HjT-loki, sitkee häiriöitsijä

many68 · 09.10.2006

Tässä tämä hjt-loki oikealla alueella, varmaa paljo fiksattavaa... ja kiitti kaikille, jotka viitti vastailla 'väärällä' alueella...

Logfile of HijackThis v1.99.1
Scan saved at 23:48:22, on 9.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\mguard.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\WINDOWS\SYSCFG32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\WINDOWS\System32\lvcomsx.exe
E:\Alwil Software\aswUpdSv.exe
E:\Alwil Software\ashServ.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
E:\Alwil Software\ashMaiSv.exe
E:\Alwil Software\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\Logitech\WebColct\WebColct.exe
C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE
C:\DOCUME~1\Mikko.MPN\LOCALS~1\Temp\Rar$EX01.422\joko lähtee\skanneri.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fi
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: Shell=Explorer.exe mguard.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,mguard.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Adobe Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS\System32\winIogon.exe
O4 - HKLM\..\Run: [Ms Java for Windows NT] mguard.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Windows System Configuration] C:\WINDOWS\SYSCFG32.EXE
O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\SYSCFG32.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [InstantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
O4 - HKCU\..\Run: [Ms Java for Windows NT] mguard.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1159332461734
O18 - Protocol: bw+0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Alwil Software\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - E:\Alwil Software\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Alwil Software\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Alwil Software\ashWebSv.exe" /service (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.407 / Virus Database: 268.13.1/466 - Release Date: 7.10.2006

AfterDawn

-kemisti- · 10.10.2006

Joo bottejahan siellä

Voi olla että killboxkaan ei toimi, sitten poistetaan ne muuten.

HjT ensin omaan hakemistoon -> C:\hjt

Fixaa nämä:

F2 - REG:system.ini: Shell=Explorer.exe mguard.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,mguard.exe
O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS\System32\winIogon.exe
O4 - HKLM\..\Run: [Ms Java for Windows NT] mguard.exe
O4 - HKLM\..\Run: [Windows System Configuration] C:\WINDOWS\SYSCFG32.EXE
O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\SYSCFG32.EXE
O4 - HKCU\..\Run: [Ms Java for Windows NT] mguard.exe

Lataa Killbox Option^Explicitiltä.

Huomaa: Jos sinulla on jo Killbox, tämä on uusi versio joka sinun tulee asentaa. Poista aikaisempi.

Tallenna työpöydällesi.

Tupla-klikkaa Killbox.exe ajaaksesi ohjelman.

Valitse:

Delete on Reboot

sitten klikkaa All Files valintaa.

Kopioi ja liitä alapuolella olevat tiedostopolut leikepöydälle mustaamalla KAIKKI ne ja painamalla CTRL + C (tai, mustaamisen jälkeen, oikea klikki hiirellä ja valitse kopioi):

C:\WINDOWS\System32\winIogon.exe
C:\WINDOWS\SYSCFG32.EXE
C:\WINDOWS\system32\mguard.exe

Palaa Killboxiin, mene File valikkoon, ja valitse Paste from Clipboard.

Klikkaa puna-valkoista Delete File valintaa. Klikkaa Yes "Delete on Reboot" pyyntöön. Klikkaa OK mihin vain PendingFileRenameOperations pyyntöön (ja anna fixaajan tietää jos jokin tälläinen tulee!).
Käynnistä koneesi itse jos se ei sitä automaattisesti tee.

Jos saat tälläisen viestin: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." Kun yrität ajaa KillBoxia, klikkaa tätä ladataksesi ja ajaaksesi Missingfilessetup.exe;n. Sitten koita KillBoxia uudestaan.

Lähetä uusi HjT-loki.

many68 · 10.10.2006

Tässä uus HjT-loki (olin kyllä jo poistanu osan ainakin Prevx1-ohjelmalla...)

Logfile of HijackThis v1.99.1
Scan saved at 18:25:30, on 10.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\Program Files\Prevx1\PXConsole.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\WINDOWS\System32\lvcomsx.exe
E:\Alwil Software\aswUpdSv.exe
E:\Alwil Software\ashServ.exe
C:\Program Files\Prevx1\PXAgent.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
E:\Alwil Software\ashMaiSv.exe
E:\Alwil Software\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\HjT\HjT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fi
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Adobe Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Prevx\pxbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [InstantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1159332461734
O18 - Protocol: bw+0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {5AAADCA4-173E-4788-A563-1E07CA667CE7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Alwil Software\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - E:\Alwil Software\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Alwil Software\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Alwil Software\ashWebSv.exe" /service (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

-kemisti- · 10.10.2006

Loki näyttää hyvältä, mutta ajetaas tuo:

Hae eScan -> http://koti.mbnet.fi/pattaya1/escanmwav.htm .
Asenna, päivitä, skannaa sivulla olevien ohjeiden mukaan. Lähetä sitten "örkkitulokset" tänne (ohje tuolla sivulla, alin kuva ja sen yläpuolella oleva teksti).

Suosittelen myös kaikkien salasanojen vaihtoa ja verkkopankkiin yhteyden ottamista yms. tämän takia -> http://www.liutilities.com/products/wintaskspro/processlibrary/syscfg32/

many68 · 11.10.2006

Outs! Täältä löytyi vielä paljon epämääräistä. Noiden virus juttujen lisäks löytyi kaikenkaikkiaan 15 jotain virhettä...

Tässä nämä 'örkit'
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\T1YOREFX\kk[1].exe tagged as not-a-virus:Server-Proxy.Win32.CCProxy.63. No Action Taken.
File C:\Documents and Settings\Mikko.MPN\Omat tiedostot\My Skype Received Files\bez tytulu.bmp infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\Mikko.MPN\Recent\bez tytulu.lnk infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{214DE473-3858-4CF6-A792-DAA9C8F7B239}\RP20\A0006398.exe infected by "Backdoor.Win32.Rbot.gen" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{214DE473-3858-4CF6-A792-DAA9C8F7B239}\RP34\A0018727.exe infected by "Trojan.Win32.Pakes" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{214DE473-3858-4CF6-A792-DAA9C8F7B239}\RP36\A0022942.exe infected by "Trojan.Win32.Pakes" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{214DE473-3858-4CF6-A792-DAA9C8F7B239}\RP36\A0022943.exe tagged as not-a-virus:Server-Proxy.Win32.CCProxy.63. No Action Taken.
File C:\System Volume Information\_restore{214DE473-3858-4CF6-A792-DAA9C8F7B239}\RP36\A0023029.exe tagged as not-a-virus:Server-Proxy.Win32.CCProxy.63. No Action Taken.
File C:\System Volume Information\_restore{214DE473-3858-4CF6-A792-DAA9C8F7B239}\RP40\A0024974.exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{214DE473-3858-4CF6-A792-DAA9C8F7B239}\RP40\A0024975.EXE infected by "Trojan.Win32.Pakes" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{214DE473-3858-4CF6-A792-DAA9C8F7B239}\RP40\A0024999.exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{214DE473-3858-4CF6-A792-DAA9C8F7B239}\RP40\A0025000.exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{214DE473-3858-4CF6-A792-DAA9C8F7B239}\RP7\A0001024.exe tagged as not-a-virus:Server-Proxy.Win32.CCProxy.63. No Action Taken.
File C:\System Volume Information\_restore{214DE473-3858-4CF6-A792-DAA9C8F7B239}\RP7\A0001025.exe tagged as not-a-virus:Server-Proxy.Win32.CCProxy.63. No Action Taken.
File C:\System Volume Information\_restore{214DE473-3858-4CF6-A792-DAA9C8F7B239}\RP8\A0004986.exe infected by "Backdoor.Win32.VanBot.d" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{50A82089-5A8B-44DC-96A3-B367492BE323}\RP2\A0004185.exe tagged as not-a-virus:Server-Proxy.Win32.CCProxy.63. No Action Taken.

-kemisti- · 11.10.2006

Tyhjennä IE:n väliaikaistiedostot

Putsaa järjestelmänpalautus:

1. Valitse Oma tietokone (klikkaa oikealla).
2. Valitse Ominaisuudet.
3. Valitse Järjestelmän palauttaminen- välilehti.
4. Valitse "Poista järjestelmän palauttaminen käytöstä".
5. Paina Käytä.
6. Paina OK.
7. Käynnistä kone uudelleen
8. Tee kohdat 1.-3.
9. Ota rasti pois kohdasta "Poista järjestelmän palauttaminen käytöstä"
10. Tee kohdat 5. ja 6.

Vielä ongelmia?

many68 · 11.10.2006

Nyt on ainakin toistaisek ihan ok
Kiitti!

Kirjaudu tai liity jäseneksi

HjT-loki, sitkee häiriöitsijä

many68 Regular member

-kemisti- Active member

many68 Regular member

-kemisti- Active member

many68 Regular member

-kemisti- Active member

many68 Regular member

Jaa tämä sivu

Kirjaudu tai liity jäseneksi

HjT-loki, sitkee häiriöitsijä

many68 Regular member

-kemisti- Active member

many68 Regular member

-kemisti- Active member

many68 Regular member

-kemisti- Active member

many68 Regular member

Jaa tämä sivu

Hyödyllisiä hakuja