1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

Spyware infection....

Viestiketju Virukset ja haittaohjelmat -osiossa. Ketjun avasi JANI86 13.12.2005.

  1. JANI86

    JANI86 Regular member

    Liittynyt:
    10.08.2004
    Viestejä:
    145
    Kiitokset:
    0
    Pisteet:
    26
    jo elikkäs tommonen tuli ja tossa olis toi logi jos joku vois auttaa tämän ongelman poistamisessa.

    Logfile of HijackThis v1.99.1
    Scan saved at 20:21:37, on 13.12.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    D:\FTP\FileZilla Server\FileZilla Server.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\WINDOWS\system32\cmd32.exe
    D:\Windows AntiSpyware\gcasServ.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\F-Secure\Common\FNRB32.EXE
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\Program Files\F-Secure\Common\FIH32.EXE
    D:\Windows AntiSpyware\gcasDtServ.exe
    C:\WINDOWS\system32\z11.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\KEM.exe
    C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    D:\HijackThis 1.99.1\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
    O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
    O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [FileZilla Server Interface] "D:\FTP\FileZilla Server\FileZilla Server Interface.exe"
    O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\system32\cmd32.exe internat.dll,LoadKeyboardProfile
    O4 - HKLM\..\Run: [gcasServ] "D:\Windows AntiSpyware\gcasServ.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
    O4 - Startup: Microsoft Office Pikahaku.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
    O12 - Plugin for .: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/games/common/ieell.cab
    O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1108821806021
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://gw.tallinnlv.ee:11082/activex/AxisCamControl.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O18 - Protocol: bw+0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE (file missing)
    O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:\FTP\FileZilla Server\FileZilla Server.exe
    O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
     
  2.  
  3. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Fixaa HjT:llä (do a system scan only, merkkaa ja paina fix checked):

    O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe

    Hae ewido -> http://www.ewido.net/en/download

    Asenna, päivitä, skannaa. Anna poistaa, mitä löytää ja tallenna raportti. Lähetä uusi HjT-loki ja ewidon raportti tänne.

    Onko sulla siis sellainen taustakuva kun "spyware infection" vai mikä?
     
  4. JANI86

    JANI86 Regular member

    Liittynyt:
    10.08.2004
    Viestejä:
    145
    Kiitokset:
    0
    Pisteet:
    26
    Kyllä näin on.
     
  5. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Selvä. Toimi noiden aiempien ohjeiden mukaan ja lisäksi:

    Klikkaa työpöydällä oikealla hiiren nappulalla -> ominaisuudet -> työpöytä -> mukauta työpöytää -> web-välilehti.
    Katso, jos siellä on jotain security-juttua, niin poista se. Jos siellä näkyy jotain muuta outoa, niin kerro myös siitä.
     
  6. JANI86

    JANI86 Regular member

    Liittynyt:
    10.08.2004
    Viestejä:
    145
    Kiitokset:
    0
    Pisteet:
    26
    tossa olis toi Ewidon raportti:

    ---------------------------------------------------------
    ewido security suite - Scan report
    ---------------------------------------------------------

    + Created on: 21:12:28, 13.12.2005
    + Report-Checksum: 81A4A4A9

    + Scan result:

    [2536] C:\WINDOWS\system32\z11.exe -> Hijacker.Spywad.l : Error during cleaning
    C:\boot.inx -> Dropper.Paradrop.a : Cleaned with backup
    :mozilla.9:C:\Documents and Settings\nimi\Application Data\Mozilla\Firefox\Profiles\yuvx5lef.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
    :mozilla.11:C:\Documents and Settings\nimi\Application Data\Mozilla\Firefox\Profiles\yuvx5lef.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
    :mozilla.12:C:\Documents and Settings\nimi\Application Data\Mozilla\Firefox\Profiles\yuvx5lef.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
    :mozilla.13:C:\Documents and Settings\nimi\Application Data\Mozilla\Firefox\Profiles\yuvx5lef.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
    :mozilla.15:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.16:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.17:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.18:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.19:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.22:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.31:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
    :mozilla.32:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
    :mozilla.34:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
    :mozilla.35:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
    :mozilla.36:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
    :mozilla.44:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
    :mozilla.45:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
    :mozilla.49:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.50:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.52:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.54:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.55:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.58:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
    :mozilla.59:C:\Documents and Settings\nimi nimi.nimi\Application Data\Mozilla\Firefox\Profiles\7dxy2bu0.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
    C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
    C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@microsofteup.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    C:\Documents and Settings\nimi nimi.nimi\fdsf -> Hijacker.Spywad.l : Cleaned with backup
    C:\Documents and Settings\nimi nimi.nimi\Käynnistä-valikko\Ohjelmat\SpySheriff -> Spyware.SpySheriff : Cleaned with backup
    C:\Documents and Settings\nimi nimi.nimi\Käynnistä-valikko\Ohjelmat\SpySheriff\SpySheriff.lnk -> Spyware.SpySheriff : Cleaned with backup
    C:\Documents and Settings\nimi nimi.nimi\Local Settings\Temp\Cookies\nimi nimi@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
    C:\Documents and Settings\nimi nimi.nimi\Local Settings\Temp\Cookies\nimi nimi@rotator.adjuggler[1].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
    C:\Documents and Settings\nimi nimi.nimi\wdcevf -> Downloader.Small.bwr : Cleaned with backup
    C:\Documents and Settings\nimi nimi.nimi\zxczxc -> Downloader.Small.cah : Cleaned with backup
    C:\WINDOWS\desktop.html -> Hijacker.Generic : Cleaned with backup


    ::Report End


    Ja tässä olis hjt-logi:


    Logfile of HijackThis v1.99.1
    Scan saved at 21:15:06, on 13.12.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    D:\FTP\FileZilla Server\FileZilla Server.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    D:\Windows AntiSpyware\gcasServ.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\F-Secure\Common\FNRB32.EXE
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\Program Files\F-Secure\Common\FIH32.EXE
    D:\Windows AntiSpyware\gcasDtServ.exe
    C:\WINDOWS\system32\z11.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\KEM.exe
    C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    D:\ewido\security suite\ewidoctrl.exe
    D:\ewido\security suite\ewidoguard.exe
    D:\HijackThis 1.99.1\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
    O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
    O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [FileZilla Server Interface] "D:\FTP\FileZilla Server\FileZilla Server Interface.exe"
    O4 - HKLM\..\Run: [gcasServ] "D:\Windows AntiSpyware\gcasServ.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: Microsoft Office Pikahaku.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
    O12 - Plugin for .: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/games/common/ieell.cab
    O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1108821806021
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://gw.tallinnlv.ee:11082/activex/AxisCamControl.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O18 - Protocol: bw+0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE (file missing)
    O23 - Service: ewido security suite control - ewido networks - D:\ewido\security suite\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - D:\ewido\security suite\ewidoguard.exe
    O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:\FTP\FileZilla Server\FileZilla Server.exe
    O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
     
    Viimeksi muokattu: 06.11.2009
  7. JANI86

    JANI86 Regular member

    Liittynyt:
    10.08.2004
    Viestejä:
    145
    Kiitokset:
    0
    Pisteet:
    26
    Eipä tuolla web-välilehdessä näytä olevan mitään security juttua.
     
    Viimeksi muokattu: 13.12.2005
  8. ratnunter

    ratnunter Regular member

    Liittynyt:
    09.06.2005
    Viestejä:
    131
    Kiitokset:
    0
    Pisteet:
    26
    @kemisti: toi on spywad, vähän wanhempi örkki samaa sarjaa, tässä fiksi:

    imuroi

    http://www.thespykiller.co.uk/files/spywadfix.exe
    tuplaklikkaa, pura kansioon, se käynnistää automaattisesti remove spywad.vbs skriptin

    jos virustorjuntasi hälyttää niin anna skriptin pyöriä, se ei ole virus

    pitäs aueta laatikko, kopioi/liitä siihen laatikkoon tää rivi:

    C:\WINDOWS\system32\z11.exe


    ja paina enter jos tarvii

    toi skripti tekee seuraavaa:


    lopuksi aukeaa hijackthis ei mitään fiksattavaa joten sulje se

    käynnistä uudelleen, vikasietotilaan
    vedä uus skannaus ewidolla, tällä kertaa anna sen poistaa löydökset

    tallenna sen raportti
    käynnistä uudelleen, laita uusi hjt loki, spywadfiksin loki ja ewidon raportti tänne






     
  9. JANI86

    JANI86 Regular member

    Liittynyt:
    10.08.2004
    Viestejä:
    145
    Kiitokset:
    0
    Pisteet:
    26
    Mistä ton spywadfiksin login saa?

    mut tässä on toi hjt loki:

    Logfile of HijackThis v1.99.1
    Scan saved at 9:27:41, on 14.12.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\Windows AntiSpyware\gcasServ.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Logitech\SetPoint\KEM.exe
    C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    D:\Windows AntiSpyware\gcasDtServ.exe
    D:\ewido\security suite\ewidoctrl.exe
    D:\ewido\security suite\ewidoguard.exe
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    D:\FTP\FileZilla Server\FileZilla Server.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\F-Secure\Common\FNRB32.EXE
    C:\Program Files\F-Secure\Common\FIH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wscntfy.exe
    D:\HijackThis 1.99.1\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
    O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
    O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [FileZilla Server Interface] "D:\FTP\FileZilla Server\FileZilla Server Interface.exe"
    O4 - HKLM\..\Run: [gcasServ] "D:\Windows AntiSpyware\gcasServ.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: Microsoft Office Pikahaku.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
    O12 - Plugin for .: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/games/common/ieell.cab
    O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1108821806021
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://gw.tallinnlv.ee:11082/activex/AxisCamControl.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O18 - Protocol: bw+0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {D1DF8F5D-E9B0-4718-8C2D-06418372BC12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE (file missing)
    O23 - Service: ewido security suite control - ewido networks - D:\ewido\security suite\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - D:\ewido\security suite\ewidoguard.exe
    O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:\FTP\FileZilla Server\FileZilla Server.exe
    O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe


    Ja tässä ewido:

    --------------------------------------------------------
    ewido security suite - Scan report
    ---------------------------------------------------------

    + Created on: 9:22:15, 14.12.2005
    + Report-Checksum: 17FAF705

    + Scan result:

    C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\nimi nimi.nimi\Cookies\nimi nimi@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
    C:\spywad\Systems\Backupz11 -> Hijacker.Spywad.l : Cleaned with backup
    C:\WINDOWS\system32\z13.exe -> Downloader.Small.cah : Cleaned with backup


    ::Report End
     
    Viimeksi muokattu: 06.11.2009
  10. JANI86

    JANI86 Regular member

    Liittynyt:
    10.08.2004
    Viestejä:
    145
    Kiitokset:
    0
    Pisteet:
    26
    Tää on varmaanki se Spywadfiksin logi ehkä tai ainakin tuolla oli spywad niminen kansio ja siellä spywad tekstitiedosto:

    13.12.2005 22:36:53
    C:\WINDOWS\system32\z11.exe
     
  11. JANI86

    JANI86 Regular member

    Liittynyt:
    10.08.2004
    Viestejä:
    145
    Kiitokset:
    0
    Pisteet:
    26
    Semmosta vielä että suurin osa työpöydällä olevista kuvakkeista on hävinnyt, enään on noi Windowsin omat kuvakkeet tai itseasiassa kaikki paitsi windowsin omat kuvakkeet on jäljellä.

     
    Viimeksi muokattu: 14.12.2005
  12. ratnunter

    ratnunter Regular member

    Liittynyt:
    09.06.2005
    Viestejä:
    131
    Kiitokset:
    0
    Pisteet:
    26
    joo

    toi fiksi tekee sen et se restauroi windowsin oletustyöpöydän, eli joudut lisään noi omat kuvakkeesi..

    muuten näyttää puhtaalta
     
  13. ratnunter

    ratnunter Regular member

    Liittynyt:
    09.06.2005
    Viestejä:
    131
    Kiitokset:
    0
    Pisteet:
    26
    vielä sellasta että usimmiten noi spywaren poistotyökalut on amerikkalaisten tekemiä, niinku toi spywadfix:kin, ( tekijä Mosaic1), niissä ei aina ole otettu huomioon suomalaisten, ja muunkinmaalaisten lokalisoitujen windows-versioiden erityispiirteitä.. tosta voi sillon tällön seurata ongelmia
     
  14. aaxxeell

    aaxxeell Regular member

    Liittynyt:
    28.07.2005
    Viestejä:
    2,145
    Kiitokset:
    0
    Pisteet:
    46
    @ratnunter

    Ohjelmanhan sivuvaikutuksista on hieman etukäteen tiedotettava.
    Se ei auta kun sitä lopuksi vain enään toteaa että tekipä se nyt hiukan muutaki haittaa sen puhdistuksen lisäksi.
     
  15. JANI86

    JANI86 Regular member

    Liittynyt:
    10.08.2004
    Viestejä:
    145
    Kiitokset:
    0
    Pisteet:
    26
    Kiitoksia vaan kauhian paljo.
     
  16. JANI86

    JANI86 Regular member

    Liittynyt:
    10.08.2004
    Viestejä:
    145
    Kiitokset:
    0
    Pisteet:
    26
    Mikäs muuten tää Ewido niinku on, onko se vähän samantyylinen kuin Ad-aware, Spybot tai F-Secure, mutta parempi. Eli voiko sillä korvata F-Securen.
     
  17. ratnunter

    ratnunter Regular member

    Liittynyt:
    09.06.2005
    Viestejä:
    131
    Kiitokset:
    0
    Pisteet:
    26
    @aaxxeell

    mitähän mä tossa ylempänä lainasin:

    en tie montako kertaa oot spywadfixin tehny mut toi on paras tapa, muuten se ei lähde kovin helpolla

    ei ewido voi fsecurea korvata, siitä puuttuu virusten löytökyky kokonaan, mutta se on hyvä ja ilmainen lisä
     
  18. aaxxeell

    aaxxeell Regular member

    Liittynyt:
    28.07.2005
    Viestejä:
    2,145
    Kiitokset:
    0
    Pisteet:
    46
    @ratnunter

    jep toi lainaus jää vaan sivuun pahasti ja sitä en kiistä etteikö hyvä ja toimivin tapa olisi.

    ja Ad-Aware + Spybot rinnalle tuo ewido on hyvä ratkaisu.
     

Jaa tämä sivu