HTJ-loki

Yksityisviestit

Luo uusi yksityisviesti

Kaikki uudet viestit

Ilman vastauksia olevat viestiketjut

Hae viestejä

lauantai 8.11.2025 / 09:02

Hae keskustelualueilta:

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > htj-loki

Aiheet

Keskustelualueet

Vastaa

Aloita uusi viestiketju

HTJ-loki

Siirry:

Kirjoittaja

Viesti

belroyd

Newbie

2. maaliskuuta 2006 @ 09:08

Linkki tähän viestiin

Eli kone täysin jumissa, ajanut ad-awaren ja useita virustorjunta-ohjelmia.

Loki:
Logfile of HijackThis v1.99.1
Scan saved at 13:28:57, on 2.3.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\System32\CTSvcCDA.exe
D:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
D:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
D:\Program Files\F-Secure\Anti-Virus\fssm32.exe
D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\system32\pctspk.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\F-Secure\Common\FSMA32.EXE
D:\Program Files\F-Secure\Common\FSMB32.EXE
D:\Program Files\F-Secure\Common\FCH32.EXE
D:\Program Files\F-Secure\Common\FNRB32.EXE
D:\Program Files\F-Secure\Common\FIH32.EXE
D:\Program Files\F-Secure\Anti-Virus\fsav32.exe
D:\WINDOWS\System32\devldr32.exe
D:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
D:\Program Files\F-Secure\Common\FSM32.EXE
D:\Program Files\Ahead\InCD\InCD.exe
D:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
D:\WINDOWS\System32\ctfmon.exe
D:\WINDOWS\System32\wuauclt.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
D:\Program Files\ewido anti-malware\SecuritySuite.exe
D:\htj\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.soneraplaza.fi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=proxy.dial.inet.fi:800;gopher=proxy.dial.inet.fi:800;http=proxy.dial.inet.fi:800;https=proxy.dial.inet.fi:800
F1 - win.ini: run=D:\WINDOWS\..\PROGRA~1\COMMON~1\MICROS~1\MSInfo\
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AudioHQ] D:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [zBrowser Launcher] D:\PROGRA~1\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SideWinderTrayV4] D:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] D:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [dmpja.exe] D:\WINDOWS\System32\dmpja.exe
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Download with GetRight - D:\Program Files\Getright\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - D:\Program Files\Getright\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: D:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{76FD0945-3E4A-4DC1-87AF-96CE107E42FA}: NameServer = 85.255.113.139,85.255.112.22
O18 - Protocol: bw+0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O19 - User stylesheet: (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - D:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - D:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - D:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - D:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - D:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - D:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - D:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - D:\WINDOWS\system32\pctspk.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

[ + lainaa]

blade81

Senior Member

2. maaliskuuta 2006 @ 09:20

Linkki tähän viestiin

Kannattais pitää tietoturva kunnossa (service packit). Nyt on koneesi kaapattu Ukrainasta käsin. Katselen probleemaa illemmalla, jos ei kukaan muu ole vielä ehtinyt sitä ennen neuvoa.

[ + lainaa]

ASAP & UNITE member since 2006

-kemisti-

AfterDawn Addict

2. maaliskuuta 2006 @ 10:42

Linkki tähän viestiin

Kumpi on käytössä, f-secure vai antivir? Poista se, mikä ei ole käytössä

Hae fixwareout -> http://downloads.subratam.org/Fixwareout.exe

Tallenna johonkin hakemistoon ja käynnistä se. Seuraa ohjeita, käynnistä kone uudestaan kun fixi pyytää sitä. Fixi avaa HjT:n.

Fixaa silloin nämä rivit (do a system scan only, merkkaa ja paina fix checked):

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
O4 - HKLM\..\Run: [dmpja.exe] D:\WINDOWS\System32\dmpja.exe
O4 - Startup: PowerReg Scheduler.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{76FD0945-3E4A-4DC1-87AF-96CE107E42FA}: NameServer = 85.255.113.139,85.255.112.22
O19 - User stylesheet: (file missing)

Poista, jos löytyy:

D:\WINDOWS\System32\dmpja.exe

Päivitä ewido ja skannaa sillä. Tallenna raportti.

Lähetä uusi HjT-loki, ewidon raportti ja C:\fixwareout\report.txt-tiedoston sisältö tänne.

[ + lainaa]

belroyd

Newbie

3. maaliskuuta 2006 @ 05:59

Linkki tähän viestiin

No niin, poistin Antivir-ohjelman, jonka jälkeen kone toimii taas normaali vauhtia.

Fixwareout-raportti:

Fixwareout ver 1.003
Last edited 2/15/2006
Post this report in the forums please

Reg Entries that were deleted
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\1dedoc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\repiwh
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\domdnb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\orcimlh
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\23tsniow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\ajpmd
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\1dedoc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\repiwh
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\ytpme
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\domdnb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\orcimlh
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\putesprpgd
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\23tsniow
...

Microsoft (R) Windows Script Host Version 5.6
Random Runs removed from HKLM
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dmpja.exe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
...

PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, There WILL be LEGIT FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.

»»»»» Search by size and names...

»»»»» Misc files

»»»»» Checking for older varients covered by the Rem3 tool

Ewindo-raportti:
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 10:44:29, 3.3.2006
+ Report-Checksum: 22801A39

+ Scan result:

:mozilla.16:C:\WINDOWS\Application Data\Mozilla\Users50\default\oyx25v2c.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
D:\Documents and Settings\Pekka\Cookies\pekka@com[2].txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.8:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.9:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.10:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.11:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.12:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.13:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.19:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Abcsearch : Cleaned with backup
:mozilla.20:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Abcsearch : Cleaned with backup
:mozilla.27:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.28:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.29:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.55:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.56:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.57:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.58:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.59:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.70:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.71:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.72:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.73:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.74:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.80:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.81:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.84:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.85:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.92:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.93:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.94:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.95:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.96:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.97:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.98:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.99:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.100:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.101:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.102:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.103:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.104:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.105:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.106:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.107:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.109:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.110:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.111:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.112:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.113:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.114:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.115:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.116:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.117:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.118:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.119:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.120:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.121:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.122:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.123:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.124:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.125:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.126:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.127:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.128:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.129:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.130:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.131:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.132:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.133:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.134:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.135:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.136:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.137:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.138:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.139:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.140:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.141:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.142:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.143:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.144:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.145:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.146:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.147:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.148:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.149:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.150:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.151:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.175:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.176:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.207:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
:mozilla.262:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
:mozilla.265:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.271:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.279:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.280:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.281:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.282:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.311:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.319:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.320:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.324:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.335:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.336:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.356:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Xxxcounter : Cleaned with backup
:mozilla.357:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Xxxcounter : Cleaned with backup
:mozilla.358:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Xxxcounter : Cleaned with backup
:mozilla.361:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.368:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.369:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.370:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.377:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.378:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.379:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.380:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.381:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.400:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Enhance : Cleaned with backup
:mozilla.401:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Enhance : Cleaned with backup
:mozilla.402:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.403:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.422:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup
:mozilla.423:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup
:mozilla.424:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup
:mozilla.438:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.460:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.461:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.462:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.465:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.466:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.467:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.499:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Abcsearch : Cleaned with backup
:mozilla.548:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.583:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
:mozilla.627:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.628:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.629:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.658:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\woeyct87.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.61:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\3mvx6xbe.Default User\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.62:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\3mvx6xbe.Default User\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.67:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\3mvx6xbe.Default User\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.76:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\3mvx6xbe.Default User\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.77:D:\Documents and Settings\Pekka\Application Data\Mozilla\Firefox\Profiles\3mvx6xbe.Default User\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup

::Report End

Logfile of HijackThis v1.99.1
Scan saved at 10:56:25, on 3.3.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\devldr32.exe
D:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
D:\PROGRA~1\Logitech\iTouch\iTouch.exe
D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
D:\Program Files\F-Secure\Common\FSM32.EXE
D:\Program Files\Ahead\InCD\InCD.exe
D:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\WINDOWS\System32\ctfmon.exe
D:\WINDOWS\System32\CTSvcCDA.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
D:\Program Files\ewido anti-malware\ewidoguard.exe
D:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
D:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
D:\Program Files\F-Secure\Anti-Virus\fssm32.exe
D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\system32\pctspk.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\F-Secure\Common\FSMA32.EXE
D:\Program Files\F-Secure\Common\FSMB32.EXE
D:\Program Files\F-Secure\Common\FCH32.EXE
D:\Program Files\F-Secure\Common\FAMEH32.EXE
D:\Program Files\F-Secure\Common\FNRB32.EXE
D:\Program Files\F-Secure\Common\FIH32.EXE
D:\Program Files\F-Secure\Anti-Virus\fsav32.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\htj\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=proxy.dial.inet.fi:800;gopher=proxy.dial.inet.fi:800;http=proxy.dial.inet.fi:800;https=proxy.dial.inet.fi:800
F1 - win.ini: run=D:\WINDOWS\..\PROGRA~1\COMMON~1\MICROS~1\MSInfo\
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AudioHQ] D:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [zBrowser Launcher] D:\PROGRA~1\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SideWinderTrayV4] D:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] D:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Download with GetRight - D:\Program Files\Getright\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - D:\Program Files\Getright\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: D:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: bw+0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D3D289C7-8C8F-49B5-9502-F7CD08E85791} - D:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - D:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - D:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - D:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - D:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - D:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - D:\WINDOWS\system32\pctspk.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

[ + lainaa]

-kemisti-

AfterDawn Addict

3. maaliskuuta 2006 @ 06:12

Linkki tähän viestiin

Jep, wareouttihan se siellä oli :) Lokit on ok. Jos jatkossa haluat päästä eroon noista vakoiluevästeistä, asenna spywareblaster ->
http://keskustelu.afterdawn.com/thread_view.cfm/221085
Ja sitten windows updateen vaan hopi hopi.

[ + lainaa]

blade81

Senior Member

3. maaliskuuta 2006 @ 06:13

Linkki tähän viestiin

Loki näyttää puhtaalta. :) Nyt kipin kapin hakemaan service packiä ennen kuin saastuu uudestaan!

EDIT -kemisti- ehti taas ensin :P

[ + lainaa]

ASAP & UNITE member since 2006

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 3. maaliskuuta 2006 @ 06:15

belroyd

Newbie

3. maaliskuuta 2006 @ 13:49