HJT-logi OK?

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi Groniski 24.08.2006.

Viestiketjun tila:
Viestiketju on suljettu.
  1. Groniski

    Groniski Member

    Liittynyt:
    16.08.2006
    Viestejä:
    14
    Kiitokset:
    0
    Pisteet:
    11
    Logfile of HijackThis v1.99.1
    Scan saved at 17:09:35, on 24.8.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5346.0005)

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\BUFFALO\Client Manager 2\bwsvc.exe
    D:\WINDOWS\system32\ZoneLabs\vsmon.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
    D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    D:\Program Files\Alwil Software\Avast4\ashServ.exe
    D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\Explorer.EXE
    D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    D:\Program Files\Microsoft Hardware\Keyboard\type32.exe
    D:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    D:\Program Files\iPod\bin\iPodService.exe
    D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    D:\Program Files\BUFFALO\Client Manager 2\ClientMgr2.exe
    D:\Program Files\Logitech\SetPoint\KEM.exe
    D:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
    D:\WINDOWS\system32\svchost.exe
    D:\Program Files\Opera\Opera.exe
    D:\Program Files\Winamp\winamp.exe
    D:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
    D:\Program Files\MSN Messenger\msnmsgr.exe
    D:\Documents and Settings\Groniski\Omat tiedostot\HijackThis_v1.99.1.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    F2 - REG:system.ini: Shell=explorer.exe ,svchost.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {660BF6E9-DFA0-5A4D-796F-4BC9BE35C843} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {B1A2BD30-FB16-50F5-BA6E-AE7073766599} - (no file)
    O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SsAAD.exe] D:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [IntelliType] "D:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
    O4 - HKLM\..\Run: [FILE KIND DOWNLOAD TRUST] D:\Documents and Settings\All Users\Application Data\mfcd eq file kind\RoadTick.exe
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Glass2k] D:\Program Files\Glass2k\Glass2k.exe
    O4 - HKLM\..\Run: [LClock] D:\Program Files\LClock\LClock.exe
    O4 - HKCU\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Steam] D:\Program Files\Valve\Steam\Steam.exe -silent
    O4 - HKCU\..\Run: [Live Bows] D:\DOCUME~1\Groniski\APPLIC~1\KINDDE~1\Idle heck ooze.exe
    O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [SIDEBAR] "D:\Program Files\Desktop Sidebar\dsidebar.exe"
    O4 - Global Startup: ClientManager2.lnk = D:\Program Files\BUFFALO\Client Manager 2\ClientMgr2.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\KEM.exe
    O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://D:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135519224441
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137493353355
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F5C5206E-CDD4-40D2-86C1-46210DB905A7}: NameServer = 213.139.190.3 212.50.131.153
    O18 - Protocol: bw+0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {CBC0597D-7933-4C09-ABBC-36D9102B6DF7} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: wbsys.dll MsgPlusLoader.dll
    O20 - Winlogon Notify: WB - D:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Buffalo Wireless Service (BWSVC) - BUFFALO INC. - D:\Program Files\BUFFALO\Client Manager 2\bwsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: PACSPTISVR - Sony Corporation - D:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - D:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - D:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
     
    Groniski, 24.08.2006
    #1
  2.  
  3. Jurppis

    Jurppis Regular member

    Liittynyt:
    22.02.2006
    Viestejä:
    659
    Kiitokset:
    0
    Pisteet:
    26
    Morjens

    Siirrä HijackThis omaan kansioonsa esim. C:\Hjt

    Avaa HijackThis, paina do a system scan only ja merkkaa nämä:

    O2 - BHO: (no name) - {660BF6E9-DFA0-5A4D-796F-4BC9BE35C843} - (no file)
    O2 - BHO: (no name) - {B1A2BD30-FB16-50F5-BA6E-AE7073766599} - (no file)
    O4 - HKLM\..\Run: [FILE KIND DOWNLOAD TRUST] D:\Documents and Settings\All Users\Application Data\mfcd eq file kind\RoadTick.exe
    O4 - HKCU\..\Run: [Live Bows] D:\DOCUME~1\Groniski\APPLIC~1\KINDDE~1\Idle heck ooze.exe

    Sulje kaikki muut avoimet ikkunat ja paina fix cheked.

    Käynnistä tietokoneesi vikasietotilaan näpyttämällä F8:a käynnistyksen yhteydessä.

    Laita piilotiedostot näkyviin:

    1.Napsauta Käynnistä-painiketta ja valitse Ohjauspaneeli.
    2.Valitse "Kansion asetukset"
    3.Siirry" Näytä välilehdelle"
    4.Valitse Näytä-välilehden Piilotetut tiedostot ja kansiot -kohdassa" Näytä piilotetut tiedostot ja kansiot."

    Poista seuraavat kansiot vikasietotilassa

    D:\Documents and Settings\All Users\Application Data\->mfcd eq file kind
    D:\Documents and Settings\Groniski\Application Data\->KINDDE~1

    Nyt käynnistä tietokoneesi normaalisti uudelleen normaalitilaan päästäksesi, piilota piilotiedostot ja skannaa koneesi Kaspersky Online Scannerilla:

    Skannaa koneesi Kaspersky Online Skannerilla
    http://www.kaspersky.com/downloads/kws/kavwebscan.html

    Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.

    Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.
    Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.
    Klikkaa nyt asetuksia, Scan Settings
    Tarkista asetuksista, että seuraavat ovat valittuina:

    o Scan using the following Anti-Virus database:

    + Extended (Jos valittavissa, muuten valitse Standard)

    o Scan Options:

    + Scan Archives
    + Scan Mail Bases

    Klikkaa OK
    Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer
    Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.
    Klikkaa nyt Save as Text-painiketta.
    Tallenna tiedosto työpöydällesi.
    Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi uuden HijackThis lokin kera

     
    Jurppis, 25.08.2006
    #2
Viestiketjun tila:
Viestiketju on suljettu.

Jaa tämä sivu