|
ihme työkalupalkki...miten pois
|
|
|
terhi4100
Member
|
16. syyskuuta 2005 @ 18:44 |
Linkki tähän viestiin
|
|
tai menee valikkoon mut jumaa siihen ohjeesee...
jees
|
|
ratnunter
Member
|
16. syyskuuta 2005 @ 20:26 |
Linkki tähän viestiin
|
|
koitetaas ihan kädestä pitäen:
avaa hijackthis
klikkaa go to misc tools section
sieltä pitäs löytyä kohta generate startuplist, laita rastit noihin ym kohtiin jotta tulee mahdollisimman paljon infoa lokiin
sitte vaan klikkaa generate startuplist log
tallenna se ja kopsaa sisältö tänne, se on aika iso loki joten jaa tarvittaessa vaikka kahtia
|
|
terhi4100
Member
|
17. syyskuuta 2005 @ 06:50 |
Linkki tähän viestiin
|
|
mitäs toi lokin lähettäminen hyövyttäs..se ois kiva tietää.ku ei siit lokist voi poistaa mitään..
mutta kerron sen että kone on nyt muuten selvästi parempi ja se kaivattu haittaohjelmakin lähti pois. KIITOS KEMISTILLE.
jees
|
|
terhi4100
Member
|
17. syyskuuta 2005 @ 07:17 |
Linkki tähän viestiin
|
tässä oli se startlist..löytyykö jotain outoo:) StartupList report, 17.9.2005, 10:45:31
StartupList version: 1.52.2
Started from : C:\HJT\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Kaspersky\mwavscan.com
C:\Kaspersky\kavss.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\Reijo\Käynnistä-valikko\Ohjelmat\Käynnistys]
*No files*
Shell folders AltStartup:
*Folder not found*
User shell folders Startup:
*Folder not found*
User shell folders AltStartup:
*Folder not found*
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys]
WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Shell folders Common AltStartup:
*Folder not found*
User shell folders Common Startup:
*Folder not found*
User shell folders Alternate Common Startup:
*Folder not found*
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*
[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cmaudio = RunDll32 cmicnfg.cpl,CMICtrlWnd
SiSUSBRG = C:\WINDOWS\SiSUSBrg.exe
zBrowser Launcher = C:\Program Files\Logitech\iTouch\iTouch.exe
NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
(Default) =
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
LVCOMSX = C:\WINDOWS\system32\LVCOMSX.EXE
LogitechVideoRepair = C:\Program Files\Logitech\Video\ISStart.exe
LogitechVideoTray = C:\Program Files\Logitech\Video\LogiTray.exe
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
SmcService = C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui
NaturalPoint =
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
Symantec NetDriver Monitor = C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe
MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
LogitechSoftwareUpdate = "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
MSMSGS = "C:\Program Files\Messenger\MSMSGS.EXE" /background
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents]
*No values found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command
(Default) = "%1" /S
--------------------------------------------------
File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command
(Default) = C:\WINDOWS\system32\mshta.exe "%1" %*
--------------------------------------------------
File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command
(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1
--------------------------------------------------
Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)
[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP
[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\msmsgs.inf,BLC.Install.PerUser
[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll
[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe
--------------------------------------------------
Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps
*Registry key not found*
--------------------------------------------------
Load/Run keys from C:\WINDOWS\WIN.INI:
load=*INI section not found*
run=*INI section not found*
Load/Run keys from Registry:
HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Checking for EXPLORER.EXE instances:
C:\WINDOWS\Explorer.exe: PRESENT!
C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present
--------------------------------------------------
Checking for superhidden extensions:
.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden
--------------------------------------------------
Verifying REGEDIT.EXE integrity:
- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Regedit.exe has no CompanyName property! It is either missing or named something else.
- Regedit.exe has no OriginalFilename property! It is either missing or named something else.
- Regedit.exe has no FileDescription property! It is either missing or named something else.
Registry check failed!
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
NAV Helper - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Symantec NetDetect.job
Norton AntiVirus - Tarkista tietokone.job
AFB3E96191849AE1.job
B2329EAC9099108C.job
--------------------------------------------------
Enumerating Download Program Files:
[Checkers Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31...
[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.microsoft.com/officeupdate/content/opuc.cab
[Java Plug-in 1.5.0_02]
InProcServer32 = C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
[MsnMessengerSetupDownloadControl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx
CODEBASE = http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
[ZoneIntro Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ZIntro.ocx
CODEBASE = http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
[CBreakshotControl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\Banksht2.dll
CODEBASE = http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
[Java Plug-in 1.4.2_06]
InProcServer32 = C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i...
[Java Plug-in 1.5.0_02]
InProcServer32 = C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\macromed\flash\Flash.ocx
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
[Solitaire Showdown Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\solitaireshowdown.dll
CODEBASE = http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
--------------------------------------------------
Enumerating Winsock LSP files:
NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
--------------------------------------------------
Enumerating Windows NT/2000/XP services
Microsoft ACPI Driver: system32\DRIVERS\ACPI.sys (system)
Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
AFD: \SystemRoot\System32\drivers\afd.sys (system)
Hälytys: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Sovelluskerroksen yhdyskäytäväpalvelu: %SystemRoot%\System32\alg.exe (manual start)
AMD K7 Processor Driver: system32\DRIVERS\amdk7.sys (system)
Sovellusten hallinta: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start)
Standardi IDE/ESDI-kiintolevyohjain: system32\DRIVERS\atapi.sys (system)
Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)
ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart)
ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start)
ATM ARP Client -protokolla: system32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audio Stub Driver: system32\DRIVERS\audstub.sys (manual start)
BITS-tausta-ajo (Background Intelligent Transfer Service): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Tietokoneiden selaus: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Closed Caption Decoder: system32\DRIVERS\CCDECODE.sys (manual start)
Symantec Event Manager: "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" (autostart)
Symantec Password Validation: "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe" (manual start)
Symantec Settings Manager: "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" (autostart)
CD-ROM-ohjain: system32\DRIVERS\cdrom.sys (system)
Indeksointipalvelu: %SystemRoot%\system32\cisvc.exe (manual start)
Leikekirja: %SystemRoot%\system32\clipsrv.exe (disabled)
C-Media WDM Audio Interface: system32\drivers\cmuda.sys (manual start)
COM+-järjestelmäsovellus: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Salauspalvelut: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Kodak Camera Proxy: system32\DRIVERS\DcCam.sys (system)
DcFpoint: system32\DRIVERS\DcFpoint.sys (manual start)
DCFS2K: system32\drivers\dcfs2k.sys (autostart)
Dcfssvc: %SystemRoot%\system32\drivers\dcfssvc.exe (autostart)
Legacy Polling Service: system32\DRIVERS\DcLps.sys (manual start)
DCOM-palvelinprosessin käynnistys: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
dcptp: system32\DRIVERS\DcPTP.sys (manual start)
DHCP-asiakas: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Levyohjain: system32\DRIVERS\disk.sys (system)
Loogisen levyn hallinnan valvontapalvelu: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
Loogisen levyn hallinta -ohjain: System32\drivers\dmio.sys (system)
dmload: System32\drivers\dmload.sys (system)
Loogisen levyn hallinta: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
DNS-asiakas: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
Virheraportointipalvelut: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Tapahtumaloki: %SystemRoot%\system32\services.exe (autostart)
COM+-tapahtumajärjestelmä: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start)
ewido security suite control: C:\Program Files\ewido\security suite\ewidoctrl.exe (autostart)
ewido security suite driver: \??\C:\Program Files\ewido\security suite\guard.sys (system)
ewido security suite guard: C:\Program Files\ewido\security suite\ewidoguard.exe (disabled)
Exportit: system32\DRIVERS\exportit.sys (system)
Nopean käyttäjän vaihdon yhteensopivuus: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Levykeaseman ohjain: system32\DRIVERS\fdc.sys (manual start)
Levykeasemaohjain: system32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\DRIVERS\fltMgr.sys (system)
Volume Manager -ohjain: system32\DRIVERS\ftdisk.sys (system)
Microsoft Generic AGPv3.0 -suodatin K8-suoritinympäristöjä varten: system32\DRIVERS\gagp30kx.sys (system)
Game Port Enumerator: system32\DRIVERS\gameenum.sys (manual start)
Yleinen paketinmääritys: system32\DRIVERS\msgpc.sys (manual start)
Ohjeet ja tuotetuki: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
HID (Human Interface Device) -liittymä: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i8042-näppäimistö ja PS/2-hiiriohjain: system32\DRIVERS\i8042prt.sys (system)
CD-Burning Filter Driver: system32\DRIVERS\imapi.sys (system)
CD-levyjen kirjoittamisen IMAPI COM -palvelu: C:\WINDOWS\system32\imapi.exe (manual start)
Windowsin IPv6-palomuurin ohjain: system32\DRIVERS\Ip6Fw.sys (manual start)
IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start)
IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start)
IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start)
IPSEC-ohjain: system32\DRIVERS\ipsec.sys (system)
IR Enumerator Service: system32\DRIVERS\irenum.sys (manual start)
PnP ISA/EISA -väyläohjain: system32\DRIVERS\isapnp.sys (system)
iTouch Keyboard Filter: system32\DRIVERS\itchfltr.sys (manual start)
Näppäimistön luokkaohjain: system32\DRIVERS\kbdclass.sys (system)
Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
Palvelin: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Työasema: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Logitech USB Monitor Filter: system32\drivers\lvusbsta.sys (manual start)
Machine Debug Manager: "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe" (autostart)
Viestinvälitys: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
NetMeeting etätyöpöydän jakaminen: C:\WINDOWS\system32\mnmsrvc.exe (manual start)
Hiiren luokkaohjain: system32\DRIVERS\mouclass.sys (system)
WebDav Client Redirector: system32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: system32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start)
Windows Installer -ohjelma: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service -välityspalvelin: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft-järjestelmänhallinnan BIOS-ohjain: system32\DRIVERS\mssmbios.sys (manual start)
Microsoft Streaming Tee/Sink-to-Sink -muunnin: system32\drivers\MSTEE.sys (manual start)
NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
Norton AntiVirus -ohjelman automaattinen suojaus: "C:\Program Files\Norton AntiVirus\navapsvc.exe" (autostart)
NAVENG: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050916.020\NAVENG.Sys (manual start)
NAVEX15: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050916.020\NavEx15.Sys (manual start)
Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start)
Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O -protokolla: system32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start)
NetBIOS-käyttöliittymä: system32\DRIVERS\netbios.sys (system)
NetBT: system32\DRIVERS\netbt.sys (system)
Verkon DDE: %SystemRoot%\system32\netdde.exe (disabled)
Verkon DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled)
Verkkokirjautuminen: %SystemRoot%\system32\lsass.exe (manual start)
Verkkoyhteydet: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
NLA-nimiavaruus (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
NT LM -suojaustuen toimittaja: %SystemRoot%\system32\lsass.exe (manual start)
Siirrettävät tallennusvälineet: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start)
Rinnakkaisporttiohjain: system32\DRIVERS\parport.sys (manual start)
PCI Bus Driver: system32\DRIVERS\pci.sys (system)
PCIIde: system32\DRIVERS\pciide.sys (system)
Logitech QuickCam Express(PID_0920): system32\DRIVERS\LV532AV.SYS (manual start)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
IPSEC-palvelut: %SystemRoot%\system32\lsass.exe (autostart)
WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start)
StarForce Protection Environment Driver v6: \SystemRoot\System32\drivers\prodrv06.sys (system)
StarForce Protection Helper Driver v2: System32\drivers\prohlp02.sys (system)
StarForce Protection Synchronization Driver v1: System32\drivers\prosync1.sys (system)
Suojattu tallennuspaikka: %SystemRoot%\system32\lsass.exe (autostart)
QoS-paketinajoitus: system32\DRIVERS\psched.sys (manual start)
Direct Parallel Link Driver: system32\DRIVERS\ptilink.sys (manual start)
PxHelp20: system32\DRIVERS\PxHelp20.sys (system)
Remote Access Auto Connection -ohjain: system32\DRIVERS\rasacd.sys (system)
Remote Access Auto Connection -hallinta: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
Etäkäytön (RAS) yhteyksienhallinta: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: system32\DRIVERS\raspppoe.sys (manual start)
Suora rinnakkainen: system32\DRIVERS\raspti.sys (manual start)
Rdbss: system32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Terminal Server Device Redirector -ohjain: system32\DRIVERS\rdpdr.sys (manual start)
Etätyöpöydän ohjeen istunnonhallinta: C:\WINDOWS\system32\sessmgr.exe (manual start)
Digital CD Audio Playback Filter Driver: system32\DRIVERS\redbook.sys (system)
Reititys ja etäkäyttö: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
Etärekisteri: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Etäproseduurikutsujen (RPC) paikannin: %SystemRoot%\system32\locator.exe (manual start)
Etäproseduurikutsu (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start)
Käyttöoikeustilien hallinta: %SystemRoot%\system32\lsass.exe (autostart)
SAVRT: \??\C:\Program Files\Norton AntiVirus\SAVRT.SYS (system)
SAVRTPEL: \??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS (system)
SAVScan: "C:\Program Files\Norton AntiVirus\SAVScan.exe" (autostart)
ScriptBlocking Service: C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (autostart)
Älykortti: %SystemRoot%\System32\SCardSvr.exe (manual start)
Tehtävien ajoitus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: system32\DRIVERS\secdrv.sys (autostart)
Toissijainen kirjautuminen: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Järjestelmätapahtuman ilmoitus: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum Filter -ohjain: system32\DRIVERS\serenum.sys (manual start)
Sarjaporttiohjain: system32\DRIVERS\serial.sys (system)
StarForce Protection Helper Driver: System32\drivers\sfhlp01.sys (system)
Windowsin palomuuri / Internet-yhteyden jakaminen (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Käyttöliittymän laitteistotunnistus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SiS AGP Filter: system32\DRIVERS\SISAGPX.sys (system)
SiS PCI Fast Ethernet Adapter Driver: system32\DRIVERS\sisnic.sys (manual start)
BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
Sygate Personal Firewall: C:\Program Files\Sygate\SPF\Smc.exe (autostart)
Symantec Network Drivers Service: "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" (manual start)
Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
Taustatulostusohjain: %SystemRoot%\system32\spoolsv.exe (autostart)
Järjestelmän palautussuodatin -ohjain: system32\DRIVERS\sr.sys (system)
Järjestelmän palauttaminen -palvelu: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Srv: system32\DRIVERS\srv.sys (manual start)
SSDP-palvelu (Simple Service Discovery Protocol): %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
WIA (Windows Image Acquisition): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
Ohjelmistoväyläohjain: system32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{CB69AE3E-EDAE-4A9E-87BA-888F1345DA91} (manual start)
SymEvent: \??\C:\Program Files\Symantec\SYMEVENT.SYS (manual start)
SYMREDRV: \SystemRoot\System32\Drivers\SYMREDRV.SYS (manual start)
SYMTDI: \SystemRoot\System32\Drivers\SYMTDI.SYS (system)
SymWMI Service: "C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe" (autostart)
Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
Resurssilokit ja -hälytykset: %SystemRoot%\system32\smlogsvc.exe (manual start)
Puhelin: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP-protokollaohjain: system32\DRIVERS\tcpip.sys (system)
Teefer for NT: SYSTEM32\Drivers\Teefer.sys (system)
Päätelaiteohjain: system32\DRIVERS\termdd.sys (system)
Päätepalvelut: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Teemat: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Telnet: C:\WINDOWS\system32\tlntsvr.exe (disabled)
Tiedostolinkkijäljityksen asiakas: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart)
Microcode Update -ohjain: system32\DRIVERS\update.sys (manual start)
Universal Plug & Play -laiteisäntä: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
UPS: %SystemRoot%\System32\ups.exe (manual start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
USB2 Enabled Hub: system32\DRIVERS\usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: system32\DRIVERS\usbohci.sys (manual start)
USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start)
USB-massamuistiohjain: system32\DRIVERS\USBSTOR.SYS (manual start)
VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
Aseman tilannevedos: %SystemRoot%\System32\vssvc.exe (manual start)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start)
Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
SyGate for NT, wg3n: \SystemRoot\SYSTEM32\Drivers\wg3n.sys (autostart)
WMI-palvelu (Windows Management Instrumentation): %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Kannettavan mediasoittimen sarjanumeropalvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WMI-palvelun ohjainlaajennukset: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WMI resurssisovitin: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start)
wpsdrvnt: \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (system)
Tietoturvakeskus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start)
Automaattiset päivitykset: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Verkon käyttöönottopalvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
--------------------------------------------------
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
Windows NT checkdisk command:
BootExecute = autocheck autochk *
Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\DOCUME~1\Reijo\LOCALS~1\Temp\A~NSISu_.exe
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
*Registry key not found*
--------------------------------------------------
End of report, 36 872 bytes
Report generated in 0,140 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
jees
|
|
terhi4100
Member
|
17. syyskuuta 2005 @ 07:30 |
Linkki tähän viestiin
|
|
kertokaa te vää paremmat tietäjät mitä tolle starhuplistalle pitää korjata tehä..mä en oikein älyä tost hijackista ku se on mulle uus ohjelma.:)
jees
|
|
ratnunter
Member
|
17. syyskuuta 2005 @ 11:57 |
Linkki tähän viestiin
|
|
tosa on syy miks se tulee aina takas
AFB3E96191849AE1.job
B2329EAC9099108C.job
noi scheduked tasksit
pistän myöhemmin tänänn ohjeita miten noist pääsee eroon, ny o vähä kiire
|
|
terhi4100
Member
|
17. syyskuuta 2005 @ 14:06 |
Linkki tähän viestiin
|
|
okei...hyvä ku autat.:)
jees
|
|
ratnunter
Member
|
17. syyskuuta 2005 @ 19:42 |
Linkki tähän viestiin
|
kopsaa quote boksissa oleva teksti notepadiin, tallenna nimellä
deljobs.bat
tallennustyppi kaikki tiedostot, muuten se ei toimi
Quote:
%systemdrive%
cd %WinDir%\Tasks
attrib -r -s AFB3E96191849AE1.job
attrib -r -s B2329EAC9099108C.job
del /q AFB3E96191849AE1.job
del /q B2329EAC9099108C.job
sitte tuplaklikkaa deljobs.bat
anna sen pyöriä ja käynnistä uudelleen
Kysymys, onko koneela useita käyttäjätilejä ?
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 06:01 |
Linkki tähän viestiin
|
|
2käyttäjää..
jees
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 06:13 |
Linkki tähän viestiin
|
|
voisitko selittää mahollisimman tarkasti mist löytyy notepadd ja toi mihin pitää talletaa, kun mulla ei nyt oikein toi äly riitä:)ja pitääkö ne kopsata tost startuplistasta:.:)
jees
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 06:23 |
Linkki tähän viestiin
|
|
nyt muuten tuli semmonen deljops.bat tiedosto ja sen ku avas tuli musta juttu ja se selas jotain...ollaanko vielä jäljillä, mitä neuvoit.
jees
|
|
ratnunter
Member
|
18. syyskuuta 2005 @ 07:49 |
Linkki tähän viestiin
|
|
hmm laita hijackthis lokit molemmilta käyttäjiltä
katotaan näkyykö LOPin jälkiä, tsekataan sit molemmilta käyttäjiltä onko lisää noita "jobeja"
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 08:00 |
Linkki tähän viestiin
|
must tuntuu et täl toisel käyttäjä tilil on samat ongelmat mitä mul oli ennen...samat haittaohjelmat...voitteko tsekata pitääkö paikkansa. Logfile of HijackThis v1.99.1
Scan saved at 11:57:27, on 18.9.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Sygate\SPF\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Video\ManifestEngine.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ozuvvkbqhxfn.net/dvAU48v9ZBn7xLlukIIgaKV0oNnhYI2_YJT9o9oDh...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fhhhhorikgjhiq.com/dvAU48v9ZBnNwdDrls/bcQwztGcqioDCPkr...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Msn Configuration Loader] msngms.exe
O4 - HKCU\..\Run: [Bore heck] C:\DOCUME~1\m\APPLIC~1\SIZELI~1\Bash4.exe
O4 - Global Startup: WinZIP Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Norton AntiVirus -ohjelman automaattinen suojaus (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
jees
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 08:01 |
Linkki tähän viestiin
|
|
ja outoo ku kone oli vasta nopeampi...mut yhtä äkkiä kone on taas hidaS ainakin käynistäessä....hrrrrrr...MÄ VIHAAN NÄITÄ TIETOKONEITA!!!!!
jees
|
|
ratnunter
Member
|
18. syyskuuta 2005 @ 08:25 |
Linkki tähän viestiin
|
joo, ongelma on se et tooi lop asentaa noi scheduled tasksit, jotka asentaa infktion ain uudestaan vaikka se välillä fiksataankin :(
fiksaa nämä:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ozuvvkbqhxfn.net/dvAU48v9ZBn7xLlukIIgaKV0oNnhYI2_YJT9o9oDh...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fhhhhorikgjhiq.com/dvAU48v9ZBnNwdDrls/bcQwztGcqioDCPkr...
O4 - HKCU\..\Run: [Msn Configuration Loader] msngms.exe
O4 - HKCU\..\Run: [Bore heck] C:\DOCUME~1\m\APPLIC~1\SIZELI~1\Bash4.exe
sitte buuttaa vikasietoon ja poista ;
C:\DOCUME~1\m\APPLIC~1\SIZELI~1<<--tää kansio, sen nimi on pidempi mut se alkaa kirjaimilla SIZELI
msngms.exe<< tää tiedosto, etsi käyttäen windowsin etsintää ja poista
laita sit lokit molemmilta käyttäjiltä
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 09:04 |
Linkki tähän viestiin
|
|
ei onnistu poistaminen vikasieto tilassa..ei löydy noita tiedostoja SIZELI JNE..ja ei löydy myöskää windows etsinnällä tota msngms.exe.
jees
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 09:07 |
Linkki tähän viestiin
|
tos ois uus loki...mut niitte sizelin ja msngms poisto ongelmallista.Logfile of HijackThis v1.99.1
Scan saved at 13:05:12, on 18.9.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: WinZIP Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Norton AntiVirus -ohjelman automaattinen suojaus (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
jees
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 09:10 |
Linkki tähän viestiin
|
ja viel täs toisenkäyttäjätilin loki...tsekatkaa siit:)Logfile of HijackThis v1.99.1
Scan saved at 13:08:20, on 18.9.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Sygate\SPF\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - Global Startup: WinZIP Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Norton AntiVirus -ohjelman automaattinen suojaus (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
jees
|
|
ratnunter
Member
|
18. syyskuuta 2005 @ 10:47 |
Linkki tähän viestiin
|
joo noisa ei näkyny
kopioi quote boksin sisältö notepadiin, tallenna minellä findjobs.bat
tallrnnustyyppi kaikki tiedostot
Quote:
@ECHO OFF
dir %Windir%\tasks /a h > files.txt
notepad files.txt
del /q files.txt
notepadin ikkunan pitäs aueta, laita sen sisältö tänne
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 10:51 |
Linkki tähän viestiin
|
|
siinä...:)@ECHO OFF
dir %Windir%\tasks /a h > files.txt
notepad files.txt
del /q files.txt
jees
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 10:52 |
Linkki tähän viestiin
|
|
siin tää on oikea:)
Aseman C nimi on BOOT
Aseman sarjanumero on 416E-E5AB
Kansio C:\WINDOWS\tasks
14.10.2004 21:02 <KANSIO> .
14.10.2004 21:02 <KANSIO> ..
09.10.2001 15:00 65 desktop.ini
18.09.2005 14:28 6 SA.DAT
18.09.2005 14:00 356 Symantec NetDetect.job
18.09.2005 14:00 240 AFB3E96191849AE1.job
18.09.2005 14:00 256 B2329EAC9099108C.job
5 tiedosto(a) 923 tavua
Kansio C:\HJT
jees
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 10:53 |
Linkki tähän viestiin
|
|
onko toi oikea loki ees..mikä piti lähettäää
jees
|
|
ratnunter
Member
|
18. syyskuuta 2005 @ 11:08 |
Linkki tähän viestiin
|
oikee on
jostain syystä se deljobs ei skulannut ;(
koitetaan uudestaan muuta vikaiedossa
eli
kopsaa quote boksissa oleva teksti notepadiin, tallenna nimellä
deljobs.bat
tallennustyppi kaikki tiedostot, muuten se ei toimi
Quote:
%systemdrive%
cd %WinDir%\Tasks
attrib -r -s AFB3E96191849AE1.job
attrib -r -s B2329EAC9099108C.job
del /q AFB3E96191849AE1.job
del /q B2329EAC9099108C.job
buuttaa vikasietotilaan
sitte tuplaklikkaa deljobs.bat
anna sen pyöriä ja käynnistä uudelleen
sitte aja find jobs.bat uudelleen
ja laita taas notepadista loki
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 11:33 |
Linkki tähän viestiin
|
|
Aseman C nimi on BOOT
Aseman sarjanumero on 416E-E5AB
Kansio C:\WINDOWS\tasks
siin ois
14.10.2004 21:02 <KANSIO> .
14.10.2004 21:02 <KANSIO> ..
09.10.2001 15:00 65 desktop.ini
18.09.2005 15:30 6 SA.DAT
18.09.2005 14:00 356 Symantec NetDetect.job
18.09.2005 15:00 240 AFB3E96191849AE1.job
18.09.2005 15:00 256 B2329EAC9099108C.job
5 tiedosto(a) 923 tavua
Kansio C:\HJT
jees
|
|
Mainos
|
|
|
|
terhi4100
Member
|
18. syyskuuta 2005 @ 11:34 |
Linkki tähän viestiin
|
|
toiha on samallainen...ei näytä eroavan.
edellisestä
jees
|
