Palvelun tarjoaja katkaisee koneeni netti yhteyden haittaohjelman takia

Jonniz · Jan 4, 2007

Eli mun palvelun tarjoaja katkaisee netti yhteyden haittaohjelman vuoksi: Automaattinen tietoliikennejärjestelmämme on havainnut, että teidän tieto- koneenne käyttämän IP-osoitteen kautta lähtee Internettiin haitallista liikennettä.

Kaikki liikenne IP-osoitteenne kautta Internettiin on tämän vuoksi estetty,

Tietokoneenne IP-osoitteesta on havaittu lähtevän roskapostitukselle tyypillistä liikennettä[2] Internettiin.

Yleisin syy tähän on tietokoneeseenne tarttunut virus tai haittaohjelma, joka lähettää sähköpostina virus/roskapostiviestejä muille käyttäjille. Ilman järjestelmämme väliintuloa tämä haittaisi niin teidän kuin muidenkin verkon käyttäjien liikennöintiä, koska verkko kuormittuisi ohjelman muille käyttäjille lähettämistä lukuisista virus/roskaviesteistä.

ja tässä on sitte tämä hijackthis ohjelman logi:
Logfile of HijackThis v1.99.1
Scan saved at 18:39:02, on 4.1.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\program files\powerstrip\pstrip.exe
C:\WINDOWS\System32\winsecurityxp\mswinup.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jonnis\Työpöytä\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MSWindowsUpdate] C:\WINDOWS\System32\winsecurityxp\mswinup.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] E:\Pelit\HL\Steam.exe -silent
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = E:\Pelit\Ghost Recon 3\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O18 - Protocol: bw+0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

Kaveri sanoi että osaisitte auttaa mua tämän kanssa eli mitä seuraavaksi?

hannu71 · Jan 4, 2007

en hokannut palomuuria lokistasi ilmaisia palomuureja löytyy tuolta http://keskustelu.afterdawn.com/thread_view.cfm/162275

hijackthis omaan kansioon C:\HJT\HijackThis.exe esim. noin

lopeta tehtävien hallinnasta (ctrl+alt+delete) seuraavat:
C:\WINDOWS\System32\winsecurityxp\mswinup.exe

Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.

Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi:

Käynnistä tietokone

Kun kuulet koneen piippaavan, paina F8, kuitenkin ennen Windowsin logon esiintuloa

Seuraavaksi pitäisi ilmestyä valikko

Valitse valikosta vikasietotila.

Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.

Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.

Paina Y käynnistääksesi skriptin.

Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".

Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.

Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.

Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".

Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.

Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis lokin kera.

Avaa HijackThis, klikkaa do a system scan only, merkkaa nämä rivit. Sitten sulje kaikki muut ikkunat ja paina fix checked.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [MSWindowsUpdate] C:\WINDOWS\System32\winsecurityxp\mswinup.exe

laita tarvittaessa piilotiedostot näkyviin. ohje
mene vikasietotilaan. ohje

poista seuraavat:
C:\WINDOWS\System32\winsecurityxp\mswinup.exe

käynnistä kone normaali tilaan ja laita piilotiedostot takaisin piiloon.

Hae eScan
http://koti.mbnet.fi/pattaya1/escanmwav.htm
Tee ohjeiden mukaan päivitys ja aja koko kone läpi.

Lopuksi lähetä uusi hjt loki ja eScan örkki tulokset eli se alempi laatikko.

Jonniz · Jan 4, 2007

Juu kiitos paljon. Elikäs tässä on HiJackThis ohjelman nykyinen logi:
Logfile of HijackThis v1.99.1
Scan saved at 23:01:49, on 4.1.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\program files\powerstrip\pstrip.exe
E:\Pelit\HL\Steam.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\VentriloMIX\Ventrilo 2.1.4.exe
C:\Kaspersky\mwavscan.com
C:\Kaspersky\kavss.exe
C:\Program Files\mIRC\mirc.exe
E:\Muuta\SSC\ssClientWin.exe
e:\pelit\hl\steamapps\maqes\counter-strike\hl.exe
E:\HJT\HijackThis_v1.99.1.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] E:\Pelit\HL\Steam.exe -silent
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = E:\Pelit\Ghost Recon 3\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O18 - Protocol: bw+0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {5CD800C1-BBF1-428E-8157-33E4E11370F6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

Tässä Escanin Logi:
File C:\Documents and Settings\Jonnis\Omat tiedostot\Vastaanotetut tiedostot\ela¨ma¨ ja teot, salkku infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.

File C:\Program Files\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.617. No Action Taken.

File C:\Program Files\Mozilla Firefox\SmitfraudFix\Reboot.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.

File C:\System Volume Information\_restore{4751D5EB-870E-4EEA-B764-5F9D1A16EFAC}\RP118\A0031462.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.

File C:\System Volume Information\_restore{4751D5EB-870E-4EEA-B764-5F9D1A16EFAC}\RP118\A0031466.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.

File E:\SmitfraudFix\Reboot.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.

File E:\SmitfraudFix.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.

Ja tässä tuon SDFix report:
SDFix: Version 1.54
****************

to 04.01.2007 - 21:55:06,15

Microsoft Windows XP [versio 5.1.2600]

Running From: C:\SDFix

Stage One - Safe Mode

Checking Services...

Service Name:

File Path:

Starting Registry Repairs...

Restoring Default Hosts File...

Stage One Complete

Rebooting...

Stage Two - Normal Mode

Checking For Malware:
--------------------

C:\WINDOWS\system32\mswinup.exe

Backing Up and Removing any Files Found...

Alternate Stream Check:

C:\WINDOWS\system32
No streams found.
Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*isabled:Logitech Desktop Messenger"
"%SystemDir%\\winsecurityxp\\mswinup.exe"="%SystemDir%\\winsecurityxp\\mswinup.exe:*:Enabled:Internet Explorer"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Checking for files with Hidden Attributes:

C:\NTDETECT.COM
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys

FINISHED!

hannu71 · Jan 5, 2007

Käynnistä -> Suorita ->kirjoita kenttään Regedit
Seuraa polkua

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

Etsi "%SystemDir%\\winsecurityxp\\mswinup.exe klikkaa hiiren oikealla napilla ja valitse poista.

Muokkaa -> käyttöoikeudet -> täydet oikeudet regeditissä, jos ei ole oikeuksia poistaa.

Putsaa järjestelmänpalautus:

1. Klikkaa oikealla käynnistävalikon My Computer- tai oma tietokone-kuvaketta
2. Valitse Ominaisuudet.
3. Valitse Järjestelmän palauttaminen- välilehti.
4. Valitse "Poista järjestelmän palauttaminen käytöstä".
5. Paina Käytä.
6. Paina OK.
7. Käynnistä kone uudelleen
8. Tee kohdat 1.-3.
9. Ota rasti pois kohdasta "Poista järjestelmän palauttaminen käytöstä"
10. Tee kohdat 5. ja 6.

tee uusi palautus piste.

Sitten olisi kiireesti haettava sp2 windows updatesta
ja muut tärkeät päivitykset!!!

Palomuuri asiasta et antanut infoa lokissa ei näkynnyt Jos käytät windowsin omaa palomuuria, nii se ei oo tarpeeksi hyvä.Kuten jo nyt varmaan tiedät. Ylempänä olevassa viestissä oli linkki ilmaisiin palomuureihin.

Muuten lokit näyttää olevan ok.

Log in or Sign up

Palvelun tarjoaja katkaisee koneeni netti yhteyden haittaohjelman takia

Jonniz Member

hannu71 Regular member

Jonniz Member

hannu71 Regular member

Share This Page

Log in or Sign up

Palvelun tarjoaja katkaisee koneeni netti yhteyden haittaohjelman takia

Jonniz Member

hannu71 Regular member

Jonniz Member

hannu71 Regular member

Share This Page

Useful Searches