0:00:00
StartError: S_OK
ExitCode: 0x2
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 1
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Weekly
WeeksInterval: 1
DaysOfTheWeek: .....F.
StartDate: 07/21/2006
EndDate: 00/00/0000
StartTime: 00:00
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0

kairis · Jul 21, 2006

No, jatketaan sitten näin:
Sulje selaimet ja muut ohjelmat, käynnistä HijackThis, klikkaa” do a system scan only ”. Sulje kaikki muut ikkunat, merkkaa nämä rivit ja paina Fix checked :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uktyoxhqvbdpjtykpawsxovn.biz/vjS5jTQYSeE/CsReYWzc55yEL...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ylpqtnoqsqqzdcvbmybzrz.com/rjFGq4Q2J0eexdEbjVitpHp/pQa..
O2 - BHO: (no name) - {E3373239-D26E-53F8-A618-FC55BC5AE5F8} - C:\DOCUME~1\SEBAST~1\APPLIC~1\proccurb\eggs plus.exe (file missing)
O4 - HKCU\..\Run: [DR_S] C:\Program Files\DR_S\DR_S.exe
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\SEBAST~1\LOCALS~1\Temp\MsgPlusUninst.bat"
O4 - HKCU\..\RunOnce: [remititit13915] C:\WINDOWS\system32\command.com /c del C:\DOCUME~1\SEBAST~1\APPLIC~1\TRUSTI~1\764.del
O4 - HKCU\..\RunOnce: [remititit5387] C:\WINDOWS\system32\command.com /c del C:\DOCUME~1\SEBAST~1\APPLIC~1\TRUSTI~1\764.del

Laita piilotiedostot näkyviin. Ohje: http://www.virustorjunta.net/module...Yleisohjeita+ongelmatilanteiden+ratkaisuun#40

Käynnistä vikasietotilaan. Ohje:
http://www.virustorjunta.net/module...Yleisohjeita+ongelmatilanteiden+ratkaisuun#37

Seuraavaksi poistat seuraavat kansiot/tiedostot vaikka Oman tietokoneen kautta:
C:\DOCUMENTS AND SETTINGS\SEBAST~1\APPLIC~1\>>>proccurb<<
C:\DOCUME~1\SEBAST~1\LOCALS~1\>>>Temp<<<tyhjennä
C:\DOCUME~1\SEBAST~1\APPLIC~1\>>>TRUSTI~1<<<
C:\Program Files\>>>DR_S <<<
Tyhjennä roskakori.

Käynnistä kone uudelleen.

Laita piilotiedostot takaisin piiloon (Teet niin kuin aikaisemmin mutta valitset "Älä näytä piilotettuja tiedostoja ja kansioita")

Lähetä uusi HJT-loki

aaxxeell · Jul 21, 2006

@ Marku2
@ ssepe

Lop.comista kuvas (englanniksi), kiitos googlen!
-> http://www3.ca.com/securityadvisor/pest/pest.aspx?id=59266
-> http://en.wikipedia.org/wiki/C2.LOP
-> http://www.spywareinfo.com/articles/lop/

ssepe · Jul 21, 2006

Logfile of HijackThis v1.99.1
Scan saved at 16:02:43, on 21.7.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\PROGRA~1\TIETOT~1\ANTI-S~1\fsaw.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uktyoxhqvbdpjtykpawsxovn.biz/vjS5jTQYSeE/CsReYWzc55yELUqayAA58huEL9gpPbc.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [HDDHealth] C:\Program Files\HDD Health\hddhealth.exe -wl
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Tietoturvapalvelu.lnk = C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {E2344931-BC2B-49A5-9A77-04214A9E0811} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Tietoturvapalvelu (BackWeb Client - 227364) - BackWeb Technologies Inc. - C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe

mitään noista tiedostoista ei löytynyt sillon kun koitin vikasietotilassa. ainoa mikä onnistui oli tempin tyhjennys.

kairis · Jul 21, 2006

Laitoitko piilotiedostot näkyviin?

ssepe · Jul 21, 2006

laitoin.

kairis · Jul 21, 2006

Ok, fixaa vielä tämä:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uktyoxhqvbdpjtykpawsxovn.biz/vjS5jTQYSeE/CsReYWzc55yEL...

Lähetä uusi HJT-loki.

ssepe · Jul 21, 2006

ok,odotappas.

ssepe · Jul 21, 2006

laitoin hjt:n päälle ja laitoin do a system scan only. laitoin tuohon mihin äsken sanoit raksin ja painoin "fix checked". miten voi olla mahdollista että kun laitoin että se tallentaa sen login tuohon kansioon siinä logissa näkyy vieläkin se sama?

kairis · Jul 21, 2006

Selvitellään, odota rauhassa...
Lähetä kuitenkin se uusi HJT-loki.

ssepe · Jul 21, 2006

mistäköhän tuo lop-tartunta oisi sitten voinut tulla?

kairis · Jul 21, 2006

Käytä Etsi-toimintoa:
Laita hakusanaksi proccurb
Kerro mitä löytyi ja mistä.
Samoin laita hakusanaksi DR ja kerro jos löytyi.

ssepe · Jul 21, 2006

sen trustitch kansion pystyi poistamaan.Muita ei löytynyt.

kairis · Jul 21, 2006

Käytä Etsi-toimintoa:
Laita hakusanaksi proccurb
Kerro mitä löytyi ja mistä.
Samoin laita hakusanaksi DR ja kerro jos löytyi.

ssepe · Jul 21, 2006

proccurb <-- tuota ei ainakaan löytynyt. koitan vielä sitä toista.

ssepe · Jul 21, 2006

eikä löytynyt sitä dr_s.

Log in or Sign up

Koneella viiruksia,netti hidastelee

ssepe Regular member

kairis Regular member

ssepe Regular member

Marku2 Regular member

ssepe Regular member

kairis Regular member

aaxxeell Regular member

ssepe Regular member

kairis Regular member

ssepe Regular member

kairis Regular member

ssepe Regular member

ssepe Regular member

kairis Regular member

ssepe Regular member

kairis Regular member

ssepe Regular member

kairis Regular member

ssepe Regular member

ssepe Regular member

Share This Page

Log in or Sign up

Koneella viiruksia,netti hidastelee

ssepe Regular member

kairis Regular member

ssepe Regular member

Marku2 Regular member

ssepe Regular member

kairis Regular member

aaxxeell Regular member

ssepe Regular member

kairis Regular member

ssepe Regular member

kairis Regular member

ssepe Regular member

ssepe Regular member

kairis Regular member

ssepe Regular member

kairis Regular member

ssepe Regular member

kairis Regular member

ssepe Regular member

ssepe Regular member

Share This Page

Useful Searches