1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Naapurin pojan HJT

Discussion in 'Virukset ja haittaohjelmat' started by saumeri, May 3, 2006.

Page 2 of 2
  1. saumeri

    saumeri Member

    Joined:
    Mar 28, 2006
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    11
    Sitä kansiota ei kuulemma pysty poistamaan.

    Logfile of HijackThis v1.99.1
    Scan saved at 19:08:00, on 9.5.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMB32.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FCH32.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FAMEH32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsrw.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\hphmon06.exe
    C:\HP\KBD\KBD.EXE
    C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Xfire\Xfire.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\rsvp.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\HJT\HijackThis_v1.99.1.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q305&bd=pavilion&pf=desktop
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://elisa.net/paketti/haku.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q305&bd=pavilion&pf=desktop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q305&bd=pavilion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q305&bd=pavilion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q305&bd=pavilion&pf=desktop
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q305&bd=pavilion&pf=desktop
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Toimittaja Elisa Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;<local>;localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Surf Roam] C:\DOCUME~1\HP_OMI~1\APPLIC~1\SOFTIN~1\up mess live.exe
    O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Blazing Angels Squadrons of WWII Demo\RegistrationReminder.exe
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll
    O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra button: SMS-viesti - {5EF4ACC6-861A-48A9-B4BA-BB0DD9191D21} - http://sms.kolumbus.fi/ (file missing) (HKCU)
    O9 - Extra button: Tuki - {86655270-2297-4AE8-BBB4-011F6322B70B} - http://tuki.elisa.net/ (file missing) (HKCU)
    O9 - Extra button: Palvelut - {E2C3A1F9-2C3F-4370-BD4B-887D8F815DFB} - http://service.kolumbus.fi/ (file missing) (HKCU)
    O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O18 - Protocol: bw+0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {C462064C-64D6-4588-8742-59CDC4260247} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Elisa Tietoturvapalvelu (BackWeb Plug-in - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown owner - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe (file missing)
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    [TRACE] Enumerating jobs and queues
    [TRACE] Activating job 'Scheduled scanning task.job'
    [TRACE] Printing all job properties

    siinä kaikkii

    ApplicationName: 'C:\PROGRA~1\ELISAT~1\ANTI-V~1\fsav.exe'
    Parameters: ' /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\ELISAT~1\ANTI-V~1\report.txt '
    WorkingDirectory: 'C:\PROGRA~1\ELISAT~1\ANTI-V~1'
    Comment: 'F-Secure Anti-Virus -ohjelman lisäämä tehtävä.'
    Creator: 'SYSTEM'
    Priority: NORMAL
    MaxRunTime: INFINITE
    IdleWait: 5
    IdleDeadline: 999
    MostRecentRun: 00/00/0000 0:00:00
    NextRun: 05/12/2006 0:00:00
    StartError: SCHED_S_TASK_HAS_NOT_RUN
    ExitCode: 0
    Status: SCHED_S_TASK_HAS_NOT_RUN
    ScheduledWorkItem Flags:
    DeleteWhenDone = 0
    Suspend = 0
    StartOnlyIfIdle = 1
    KillOnIdleEnd = 0
    RestartOnIdleResume = 0
    DontStartIfOnBatteries = 0
    KillIfGoingOnBatteries = 0
    RunOnlyIfLoggedOn = 0
    SystemRequired = 0
    Hidden = 0
    TaskFlags: 0

    1 Trigger

    Trigger 0:
    Type: Weekly
    WeeksInterval: 1
    DaysOfTheWeek: .....F.
    StartDate: 05/09/2006
    EndDate: 00/00/0000
    StartTime: 00:00
    MinutesDuration: 0
    MinutesInterval: 0
    Flags:
    HasEndDate = 0
    KillAtDuration = 0
    Disabled = 0
     
    saumeri, May 9, 2006
    #21
  2. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Kerro tämän kansion tarkka polku, niin kerron kyllä miten se poistetaan :)
    C:\DOCUME~1\HP_OMI~1\APPLIC~1\SOFTIN~1\

    Eli siis varmaan C:\Documents and settings\HP_Omistaja\Application Data\Softin ja jotain?
     
    -kemisti-, May 9, 2006
    #22
  3. saumeri

    saumeri Member

    Joined:
    Mar 28, 2006
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    11
    C:\Documents and settings\HP_Omistaja\Application Data\Soft info second
     
    saumeri, May 10, 2006
    #23
  4. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    1. Lataa The Avenger työpöydällesi(c) http://swandog46.geekstogo.com/avenger.zip
    [*]Klikkaa Avenger.zip filua avataksesi sen.
    [*]Pura Avenger.exe työpöydällesi.
    2. Kopioi kaikki teksti mustalla lainausboksissa alapuolella tyhjälle muistiolle: (alkaen Folders to delete:)


    Huomaa: yläpuolella oleva skripti on luotu erityisesti tälle käyttäjälle. Jos et ole tämä henkilö, ÄLÄ seuraa näitä ohjeita koska ne voisivat pilata koneesi toimintoja.

    3. Nyt, aukaise The Avenger tupla-klikkaamalla sen kuvaketta pöydälläsi.
    [*]"Script file to execute" alapuolelta valitse "Input Script Manually".
    [*]Nyt klikkaa suurennuslasin kuvaa joka avaa uuden ikkunan nimeltä "View/edit script".
    [*] Liitä se teksti jonka kopioit muistioon, tähän ikkunaan.
    [*] Klikkaa Done.
    [*] Nyt klikkaa ]vihreää valoa aloittaaksesi skriptin.
    [*] Klikkaa "Yes" kun tulee kaksi varoitusboksia.
    Avenger tekee automaattisesti seuraavat:
    [*] Käynnistää koneesi.
    [*] Käynnistyksen yhteydessä, se lyhyesti avaa mustan komentoikkunan työpöydällesi, tämä on normaalia.
    [*] Käynnistyksen jälkeen, se luo lokitiedoston] jonka pitäisi aueta Avengerin tekojen tuloksena. Tämän lokin tiedostopolku on C:\avenger.txt
    [*] Avenger on myös tehnyt varmuuskopion kaikista tiedostoista jne.. jotka pyysit sen poistaa, ja on pakannut ja siirtänyt ne zip filuihin polussa C:\avenger\backup.zip.
    5. Kopioi ja liitä kaikki sisältö tiedostosta avenger.txt vastaukseesi tuoreen HJT lokin mukana.
     
    -kemisti-, May 10, 2006
    #24
  5. saumeri

    saumeri Member

    Joined:
    Mar 28, 2006
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    11
    Moi taas. Kopioidaanko myös tuo Folders to Delete-lause?
     
    saumeri, May 11, 2006
    #25
  6. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Kyllä kopioidaan.

    Kopioit tämän alla olevan tekstin:

    Folders to delete:
    C:\Documents and settings\HP_Omistaja\Application Data\Soft info second
     
    -kemisti-, May 11, 2006
    #26
  7. saumeri

    saumeri Member

    Joined:
    Mar 28, 2006
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    11
    OK, kiitos.
     
    saumeri, May 11, 2006
    #27
Page 2 of 2

Share This Page