vsnpstd.exe keylogger? (loki)

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by DooDi, Mar 14, 2008.

  1. DooDi

    DooDi Regular member

    Joined:
    Dec 23, 2006
    Messages:
    239
    Likes Received:
    0
    Trophy Points:
    26
    Kerran jäi yks accountti päälle koska oli keylogger päässyt jotenkin koneelle. Katsoin mitä prosesseja oli päällä ja huomasin tämän Vsnpstd.exen, testasin lopettaa prosessin, ja sitten pääsin takaisin accountille. En ole kuitenkaa varma onko tämä keylogger tai onko tämä joku joka auttaa keyloggeria. Kertokaa jos tiedätte että onko tämä vsnpstd.exe keylogger. Kiitos.

    Olen jättänyt kaksi riviä väliin että huomaisitte lokistani vsnpstd.exen

    Loki:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:12:24, on 14.3.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\program files\powerstrip\pstrip.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\Eero\Desktop\Eero\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMB32.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FCH32.EXE
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FAMEH32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsqh.exe
    C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\fsguidll.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    C:\Program Files\Elisa Tietoturvapalvelu\FSAUA\program\fsaua.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe
    C:\Program Files\Elisa Tietoturvapalvelu\FSAUA\program\fsus.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe
    C:\Program Files\Steam\steam.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wuauclt.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui


    O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe


    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [LDM] C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Documents and Settings\Eero\Desktop\Eero\Logitech\SetPoint\SetPoint.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: bw+0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {64A38ED5-F6F8-434D-9847-404EFBA71F8C} - C:\Documents and Settings\Eero\Desktop\Eero\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Documents and Settings\Eero\Desktop\avast v4.7.892\aswUpdSv.exe (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Documents and Settings\Eero\Desktop\avast v4.7.892\ashServ.exe (file missing)
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Documents and Settings\Eero\Desktop\avast v4.7.892\ashMaiSv.exe (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Documents and Settings\Eero\Desktop\avast v4.7.892\ashWebSv.exe (file missing)
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: NetLimiter (nlsvc) - Unknown owner - C:\Documents and Settings\Eero\Desktop\Eero\NetLimiter 2 Pro\nlsvc.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
    O24 - Desktop Component 0: (no name) - http://images.google.com/images?q=t...w.soaringpanda.com/gelblog/archives/orly.jpeg

    --
    End of file - 23438 bytes
     
    DooDi, Mar 14, 2008
    #1
  2. Hujo

    Hujo Guest

    Poista lisää poista sovelutuksesta

    Logitech Desktop Messenger


    scannaa hjt:llä merkkaa paina Fix checked

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O24 - Desktop Component 0: (no name) - http://images.google.com/images?q=tbn:3P...hives/orly.jpeg


    Sitten tämä


    O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
    Sonix PC Camera Monitor MFC Application

    ===============

    Koneella on virustorjunta ohjelmia seuraavat antivir avast f-secure
    Mikä noista olis käytössä
     
    Hujo, Mar 14, 2008
    #2
  3. DooDi

    DooDi Regular member

    Joined:
    Dec 23, 2006
    Messages:
    239
    Likes Received:
    0
    Trophy Points:
    26
    Siis mitä oot oikee selittäny? F-secure käytös ja Avira Antivir PersonalEdition Classic
     
    DooDi, Mar 14, 2008
    #3
  4. Hujo

    Hujo Guest

    Tuossa sitä selityksen aihetta

    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Documents and Settings\Eero\Desktop\avast v4.7.892\aswUpdSv.exe (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Documents and Settings\Eero\Desktop\avast v4.7.892\ashServ.exe (file missing)
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Documents and Settings\Eero\Desktop\avast v4.7.892\ashMaiSv.exe (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Documents and Settings\Eero\Desktop\avast v4.7.892\ashWebSv.exe (file missing)
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

    että tommosta... Yksi virustorjunta ja yksi palomuuri

    Jos f-secure käytöössä niin antivir pois
    avast pois
    sitten sygaten palomuuri pois
    sillä tuo tietoturvapalvelu
    tuossa f-securessa sisältää palomuurin

    ===========

    • Avaa HiJackThis
    • Klikkaa "Configure" valintaa oikealla alhaalla
    • Klikkaa "Misc Tools"
    • Klikkaa boxia joka sanoo "Uninstall Manager"
    • Klikkaa valintaa "Save list"
    • Kopioi ja liitä kyseinen lista muistiosta postiisi

    =======

    scannaa uusi hjt:n loki
     
    Last edited by a moderator: Mar 14, 2008
    Hujo, Mar 14, 2008
    #4
  5. DooDi

    DooDi Regular member

    Joined:
    Dec 23, 2006
    Messages:
    239
    Likes Received:
    0
    Trophy Points:
    26
    voisitko nyt sanoa mitä mun pitäs poistaa ja mitä ei. Mihin "postiin" se pitää laittaa.
     
    DooDi, Mar 14, 2008
    #5
  6. Hujo

    Hujo Guest

    otas toi nyt

    • Avaa HiJackThis
    • Klikkaa "Configure" valintaa oikealla alhaalla
    • Klikkaa "Misc Tools"
    • Klikkaa boxia joka sanoo "Uninstall Manager"
    • Klikkaa valintaa "Save list"
    • Kopioi ja liitä kyseinen lista muistiosta postiisi
     
    Hujo, Mar 14, 2008
    #6
  7. DooDi

    DooDi Regular member

    Joined:
    Dec 23, 2006
    Messages:
    239
    Likes Received:
    0
    Trophy Points:
    26
    Siis mitä mun pitää poistaa?
     
    DooDi, Mar 14, 2008
    #7
  8. Hujo

    Hujo Guest

    etkö saa tuota unistaal listaa otettua hjt:llä
     
    Hujo, Mar 14, 2008
    #8
  9. DooDi

    DooDi Regular member

    Joined:
    Dec 23, 2006
    Messages:
    239
    Likes Received:
    0
    Trophy Points:
    26
    saan mutta mitä mun pitäs UNINSTALLOIDA?
     
    DooDi, Mar 14, 2008
    #9

Share This Page