Spyware infection....
|
|
JANI86
Member
|
13. joulukuuta 2005 @ 15:22 |
Linkki tähän viestiin
|
jo elikkäs tommonen tuli ja tossa olis toi logi jos joku vois auttaa tämän ongelman poistamisessa.
Logfile of HijackThis v1.99.1
Scan saved at 20:21:37, on 13.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
D:\FTP\FileZilla Server\FileZilla Server.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\WINDOWS\system32\cmd32.exe
D:\Windows AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
D:\Windows AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\z11.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\HijackThis 1.99.1\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [FileZilla Server Interface] "D:\FTP\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\system32\cmd32.exe internat.dll,LoadKeyboardProfile
O4 - HKLM\..\Run: [gcasServ] "D:\Windows AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - Startup: Microsoft Office Pikahaku.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O12 - Plugin for .: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/games/common/ieell.cab O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x8... O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicr... O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://gw.tallinnlv.ee:11082/activex/AxisCamControl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O18 - Protocol: bw+0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE (file missing)
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:\FTP\FileZilla Server\FileZilla Server.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
|
AfterDawn Addict
|
13. joulukuuta 2005 @ 15:32 |
Linkki tähän viestiin
|
Fixaa HjT:llä (do a system scan only, merkkaa ja paina fix checked):
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
Hae ewido -> http://www.ewido.net/en/download
Asenna, päivitä, skannaa. Anna poistaa, mitä löytää ja tallenna raportti. Lähetä uusi HjT-loki ja ewidon raportti tänne.
Onko sulla siis sellainen taustakuva kun "spyware infection" vai mikä?
|
JANI86
Member
|
13. joulukuuta 2005 @ 15:34 |
Linkki tähän viestiin
|
Kyllä näin on.
|
AfterDawn Addict
|
13. joulukuuta 2005 @ 15:44 |
Linkki tähän viestiin
|
Selvä. Toimi noiden aiempien ohjeiden mukaan ja lisäksi:
Klikkaa työpöydällä oikealla hiiren nappulalla -> ominaisuudet -> työpöytä -> mukauta työpöytää -> web-välilehti.
Katso, jos siellä on jotain security-juttua, niin poista se. Jos siellä näkyy jotain muuta outoa, niin kerro myös siitä.
|
JANI86
Member
|
13. joulukuuta 2005 @ 16:16 |
Linkki tähän viestiin
|
tossa olis toi Ewidon raportti:
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 21:12:28, 13.12.2005
+ Report-Checksum: 81A4A4A9
+ Scan result:
[2536] C:\WINDOWS\system32\z11.exe -> Hijacker.Spywad.l : Error during cleaning
C:\boot.inx -> Dropper.Paradrop.a : Cleaned with backup
:mozilla.9:C:\Documents and Settings\nimi\Application Data\Mozilla\Firefox\Profiles\yuvx5lef.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.11:C:\Documents and Settings\nimi\Application Data\Mozilla\Firefox\Profiles\yuvx5lef.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.12:C:\Documents and Settings\nimi\Application Data\Mozilla\Firefox\Profiles\yuvx5lef.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.13:C:\Documents and Settings\nimi\Application Data\Mozilla\Firefox\Profiles\yuvx5lef.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.15:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.16:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.17:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.18:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.19:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.22:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.31:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.32:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.34:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.35:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.36:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.44:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.45:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.49:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.50:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.52:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.54:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.55:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.58:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.59:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@microsofteup.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\fdsf -> Hijacker.Spywad.l : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Käynnistä-valikko\Ohjelmat\SpySheriff -> Spyware.SpySheriff : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Käynnistä-valikko\Ohjelmat\SpySheriff\SpySheriff.lnk -> Spyware.SpySheriff : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Local Settings\Temp\Cookies\nimi nimi@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Local Settings\Temp\Cookies\nimi nimi@rotator.adjuggler[1].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\wdcevf -> Downloader.Small.bwr : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\zxczxc -> Downloader.Small.cah : Cleaned with backup
C:\WINDOWS\desktop.html -> Hijacker.Generic : Cleaned with backup
::Report End
Ja tässä olis hjt-logi:
Logfile of HijackThis v1.99.1
Scan saved at 21:15:06, on 13.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
D:\FTP\FileZilla Server\FileZilla Server.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
D:\Windows AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
D:\Windows AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\z11.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\ewido\security suite\ewidoctrl.exe
D:\ewido\security suite\ewidoguard.exe
D:\HijackThis 1.99.1\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [FileZilla Server Interface] "D:\FTP\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [gcasServ] "D:\Windows AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Microsoft Office Pikahaku.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O12 - Plugin for .: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Share...bin/AvSniff.cab
O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/games/common/ieell.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5...b?1108821806021
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/20040...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://gw.tallinnlv.ee:11082/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: bw+0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE (file missing)
O23 - Service: ewido security suite control - ewido networks - D:\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\ewido\security suite\ewidoguard.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:\FTP\FileZilla Server\FileZilla Server.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 6. marraskuuta 2009 @ 20:48
|
JANI86
Member
|
13. joulukuuta 2005 @ 16:20 |
Linkki tähän viestiin
|
Eipä tuolla web-välilehdessä näytä olevan mitään security juttua.
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 13. joulukuuta 2005 @ 16:53
|
ratnunter
Member
|
13. joulukuuta 2005 @ 17:30 |
Linkki tähän viestiin
|
@kemisti: toi on spywad, vähän wanhempi örkki samaa sarjaa, tässä fiksi:
imuroi
http://www.thespykiller.co.uk/files/spywadfix.exe tuplaklikkaa, pura kansioon, se käynnistää automaattisesti remove spywad.vbs skriptin
jos virustorjuntasi hälyttää niin anna skriptin pyöriä, se ei ole virus
pitäs aueta laatikko, kopioi/liitä siihen laatikkoon tää rivi:
C:\WINDOWS\system32\z11.exe
ja paina enter jos tarvii
toi skripti tekee seuraavaa:
Quote: The script will kill that process, backup and then delete any matching files in System32 and your Windows Directory. It will create a log of all files deleted. This log file will be named Spywad.txt and be located inside the C:\Spywad Folder. The backups will also be located in two subfolders there. One named Systems and the other named Window.
The script will search the Windows Directory and delete desktop.html and popup.html if they exist. It will add entries to the log if these files are found and deleted.
It will then kill Explorer. You will lose your taskbar and desktop. It will repair the registry entries returning your windows default desktop and context menu functions.
It will restart Explorer.
lopuksi aukeaa hijackthis ei mitään fiksattavaa joten sulje se
käynnistä uudelleen, vikasietotilaan
vedä uus skannaus ewidolla, tällä kertaa anna sen poistaa löydökset
tallenna sen raportti
käynnistä uudelleen, laita uusi hjt loki, spywadfiksin loki ja ewidon raportti tänne
|
JANI86
Member
|
14. joulukuuta 2005 @ 04:30 |
Linkki tähän viestiin
|
Mistä ton spywadfiksin login saa?
mut tässä on toi hjt loki:
Logfile of HijackThis v1.99.1
Scan saved at 9:27:41, on 14.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Windows AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
D:\Windows AntiSpyware\gcasDtServ.exe
D:\ewido\security suite\ewidoctrl.exe
D:\ewido\security suite\ewidoguard.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
D:\FTP\FileZilla Server\FileZilla Server.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
D:\HijackThis 1.99.1\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [FileZilla Server Interface] "D:\FTP\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [gcasServ] "D:\Windows AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Microsoft Office Pikahaku.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O12 - Plugin for .: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Share...bin/AvSniff.cab
O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/games/common/ieell.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5...b?1108821806021
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/20040...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://gw.tallinnlv.ee:11082/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: bw+0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE (file missing)
O23 - Service: ewido security suite control - ewido networks - D:\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\ewido\security suite\ewidoguard.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:\FTP\FileZilla Server\FileZilla Server.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
Ja tässä ewido:
--------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 9:22:15, 14.12.2005
+ Report-Checksum: 17FAF705
+ Scan result:
C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\spywad\Systems\Backupz11 -> Hijacker.Spywad.l : Cleaned with backup
C:\WINDOWS\system32\z13.exe -> Downloader.Small.cah : Cleaned with backup
::Report End
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 6. marraskuuta 2009 @ 20:50
|
JANI86
Member
|
14. joulukuuta 2005 @ 04:33 |
Linkki tähän viestiin
|
Tää on varmaanki se Spywadfiksin logi ehkä tai ainakin tuolla oli spywad niminen kansio ja siellä spywad tekstitiedosto:
13.12.2005 22:36:53
C:\WINDOWS\system32\z11.exe
|
JANI86
Member
|
14. joulukuuta 2005 @ 05:02 |
Linkki tähän viestiin
|
Semmosta vielä että suurin osa työpöydällä olevista kuvakkeista on hävinnyt, enään on noi Windowsin omat kuvakkeet tai itseasiassa kaikki paitsi windowsin omat kuvakkeet on jäljellä.
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 14. joulukuuta 2005 @ 05:04
|
ratnunter
Member
|
14. joulukuuta 2005 @ 06:25 |
Linkki tähän viestiin
|
joo
toi fiksi tekee sen et se restauroi windowsin oletustyöpöydän, eli joudut lisään noi omat kuvakkeesi..
muuten näyttää puhtaalta
|
ratnunter
Member
|
14. joulukuuta 2005 @ 06:29 |
Linkki tähän viestiin
|
vielä sellasta että usimmiten noi spywaren poistotyökalut on amerikkalaisten tekemiä, niinku toi spywadfix:kin, ( tekijä Mosaic1), niissä ei aina ole otettu huomioon suomalaisten, ja muunkinmaalaisten lokalisoitujen windows-versioiden erityispiirteitä.. tosta voi sillon tällön seurata ongelmia
|
Senior Member
|
14. joulukuuta 2005 @ 07:36 |
Linkki tähän viestiin
|
@ratnunter
Ohjelmanhan sivuvaikutuksista on hieman etukäteen tiedotettava.
Se ei auta kun sitä lopuksi vain enään toteaa että tekipä se nyt hiukan muutaki haittaa sen puhdistuksen lisäksi.
|
JANI86
Member
|
14. joulukuuta 2005 @ 07:49 |
Linkki tähän viestiin
|
Kiitoksia vaan kauhian paljo.
|
JANI86
Member
|
14. joulukuuta 2005 @ 07:54 |
Linkki tähän viestiin
|
Mikäs muuten tää Ewido niinku on, onko se vähän samantyylinen kuin Ad-Aware, Spybot tai F-Secure, mutta parempi. Eli voiko sillä korvata F-Securen.
|
ratnunter
Member
|
14. joulukuuta 2005 @ 09:12 |
Linkki tähän viestiin
|
@aaxxeell
mitähän mä tossa ylempänä lainasin:
Quote: The script will search the Windows Directory and delete desktop.html and popup.html if they exist. It will add entries to the log if these files are found and deleted.
It will then kill Explorer. You will lose your taskbar and desktop. It will repair the registry entries returning your windows default desktop and context menu functions.
It will restart Explorer.
en tie montako kertaa oot spywadfixin tehny mut toi on paras tapa, muuten se ei lähde kovin helpolla
ei ewido voi fsecurea korvata, siitä puuttuu virusten löytökyky kokonaan, mutta se on hyvä ja ilmainen lisä
|
Mainos
|
|
|
Senior Member
|
14. joulukuuta 2005 @ 09:46 |
Linkki tähän viestiin
|
@ratnunter
jep toi lainaus jää vaan sivuun pahasti ja sitä en kiistä etteikö hyvä ja toimivin tapa olisi.
ja Ad-Aware + Spybot rinnalle tuo ewido on hyvä ratkaisu.
|