User Käyttäjä Salasana  
   
tiistai 24.12.2024 / 14:14
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > spyware infection....
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
Spyware infection....
  Siirry:
 
Kirjoittaja Viesti
JANI86
Member
_
13. joulukuuta 2005 @ 15:22 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
jo elikkäs tommonen tuli ja tossa olis toi logi jos joku vois auttaa tämän ongelman poistamisessa.

Logfile of HijackThis v1.99.1
Scan saved at 20:21:37, on 13.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
D:\FTP\FileZilla Server\FileZilla Server.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\WINDOWS\system32\cmd32.exe
D:\Windows AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
D:\Windows AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\z11.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\HijackThis 1.99.1\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [FileZilla Server Interface] "D:\FTP\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\system32\cmd32.exe internat.dll,LoadKeyboardProfile
O4 - HKLM\..\Run: [gcasServ] "D:\Windows AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - Startup: Microsoft Office Pikahaku.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O12 - Plugin for .: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/games/common/ieell.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x8...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicr...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://gw.tallinnlv.ee:11082/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: bw+0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE (file missing)
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:\FTP\FileZilla Server\FileZilla Server.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
AfterDawn Addict
_
13. joulukuuta 2005 @ 15:32 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Fixaa HjT:llä (do a system scan only, merkkaa ja paina fix checked):

O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe

Hae ewido -> http://www.ewido.net/en/download

Asenna, päivitä, skannaa. Anna poistaa, mitä löytää ja tallenna raportti. Lähetä uusi HjT-loki ja ewidon raportti tänne.

Onko sulla siis sellainen taustakuva kun "spyware infection" vai mikä?
JANI86
Member
_
13. joulukuuta 2005 @ 15:34 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Kyllä näin on.
AfterDawn Addict
_
13. joulukuuta 2005 @ 15:44 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Selvä. Toimi noiden aiempien ohjeiden mukaan ja lisäksi:

Klikkaa työpöydällä oikealla hiiren nappulalla -> ominaisuudet -> työpöytä -> mukauta työpöytää -> web-välilehti.
Katso, jos siellä on jotain security-juttua, niin poista se. Jos siellä näkyy jotain muuta outoa, niin kerro myös siitä.
JANI86
Member
_
13. joulukuuta 2005 @ 16:16 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
tossa olis toi Ewidon raportti:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 21:12:28, 13.12.2005
+ Report-Checksum: 81A4A4A9

+ Scan result:

[2536] C:\WINDOWS\system32\z11.exe -> Hijacker.Spywad.l : Error during cleaning
C:\boot.inx -> Dropper.Paradrop.a : Cleaned with backup
:mozilla.9:C:\Documents and Settings\nimi\Application Data\Mozilla\Firefox\Profiles\yuvx5lef.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.11:C:\Documents and Settings\nimi\Application Data\Mozilla\Firefox\Profiles\yuvx5lef.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.12:C:\Documents and Settings\nimi\Application Data\Mozilla\Firefox\Profiles\yuvx5lef.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.13:C:\Documents and Settings\nimi\Application Data\Mozilla\Firefox\Profiles\yuvx5lef.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.15:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.16:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.17:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.18:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.19:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.22:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.31:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.32:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.34:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.35:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.36:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.44:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.45:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.49:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.50:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.52:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.54:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.55:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.58:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.59:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@microsofteup.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\fdsf -> Hijacker.Spywad.l : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Käynnistä-valikko\Ohjelmat\SpySheriff -> Spyware.SpySheriff : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Käynnistä-valikko\Ohjelmat\SpySheriff\SpySheriff.lnk -> Spyware.SpySheriff : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Local Settings\Temp\Cookies\nimi nimi@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Local Settings\Temp\Cookies\nimi nimi@rotator.adjuggler[1].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\wdcevf -> Downloader.Small.bwr : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\zxczxc -> Downloader.Small.cah : Cleaned with backup
C:\WINDOWS\desktop.html -> Hijacker.Generic : Cleaned with backup


::Report End


Ja tässä olis hjt-logi:


Logfile of HijackThis v1.99.1
Scan saved at 21:15:06, on 13.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
D:\FTP\FileZilla Server\FileZilla Server.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
D:\Windows AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
D:\Windows AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\z11.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\ewido\security suite\ewidoctrl.exe
D:\ewido\security suite\ewidoguard.exe
D:\HijackThis 1.99.1\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [FileZilla Server Interface] "D:\FTP\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [gcasServ] "D:\Windows AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Microsoft Office Pikahaku.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O12 - Plugin for .: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Share...bin/AvSniff.cab
O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/games/common/ieell.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5...b?1108821806021
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/20040...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://gw.tallinnlv.ee:11082/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: bw+0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE (file missing)
O23 - Service: ewido security suite control - ewido networks - D:\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\ewido\security suite\ewidoguard.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:\FTP\FileZilla Server\FileZilla Server.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 6. marraskuuta 2009 @ 20:48

JANI86
Member
_
13. joulukuuta 2005 @ 16:20 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Eipä tuolla web-välilehdessä näytä olevan mitään security juttua.

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 13. joulukuuta 2005 @ 16:53

ratnunter
Member
_
13. joulukuuta 2005 @ 17:30 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
@kemisti: toi on spywad, vähän wanhempi örkki samaa sarjaa, tässä fiksi:

imuroi

http://www.thespykiller.co.uk/files/spywadfix.exe
tuplaklikkaa, pura kansioon, se käynnistää automaattisesti remove spywad.vbs skriptin

jos virustorjuntasi hälyttää niin anna skriptin pyöriä, se ei ole virus

pitäs aueta laatikko, kopioi/liitä siihen laatikkoon tää rivi:

C:\WINDOWS\system32\z11.exe


ja paina enter jos tarvii

toi skripti tekee seuraavaa:
Quote:
The script will kill that process, backup and then delete any matching files in System32 and your Windows Directory. It will create a log of all files deleted. This log file will be named Spywad.txt and be located inside the C:\Spywad Folder. The backups will also be located in two subfolders there. One named Systems and the other named Window.

The script will search the Windows Directory and delete desktop.html and popup.html if they exist. It will add entries to the log if these files are found and deleted.

It will then kill Explorer. You will lose your taskbar and desktop. It will repair the registry entries returning your windows default desktop and context menu functions.
It will restart Explorer.
lopuksi aukeaa hijackthis ei mitään fiksattavaa joten sulje se

käynnistä uudelleen, vikasietotilaan
vedä uus skannaus ewidolla, tällä kertaa anna sen poistaa löydökset

tallenna sen raportti
käynnistä uudelleen, laita uusi hjt loki, spywadfiksin loki ja ewidon raportti tänne
JANI86
Member
_
14. joulukuuta 2005 @ 04:30 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Mistä ton spywadfiksin login saa?

mut tässä on toi hjt loki:

Logfile of HijackThis v1.99.1
Scan saved at 9:27:41, on 14.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Windows AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
D:\Windows AntiSpyware\gcasDtServ.exe
D:\ewido\security suite\ewidoctrl.exe
D:\ewido\security suite\ewidoguard.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
D:\FTP\FileZilla Server\FileZilla Server.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
D:\HijackThis 1.99.1\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [FileZilla Server Interface] "D:\FTP\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [gcasServ] "D:\Windows AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Microsoft Office Pikahaku.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O12 - Plugin for .: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Share...bin/AvSniff.cab
O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/games/common/ieell.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5...b?1108821806021
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/20040...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://gw.tallinnlv.ee:11082/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: bw+0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE (file missing)
O23 - Service: ewido security suite control - ewido networks - D:\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\ewido\security suite\ewidoguard.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:\FTP\FileZilla Server\FileZilla Server.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe


Ja tässä ewido:

--------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 9:22:15, 14.12.2005
+ Report-Checksum: 17FAF705

+ Scan result:

C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\spywad\Systems\Backupz11 -> Hijacker.Spywad.l : Cleaned with backup
C:\WINDOWS\system32\z13.exe -> Downloader.Small.cah : Cleaned with backup


::Report End

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 6. marraskuuta 2009 @ 20:50

JANI86
Member
_
14. joulukuuta 2005 @ 04:33 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Tää on varmaanki se Spywadfiksin logi ehkä tai ainakin tuolla oli spywad niminen kansio ja siellä spywad tekstitiedosto:

13.12.2005 22:36:53
C:\WINDOWS\system32\z11.exe
JANI86
Member
_
14. joulukuuta 2005 @ 05:02 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Semmosta vielä että suurin osa työpöydällä olevista kuvakkeista on hävinnyt, enään on noi Windowsin omat kuvakkeet tai itseasiassa kaikki paitsi windowsin omat kuvakkeet on jäljellä.

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 14. joulukuuta 2005 @ 05:04

ratnunter
Member
_
14. joulukuuta 2005 @ 06:25 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
joo

toi fiksi tekee sen et se restauroi windowsin oletustyöpöydän, eli joudut lisään noi omat kuvakkeesi..

muuten näyttää puhtaalta
ratnunter
Member
_
14. joulukuuta 2005 @ 06:29 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
vielä sellasta että usimmiten noi spywaren poistotyökalut on amerikkalaisten tekemiä, niinku toi spywadfix:kin, ( tekijä Mosaic1), niissä ei aina ole otettu huomioon suomalaisten, ja muunkinmaalaisten lokalisoitujen windows-versioiden erityispiirteitä.. tosta voi sillon tällön seurata ongelmia
Senior Member
_
14. joulukuuta 2005 @ 07:36 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
@ratnunter

Ohjelmanhan sivuvaikutuksista on hieman etukäteen tiedotettava.
Se ei auta kun sitä lopuksi vain enään toteaa että tekipä se nyt hiukan muutaki haittaa sen puhdistuksen lisäksi.

JANI86
Member
_
14. joulukuuta 2005 @ 07:49 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Kiitoksia vaan kauhian paljo.
JANI86
Member
_
14. joulukuuta 2005 @ 07:54 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Mikäs muuten tää Ewido niinku on, onko se vähän samantyylinen kuin Ad-Aware, Spybot tai F-Secure, mutta parempi. Eli voiko sillä korvata F-Securen.
ratnunter
Member
_
14. joulukuuta 2005 @ 09:12 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
@aaxxeell

mitähän mä tossa ylempänä lainasin:
Quote:
The script will search the Windows Directory and delete desktop.html and popup.html if they exist. It will add entries to the log if these files are found and deleted.

It will then kill Explorer. You will lose your taskbar and desktop. It will repair the registry entries returning your windows default desktop and context menu functions.
It will restart Explorer.
en tie montako kertaa oot spywadfixin tehny mut toi on paras tapa, muuten se ei lähde kovin helpolla

ei ewido voi fsecurea korvata, siitä puuttuu virusten löytökyky kokonaan, mutta se on hyvä ja ilmainen lisä
Mainos
_
__
 
_
Senior Member
_
14. joulukuuta 2005 @ 09:46 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
@ratnunter

jep toi lainaus jää vaan sivuun pahasti ja sitä en kiistä etteikö hyvä ja toimivin tapa olisi.

ja Ad-Aware + Spybot rinnalle tuo ewido on hyvä ratkaisu.

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > spyware infection....
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2024 AfterDawn Oy