1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

kone ihan jumisssa

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi j.pv 12.01.2008.

  1. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    ctf kysy pari kertaa ni painoin ok mikä on ctf ???

    ctf.monfix.bat
     
  2.  
  3. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    tota noi oli siellä missä on toi välilyönti poistanko vai???
    tuli pieni ajatuskatkos heh
     
  4. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    eli ymmärsinkö oikein
    1. nimeän uudelleen
    2. poistan tiedostostot
    ???
     
  5. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    Ensin poistat viestin ylemmässä osassa olevat tiedostot.
    jäljelle jää ne joissa on vlilyönti.
    Niistä joissa on se völilyönti poistat sen vlin.
    lopuksi ne näyttää alkuperäisiltä.
    Se on hyvä, että kysyt jos et ole varma.
     
  6. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    ok, ei ollu kuin ne missä oli välilyönti tuossa combon logi


    ComboFix 08-01-17.5 - Jani Vartia 2008-01-18 17:55:57.24 - NTFSx86 MINIMAL
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.789 [GMT 2:00]
    Running from: C:\Documents and Settings\Jani Vartia\Työpöytä\ComboFix.exe

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2007-12-18 to 2008-01-18 )))))))))))))))))
    .

    2008-01-18 17:00 . 2008-01-18 17:00 <KANSIO> d-------- C:\Documents and Settings\LocalService\Työpöytä
    2008-01-18 16:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2008-01-18 09:06 . 2008-01-18 09:06 <KANSIO> d-------- C:\Documents and Settings\Jani Vartia\Application Data\Grisoft
    2008-01-18 09:05 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2008-01-14 15:28 . 2008-01-14 15:28 <KANSIO> d-------- C:\WINDOWS\ERUNT
    2008-01-12 14:53 . 2008-01-12 14:53 <KANSIO> d-------- C:\Documents and Settings\Jani Vartia\Application Data\F-Secure
    2008-01-12 13:29 . 2008-01-12 13:47 51,040 --a------ C:\WINDOWS\system32\drivers\fsdfw.sys
    2008-01-12 13:29 . 2008-01-12 13:47 30,016 --a------ C:\WINDOWS\system32\drivers\fsndis5.sys
    2008-01-12 13:25 . 2008-01-12 13:25 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\F-Secure
    2008-01-12 13:24 . 2008-01-12 14:44 <KANSIO> d-------- C:\Program Files\Sonera Tietoturva
    2008-01-12 12:12 . 2008-01-12 12:13 418,135 --a------ C:\UITool3-370a.zip
    2008-01-12 11:39 . 2006-03-02 14:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex
    2008-01-12 11:38 . 2006-03-02 14:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
    2008-01-12 11:37 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\fp4awel.dll
    2008-01-12 11:33 . 2008-01-12 11:33 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
    2008-01-12 11:33 . 2008-01-12 11:33 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
    2008-01-12 11:33 . 2008-01-12 11:33 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
    2008-01-12 11:33 . 2008-01-12 11:33 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
    2008-01-12 11:33 . 2008-01-12 11:33 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
    2008-01-12 11:31 . 2006-03-02 14:00 259,072 --a--c--- C:\WINDOWS\system32\dllcache\snmpcl.dll
    2008-01-12 11:31 . 2006-03-02 14:00 40,448 --a--c--- C:\WINDOWS\system32\dllcache\snmpthrd.dll
    2008-01-12 11:17 . 2006-03-02 14:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
    2008-01-12 11:17 . 2006-03-02 14:00 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll
    2008-01-12 11:17 . 2006-03-02 14:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll
    2008-01-12 11:17 . 2006-03-02 14:00 13,312 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll
    2008-01-12 11:17 . 2008-01-12 11:17 34 --a------ C:\WINDOWS\system\oeminfo.ini
    2008-01-09 18:43 . 2008-01-09 18:45 <KANSIO> d-------- C:\Program Files\Windows Live
    2008-01-09 17:26 . 2008-01-16 12:45 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe
    2008-01-07 17:42 . 2007-10-25 18:44 8,464,384 --a------ C:\WINDOWS\system32\drivers\vmxnet.sys
    2008-01-07 17:35 . 2008-01-12 13:23 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\fssg
    2008-01-03 00:56 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-01-02 23:20 . 2008-01-12 12:22 <KANSIO> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2007-12-30 13:52 . 2008-01-12 09:02 4,410 --a------ C:\WINDOWS\setupapi.old
    2007-12-29 22:05 . 2007-12-29 22:09 <KANSIO> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
    2007-12-29 22:05 . 2008-01-09 18:43 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2007-12-29 16:36 . 2008-01-14 15:17 <KANSIO> d-------- C:\Program Files\Trend Micro
    2007-12-29 16:01 . 2007-12-29 16:26 <KANSIO> d-------- C:\WINDOWS\SxsCaPendDel
    2007-12-27 14:17 . 2007-12-27 14:17 <KANSIO> d-------- C:\Program Files\Winamp Toolbar
    2007-12-27 14:17 . 2007-12-27 14:17 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
    2007-12-27 14:17 . 2007-12-27 14:17 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
    2007-12-27 14:16 . 2007-12-27 14:17 <KANSIO> d-------- C:\Program Files\Winamp Remote

    .
    (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-10 16:56 --------- d-----w C:\Documents and Settings\Jani Vartia\Application Data\Microgaming
    2008-01-06 10:32 --------- d-----w C:\Program Files\DC++
    2008-01-04 21:21 --------- d-----w C:\Program Files\Winamp
    2008-01-02 22:56 --------- d-----w C:\Program Files\Java
    2007-12-30 14:31 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-12-29 16:38 --------- d-----w C:\Program Files\Steam
    2007-12-29 14:26 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2007-12-29 12:04 --------- d-----w C:\Program Files\Macrogaming
    2007-12-22 13:32 --------- d-----w C:\Program Files\eMule
    2007-11-25 21:43 245,408 ----a-w C:\WINDOWS\system32\unicows.dll
    2007-10-18 09:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
    .

    (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
    2007-12-13 18:49 1185120 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}

    [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
    [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
    [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
    [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-12-13 18:49 1185120]

    [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
    [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
    [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
    [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "VTTrayp"="VTtrayp.exe" [2004-06-21 20:57 143360 C:\WINDOWS\system32\VTTrayp.exe]
    "VTTimer"="VTTimer.exe" [2004-10-01 10:31 53248 C:\WINDOWS\system32\VTTimer.exe]
    "!AVG Anti-Spyware"="C:\Documents and Settings\Jani Vartia\Työpöytä\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-07 15:11 185896]

    C:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-03-09 13:15:46]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
    --a------ 2005-09-06 05:10 450560 C:\Program Files\VIAudioi\SBADeck\ADeck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    --a------ 2007-03-09 13:15 67128 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
    --a------ 2006-06-26 09:46 497200 C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
    --a------ 2006-06-26 10:34 614960 C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
    --a------ 2006-06-26 10:33 243248 C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a------ 2001-07-09 09:50 155648 C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
    --a------ 2007-12-18 03:02 471040 C:\Program Files\Winamp Remote\bin\OrbTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
    --a------ 2004-03-09 11:05 65536 C:\WINDOWS\SOUNDMAN.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
    --a------ 2004-04-23 14:28 77824 C:\Program Files\Logitech\Profiler\lwemon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    --a------ 2007-11-30 14:38 1266936 c:\program files\steam\steam.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2008-01-07 15:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    --a------ 2008-01-07 15:11 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
    -ra------ 2004-10-01 10:31 53248 C:\WINDOWS\system32\VTTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
    -ra------ 2004-06-21 20:57 143360 C:\WINDOWS\system32\VTTrayp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
    --a------ 2007-12-20 17:16 37376 C:\Program Files\Winamp\winampa.exe

    R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2008-01-12 13:47]
    R0 m5287;m5287;C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 07:00]
    R0 SiWinAcc;SiWinAcc;C:\WINDOWS\system32\drivers\SiWinAcc.sys [2003-10-15 04:28]
    R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 10:38]
    S1 F-Secure HIPS;F-Secure HIPS;C:\Program Files\Sonera Tietoturva\HIPS\fshs.sys [2007-04-26 19:11]
    S3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Sonera Tietoturva\Anti-Virus\minifilter\fsgk.sys [2007-04-26 19:07]
    S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 23:10]
    S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Sonera Tietoturva\Anti-Virus\Win2K\FSfilter.sys [2007-04-26 19:08]
    S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Sonera Tietoturva\Anti-Virus\Win2K\FSrec.sys [2007-04-26 19:08]
    S4 si3112r;si3112r;C:\WINDOWS\system32\drivers\si3112r.sys [2003-05-09 15:55]
    S4 viasraid;viasraid;C:\WINDOWS\system32\drivers\viasraid.sys [2003-06-12 17:31]

    .
    'Ajoitetut tehtävät'-kansion sisältö
    "2008-01-18 15:00:17 C:\WINDOWS\Tasks\Scheduled scanning task.job"
    - C:\PROGRA~1\SONERA~1\ANTI-V~1\fsav.exeQ /HARD /POLICY /SCHED /NOBREAK /REPORT=C:\PROGRA~1\SONERA~1\ANTI-V~1\report.txt
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-18 17:58:50
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-01-18 17:59:39
    ComboFix-quarantined-files.txt 2008-01-18 15:59:17
    ComboFix2.txt 2008-01-19 10:07:19
    ComboFix3.txt 2008-01-19 09:42:37
    ComboFix4.txt 2008-01-18 15:05:50
    .
    2008-01-19 09:11:05 --- E O F ---
     
  7. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    Oikein hyvä !!!
    Sä hoitelit käsin sen mihin erikoistyökalut eivät pystyneet (vundo on valmis)
    (ollaan voiton puolelella).
    ----------------------
    Toimii ainoastaan Explorerilla ==> salli ActiveX
    Skannaa koneesi Kaspersky Online Skannerilla

    Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.
    * Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.
    * Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.
    * Klikkaa nyt asetuksia, Scan Settings
    * Tarkista asetuksista, että seuraavat ovat valittuina:

    o Scan using the following Anti-Virus database:

    + Extended (Jos valittavissa, muuten valitse Standard)

    o Scan Options:

    + Scan Archives
    + Scan Mail Bases

    * Klikkaa OK
    * Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer
    * Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.
    * Klikkaa nyt Save as Text-painiketta.
    * Tallenna tiedosto työpöydällesi.
    * Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi.
    * HJT:n logi myös.
     
  8. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    ok.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:13:12, on 18.1.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    C:\Documents and Settings\Jani Vartia\Työpöytä\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
    C:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
    C:\Program Files\Sonera Tietoturva\Anti-Virus\FSGK32.EXE
    C:\Program Files\Sonera Tietoturva\Common\FSMB32.EXE
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Sonera Tietoturva\Common\FCH32.EXE
    C:\Program Files\Sonera Tietoturva\Common\FAMEH32.EXE
    C:\Program Files\Sonera Tietoturva\Anti-Virus\fsqh.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\VTtrayp.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Documents and Settings\Jani Vartia\Työpöytä\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Sonera Tietoturva\Anti-Virus\fssm32.exe
    C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
    C:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
    C:\Program Files\Sonera Tietoturva\FSAUA\program\fsus.exe
    C:\Program Files\Sonera Tietoturva\Anti-Virus\fsav32.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\hoojiitee\hoojiitee.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Jani Vartia\Työpöytä\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1157102305475
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Documents and Settings\Jani Vartia\Työpöytä\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    --
    End of file - 5285 bytes


    -------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER REPORT
    Friday, January 18, 2008 8:12:18 PM
    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 18/01/2008
    Kaspersky Anti-Virus database records: 522081
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: extended
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\

    Scan Statistics:
    Total number of scanned objects: 54866
    Number of viruses found: 0
    Number of infected objects: 0
    Number of suspicious objects: 0
    Duration of the scan process: 00:53:15

    Infected Object Name / Virus Name / Last Action
    C:\Documents and Settings\All Users\Application Data\F-Secure\logs\FSMA\fsma.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
    C:\Documents and Settings\Jani Vartia\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\Jani Vartia\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Jani Vartia\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Jani Vartia\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Jani Vartia\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Jani Vartia\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Jani Vartia\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\chandir.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\chandir.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\chn.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\chn.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\D0000000.FCS Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\inuse.txt Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\L0000094.FCS Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\main.log Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\prs.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\prs.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\prs_die.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\prs_die.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\prs_dnd.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\prs_dnd.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\prs_ext.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\prs_ext.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\prs_rcv.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\prs_rcv.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\storydb.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jani Vartia\Data\storydb.idx Object is locked skipped
    C:\Program Files\Sonera Tietoturva\Anti-Virus\dbupdate.log Object is locked skipped
    C:\Program Files\Sonera Tietoturva\Anti-Virus\deleteme_msg.log Object is locked skipped
    C:\Program Files\Sonera Tietoturva\Anti-Virus\fsqh.exe.Qrt.log Object is locked skipped
    C:\Program Files\Sonera Tietoturva\Anti-Virus\perf.dat Object is locked skipped
    C:\Program Files\Sonera Tietoturva\Anti-Virus\power.dat Object is locked skipped
    C:\Program Files\Sonera Tietoturva\Common\policy.bpf Object is locked skipped
    C:\Program Files\Sonera Tietoturva\Common\policy.ipf Object is locked skipped
    C:\Program Files\Sonera Tietoturva\FSAUA\fsbwupst.log Object is locked skipped
    C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.dbg Object is locked skipped
    C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.log Object is locked skipped
    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    C:\System Volume Information\_restore{9C233CE6-52B4-4664-BECB-4A48ADBDBB76}\RP12\A0003967.dll Object is locked skipped
    C:\System Volume Information\_restore{9C233CE6-52B4-4664-BECB-4A48ADBDBB76}\RP17\A0010039.dll Object is locked skipped
    C:\System Volume Information\_restore{9C233CE6-52B4-4664-BECB-4A48ADBDBB76}\RP19\A0011222.dll Object is locked skipped
    C:\System Volume Information\_restore{9C233CE6-52B4-4664-BECB-4A48ADBDBB76}\RP19\A0011223.dll Object is locked skipped
    C:\System Volume Information\_restore{9C233CE6-52B4-4664-BECB-4A48ADBDBB76}\RP27\change.log Object is locked skipped
    C:\System Volume Information\_restore{9C233CE6-52B4-4664-BECB-4A48ADBDBB76}\RP5\A0000758.dll Object is locked skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\EventCache\{C0DE585A-B221-433A-9552-C6F8C145FDF1}.bin Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\Sti_Trace.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\default Object is locked skipped
    C:\WINDOWS\system32\config\default.LOG Object is locked skipped
    C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
    C:\WINDOWS\system32\config\SAM Object is locked skipped
    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\system32\config\software Object is locked skipped
    C:\WINDOWS\system32\config\software.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\system Object is locked skipped
    C:\WINDOWS\system32\config\system.LOG Object is locked skipped
    C:\WINDOWS\system32\h323log.txt Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\TEMP\AVP47BA.tmp Object is locked skipped
    C:\WINDOWS\TEMP\AVP47BB.tmp Object is locked skipped
    C:\WINDOWS\TEMP\AVP47BE.tmp Object is locked skipped
    C:\WINDOWS\TEMP\AVP47BF.tmp Object is locked skipped
    C:\WINDOWS\TEMP\Perflib_Perfdata_b4.dat Object is locked skipped
    C:\WINDOWS\wiadebug.log Object is locked skipped
    C:\WINDOWS\wiaservc.log Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    Scan process completed.


     
  9. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    jatketaan huomenna jos vain jaksat ja kiitos tähän astisesta asvusta
     
  10. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
  11. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    huomenta miltä näytti
     
  12. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    Oikein hyvää huomenta !!!
    Viruksia ei näkynyt enään, mutta F-Sekuren pitää varmaan asentaa uudelleen
    Olisko lie saanut senverran siipeensä.
    Laita sen jäkeen HJT logi
    PS.
    miltä se kone alkaa tuntua ???
     
  13. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    kone tuntuu hyvältä mut mese kuulemma lähettelee viestejä itekseen ja näyttää et oisin kirjautuneena
     
  14. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    Sitä mese hommaa on ollut monilla
    Ovat käskeneet vaihtaa salasanaa.

    Tämä on myös käynnistyksessä tarpeeton Fixaa HJT:llä pois.
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    ctf.monfix.bat Hiiren oikealla napilla ja muokkaa valinta.
    Lähetä sen siltö tänne.
     
  15. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    täs hj logi


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:16:15, on 19.1.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    C:\Documents and Settings\Jani Vartia\Työpöytä\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
    C:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
    C:\Program Files\Sonera Tietoturva\Anti-Virus\FSGK32.EXE
    C:\Program Files\Sonera Tietoturva\Common\FSMB32.EXE
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Sonera Tietoturva\Common\FCH32.EXE
    C:\Program Files\Sonera Tietoturva\Common\FAMEH32.EXE
    C:\Program Files\Sonera Tietoturva\Anti-Virus\fsqh.exe
    C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
    C:\Program Files\Sonera Tietoturva\Anti-Virus\fssm32.exe
    C:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Sonera Tietoturva\FSAUA\program\fsus.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Documents and Settings\Jani Vartia\Työpöytä\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Sonera Tietoturva\Common\FSM32.EXE
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Sonera Tietoturva\FSGUI\fsguidll.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Sonera Tietoturva\Anti-Virus\fsav32.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\hoojiitee\hoojiitee.exe
    C:\WINDOWS\SoftwareDistribution\Download\48e8301ea45ef4d00cbc2e18d22d00ea\update\update.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Jani Vartia\Työpöytä\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Sonera Tietoturva\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Sonera Tietoturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1157102305475
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Documents and Settings\Jani Vartia\Työpöytä\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    --
    End of file - 5849 bytes
     
  16. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    @echo on
    Regsvr32.exe /u msimtf.dll
    Regsvr32.exe /u Msctf.dll


    täytyy vaihtaa sit messengerin salasana
     
  17. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    Aina vaan paranee Fsecurekin nousi pystyyn. Vinukan muurin saa sammuttaa.

    => ctf.monfix.bat tämän saat poistaa ei tarvita enään.

    Luultavasti tämä lähettelee mesejä:
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    Fixaa pois:
    poista myös tiedosto:
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

    Joko mese rauhoittui ???

    Aloitetaanko virus-suojien raketelu ????
     
  18. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    sori ku kesti piti käydä pelaamassa peli välissä
    juu aletaan vaan rakentelee
     
  19. kalminen

    kalminen Regular member

    Liittynyt:
    04.05.2007
    Viestejä:
    3,915
    Kiitokset:
    0
    Pisteet:
    46
    Joko mese rauhoittui ???
     
  20. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    joo ei kuulemma heittele viestejä enään itekseen
     
  21. j.pv

    j.pv Member

    Liittynyt:
    27.04.2005
    Viestejä:
    83
    Kiitokset:
    0
    Pisteet:
    16
    joo ei oo mese enää lähetelly :)
     

Jaa tämä sivu