AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
tiistai 22.7.2025 / 21:04
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > kone tökkii ja herjaa vundoa
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
Kone tökkii ja herjaa vundoa
  Siirry:
 
Kirjoittaja Viesti
JPN79
Newbie
_ 		2. maaliskuuta 2007 @ 16:21 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
kokeilin muutamaa ohjelmaa esim vundofix ja agv:tä.vundo löysi jotain ja korjas vissiin asian,täs olis HjT file Logfile of HijackThis v1.99.1
Scan saved at 21:05:57, on 2.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\jallu\Työpöytä\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0D9CE4D7-480E-4DD9-A4A2-7ECE1A6E921E} - C:\WINDOWS\system32\pmnll.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {3C503E1A-BB2D-7625-3CB0-0BA12C17A258} - C:\WINDOWS\system32\lcbnaxc.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {78BF8974-A9A7-47CE-A9E0-29A92DF626E2} - C:\WINDOWS\system32\khfcbxw.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {B4EFE0DD-4CFA-430B-BBC3-E8FD16C45D71} - C:\WINDOWS\system32\mllml.dll (file missing)
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\system32\qcngfpwk.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton-työkalurivi - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat...b?1141620351656
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1141384360812
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O18 - Protocol: bw+0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: khfcbxw - C:\WINDOWS\SYSTEM32\khfcbxw.dll
O20 - Winlogon Notify: pmnll - C:\WINDOWS\system32\pmnll.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winzdn32 - winzdn32.dll (file missing)
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Automaattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
[ + lainaa]
tomato71
Suspended due to non-functional email address
_ 		2. maaliskuuta 2007 @ 16:44 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Moi!

1) Lataa VirtumundoBegone
2) Tallenna VirtumundoBeGone.exe työpöydällesi.
3) Aja VirtumundoBeGone.exe ja seuraa ohjeita. Älä huoli jos näet sinisen ruudun "Fatal Error" viestin, tämä on normaalia.
4) Kun työkalu on valmis, käynnistä kone uudelleen.

Se luo työpöydällesi lokin nimeltä VBG.TXT, kopioi ja liitä sen sisältö vastaukseesi.[/code]
* Lataa Dr.Web CureIt työpöydälle:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
[list]
[*]Tuplaklikkaa drweb-cureit.exe ja anna sen tehdä express scan
[*]Se skannaa käynnissä olevat ohjelmat ja jos jotain löytyy, klikkaa yes kun se kysyy haluatko poistaa sen. Tämä on vain lyhyt scan.
[*]Kun scan on valmis, merkkaa asemat, jotka haluat scannata.
[*]Valitse kaikki asemat. Punainen piste osoittaa, mitkä asemat on valittu.
[*]Klikaa vihreää nuolta oikealla ja scan alkaa.
[*]Klikkaa 'Yes to all', jos kysytään haluatko poistaa/siirtää tiedoston.
[*]Kun scan on valmis, katso voitko klikata next-kuvaketta löytyneiden tiedostojen vieressä:

[*]Jos asia on niin, klikkaa sitä ja sitten klikkaa next-kuvaketta oikealla alhaalla ja valitse Move incurable kuten alla olevalla kuvassa:


Tämä siirtää sen %userprofile%\DoctorWeb\quarantine-hakemistoon.
[*]Tämän jälkeen klikkaa Dr.Web CureIt-valikossa file ja valitse save report list
[*]Tallenna raportti työpöydälle. Raportin nimi on DrWeb.csv
[*]Sulje Dr.Web Cureit.
[*]Käynnistä kone uudelleen !! Tämä siksi, että käytössä olevat tiedostot poistetaan/siirretään käynnistyksen yhteydessä.
[*]Käynnistyksen jälkeen liitä Dr.Web-lokin, jonka tallensit aiemmin, sisältö seuraavaan vastaukseesi.
[/list]


Lähetä VBG.TXT + DrWeb-loki ja uusi HjT-loki
[ + lainaa]
JPN79
Newbie
_ 		4. maaliskuuta 2007 @ 07:18 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
qcngfpwk.dll;c:\windows\system32;Trojan.Virtumod;Deleted.;
pmnll.dll.vir;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
nso5.tmp;C:\Documents and Settings\jallu\Local Settings\Temp;Tool.Prockill;Moved.;
nsh13.tmp;C:\Documents and Settings\jallu\Local Settings\Temp;Tool.Prockill;Moved.;
mllml.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
lo1[1];C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\NFH3FLWW;Trojan.Virtumod;Deleted.;
khfcbxw.dll.vir;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
jkkljhg.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
installdrivecleanerstart[1].exe;C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\4TANC9QF;Trojan.DownLoader.18101;Deleted.;
FOYGq2JV9B[1].exe;C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\NFH3FLWW;Trojan.DownLoader.based;Deleted.;
Dc721.exe;C:\RECYCLER\S-1-5-21-484763869-152049171-839522115-1003;Trojan.DownLoader.based;Deleted.;
Dc456.exe;C:\RECYCLER\S-1-5-21-484763869-152049171-839522115-1003;Trojan.Mezzia;Deleted.;
Dc259.exe;C:\RECYCLER\S-1-5-21-484763869-152049171-839522115-1003;Trojan.Virtumod;Deleted.;
Dc2415.exe;C:\RECYCLER\S-1-5-21-484763869-152049171-839522115-1003;Trojan.DownLoader.18101;Deleted.;
antzom[1].exe;C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\NFH3FLWW;Trojan.Mezzia;Deleted.;
anti4[1].exe;C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\K9IV8HMV;Trojan.Virtumod;Deleted.;
A0094222.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.DownLoader.based;Deleted.;
A0094221.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.Mezzia;Deleted.;
A0094220.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.Virtumod;Deleted.;
A0094219.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.DownLoader.18101;Deleted.;
A0094218.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.Virtumod;Deleted.;
A0094211.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.Virtumod;Deleted.;
A0094210.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.Virtumod;Deleted.;
A0093672.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP458;Trojan.Mezzia;Deleted.;
A0093655.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP458;Trojan.Virtumod;Deleted.;
A0093654.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP458;Trojan.Virtumod;Deleted.;
A0093650.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP458;Trojan.Virtumod;Deleted.;
A0093637.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP458;Trojan.Virtumod;Deleted.;
A0093599.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP456;Trojan.Virtumod;Deleted.;
A0093598.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP456;Trojan.Virtumod;Deleted.;
A0093597.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP456;Trojan.Virtumod;Deleted.;
A0093593.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP456;Trojan.Virtumod;Deleted.;
A0093592.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP456;Trojan.Virtumod;Deleted.;
A0092361.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Trojan.DownLoader.18101;Deleted.;
A0092301.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Trojan.Mezzia;Deleted.;
A0092299.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Trojan.MulDrop.5623;Deleted.;
A0091686.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Trojan.MulDrop.5623;Deleted.;
A0091685.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Trojan.MulDrop.5623;Deleted.;
A0091636.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Tool.ShutDown.11;Moved.;
A0091634.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Tool.Prockill;Moved.;
A0091443.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP452;Trojan.Fakealert.249;Deleted.;
A0091433.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP452;Trojan.Fakealert.249;Deleted.;
A0091430.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP452;Trojan.Fakealert.249;Deleted.;
A0088702.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP446;Trojan.Virtumod;Deleted.;
qcngfpwk.dll;c:\windows\system32;Trojan.Virtumod;Deleted.;
pmnll.dll.vir;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
nso5.tmp;C:\Documents and Settings\jallu\Local Settings\Temp;Tool.Prockill;Moved.;
nsh13.tmp;C:\Documents and Settings\jallu\Local Settings\Temp;Tool.Prockill;Moved.;
mllml.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
lo1[1];C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\NFH3FLWW;Trojan.Virtumod;Deleted.;
khfcbxw.dll.vir;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
jkkljhg.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
installdrivecleanerstart[1].exe;C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\4TANC9QF;Trojan.DownLoader.18101;Deleted.;
FOYGq2JV9B[1].exe;C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\NFH3FLWW;Trojan.DownLoader.based;Deleted.;
Dc721.exe;C:\RECYCLER\S-1-5-21-484763869-152049171-839522115-1003;Trojan.DownLoader.based;Deleted.;
Dc456.exe;C:\RECYCLER\S-1-5-21-484763869-152049171-839522115-1003;Trojan.Mezzia;Deleted.;
Dc259.exe;C:\RECYCLER\S-1-5-21-484763869-152049171-839522115-1003;Trojan.Virtumod;Deleted.;
Dc2415.exe;C:\RECYCLER\S-1-5-21-484763869-152049171-839522115-1003;Trojan.DownLoader.18101;Deleted.;
antzom[1].exe;C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\NFH3FLWW;Trojan.Mezzia;Deleted.;
anti4[1].exe;C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\K9IV8HMV;Trojan.Virtumod;Deleted.;
A0094222.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.DownLoader.based;Deleted.;
A0094221.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.Mezzia;Deleted.;
A0094220.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.Virtumod;Deleted.;
A0094219.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.DownLoader.18101;Deleted.;
A0094218.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.Virtumod;Deleted.;
A0094211.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.Virtumod;Deleted.;
A0094210.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP459;Trojan.Virtumod;Deleted.;
A0093672.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP458;Trojan.Mezzia;Deleted.;
A0093655.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP458;Trojan.Virtumod;Deleted.;
A0093654.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP458;Trojan.Virtumod;Deleted.;
A0093650.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP458;Trojan.Virtumod;Deleted.;
A0093637.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP458;Trojan.Virtumod;Deleted.;
A0093599.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP456;Trojan.Virtumod;Deleted.;
A0093598.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP456;Trojan.Virtumod;Deleted.;
A0093597.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP456;Trojan.Virtumod;Deleted.;
A0093593.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP456;Trojan.Virtumod;Deleted.;
A0093592.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP456;Trojan.Virtumod;Deleted.;
A0092361.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Trojan.DownLoader.18101;Deleted.;
A0092301.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Trojan.Mezzia;Deleted.;
A0092299.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Trojan.MulDrop.5623;Deleted.;
A0091686.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Trojan.MulDrop.5623;Deleted.;
A0091685.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Trojan.MulDrop.5623;Deleted.;
A0091636.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Tool.ShutDown.11;Moved.;
A0091634.exe;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454;Tool.Prockill;Moved.;
A0091443.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP452;Trojan.Fakealert.249;Deleted.;
A0091433.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP452;Trojan.Fakealert.249;Deleted.;
A0091430.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP452;Trojan.Fakealert.249;Deleted.;
A0088702.dll;C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP446;Trojan.Virtumod;Deleted.;
Logfile of HijackThis v1.99.1
Scan saved at 12:12:10, on 4.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Documents and Settings\jallu\Työpöytä\HijackThis_v1.99.1.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {3C503E1A-BB2D-7625-3CB0-0BA12C17A258} - C:\WINDOWS\system32\lcbnaxc.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {B4EFE0DD-4CFA-430B-BBC3-E8FD16C45D71} - C:\WINDOWS\system32\mllml.dll (file missing)
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\system32\qcngfpwk.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton-työkalurivi - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat...b?1141620351656
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1141384360812
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O18 - Protocol: bw+0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winzdn32 - winzdn32.dll (file missing)
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Automaattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
[ + lainaa]
jallu79
tomato71
Suspended due to non-functional email address
_ 		4. maaliskuuta 2007 @ 07:27 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
se virtumundobegone loki vielä
[ + lainaa]
JPN79
Newbie
_ 		5. maaliskuuta 2007 @ 05:39 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Joo eikö se oo tämä.
[03/03/2007, 14:47:57] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\jallu\Työpöytä\VirtumundoBeGone.exe" )
[03/03/2007, 14:48:06] - Detected System Information:
[03/03/2007, 14:48:06] - Windows Version: 5.1.2600, Service Pack 2
[03/03/2007, 14:48:06] - Current Username: jallu (Admin)
[03/03/2007, 14:48:06] - Windows is in NORMAL mode.
[03/03/2007, 14:48:06] - Searching for Browser Helper Objects:
[03/03/2007, 14:48:06] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[03/03/2007, 14:48:06] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[03/03/2007, 14:48:06] - BHO 3: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} ()
[03/03/2007, 14:48:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:48:06] - Checking for HKLM\...\Winlogon\Notify\NppBho
[03/03/2007, 14:48:06] - Key not found: HKLM\...\Winlogon\Notify\NppBho, continuing.
[03/03/2007, 14:48:06] - BHO 4: {3C503E1A-BB2D-7625-3CB0-0BA12C17A258} ()
[03/03/2007, 14:48:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:48:06] - Checking for HKLM\...\Winlogon\Notify\lcbnaxc
[03/03/2007, 14:48:06] - Key not found: HKLM\...\Winlogon\Notify\lcbnaxc, continuing.
[03/03/2007, 14:48:06] - BHO 5: {78BF8974-A9A7-47CE-A9E0-29A92DF626E2} ()
[03/03/2007, 14:48:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:48:06] - Checking for HKLM\...\Winlogon\Notify\khfcbxw
[03/03/2007, 14:48:06] - Found: HKLM\...\Winlogon\Notify\khfcbxw - This is probably Virtumundo.
[03/03/2007, 14:48:06] - Assigning {78BF8974-A9A7-47CE-A9E0-29A92DF626E2} MSEvents Object
[03/03/2007, 14:48:06] - BHO list has been changed! Starting over...
[03/03/2007, 14:48:06] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[03/03/2007, 14:48:06] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[03/03/2007, 14:48:06] - BHO 3: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} ()
[03/03/2007, 14:48:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:48:06] - Checking for HKLM\...\Winlogon\Notify\NppBho
[03/03/2007, 14:48:06] - Key not found: HKLM\...\Winlogon\Notify\NppBho, continuing.
[03/03/2007, 14:48:06] - BHO 4: {3C503E1A-BB2D-7625-3CB0-0BA12C17A258} ()
[03/03/2007, 14:48:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:48:06] - Checking for HKLM\...\Winlogon\Notify\lcbnaxc
[03/03/2007, 14:48:06] - Key not found: HKLM\...\Winlogon\Notify\lcbnaxc, continuing.
[03/03/2007, 14:48:06] - BHO 5: {78BF8974-A9A7-47CE-A9E0-29A92DF626E2} (MSEvents Object)
[03/03/2007, 14:48:06] - ALERT: Found MSEvents Object!
[03/03/2007, 14:48:06] - BHO 6: {A1C041E3-F6CC-4582-BD15-1124D9A06747} ()
[03/03/2007, 14:48:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:48:06] - Checking for HKLM\...\Winlogon\Notify\pmnll
[03/03/2007, 14:48:06] - Found: HKLM\...\Winlogon\Notify\pmnll - This is probably Virtumundo.
[03/03/2007, 14:48:06] - Assigning {A1C041E3-F6CC-4582-BD15-1124D9A06747} MSEvents Object
[03/03/2007, 14:48:06] - BHO list has been changed! Starting over...
[03/03/2007, 14:48:06] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[03/03/2007, 14:48:06] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[03/03/2007, 14:48:06] - BHO 3: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} ()
[03/03/2007, 14:48:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:48:06] - Checking for HKLM\...\Winlogon\Notify\NppBho
[03/03/2007, 14:48:06] - Key not found: HKLM\...\Winlogon\Notify\NppBho, continuing.
[03/03/2007, 14:48:06] - BHO 4: {3C503E1A-BB2D-7625-3CB0-0BA12C17A258} ()
[03/03/2007, 14:48:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:48:06] - Checking for HKLM\...\Winlogon\Notify\lcbnaxc
[03/03/2007, 14:48:06] - Key not found: HKLM\...\Winlogon\Notify\lcbnaxc, continuing.
[03/03/2007, 14:48:06] - BHO 5: {78BF8974-A9A7-47CE-A9E0-29A92DF626E2} (MSEvents Object)
[03/03/2007, 14:48:06] - ALERT: Found MSEvents Object!
[03/03/2007, 14:48:06] - BHO 6: {A1C041E3-F6CC-4582-BD15-1124D9A06747} (MSEvents Object)
[03/03/2007, 14:48:06] - ALERT: Found MSEvents Object!
[03/03/2007, 14:48:06] - BHO 7: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[03/03/2007, 14:48:06] - BHO 8: {B4EFE0DD-4CFA-430B-BBC3-E8FD16C45D71} ()
[03/03/2007, 14:48:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:48:06] - Checking for HKLM\...\Winlogon\Notify\mllml
[03/03/2007, 14:48:06] - Key not found: HKLM\...\Winlogon\Notify\mllml, continuing.
[03/03/2007, 14:48:06] - BHO 9: {D38439EC-4A7F-42b4-90C2-D810D7778FDD} ()
[03/03/2007, 14:48:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:48:06] - Checking for HKLM\...\Winlogon\Notify\qcngfpwk
[03/03/2007, 14:48:06] - Key not found: HKLM\...\Winlogon\Notify\qcngfpwk, continuing.
[03/03/2007, 14:48:06] - BHO 10: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
[03/03/2007, 14:48:06] - Finished Searching Browser Helper Objects
[03/03/2007, 14:48:06] - *** Detected MSEvents Object
[03/03/2007, 14:48:06] - Trying to remove MSEvents Object...
[03/03/2007, 14:48:07] - Terminating Process: IEXPLORE.EXE
[03/03/2007, 14:48:07] - Terminating Process: RUNDLL32.EXE
[03/03/2007, 14:48:07] - Disabling Automatic Shell Restart
[03/03/2007, 14:48:07] - Terminating Process: EXPLORER.EXE
[03/03/2007, 14:48:07] - Suspending the NT Session Manager System Service
[03/03/2007, 14:48:07] - Terminating Windows NT Logon/Logoff Manager
[03/03/2007, 14:53:09] - Re-enabling Automatic Shell Restart
[03/03/2007, 14:53:09] - File to disable: C:\WINDOWS\system32\khfcbxw.dll
[03/03/2007, 14:53:09] - Renaming C:\WINDOWS\system32\khfcbxw.dll -> C:\WINDOWS\system32\khfcbxw.dll.vir
[03/03/2007, 14:53:09] - File successfully renamed!
[03/03/2007, 14:53:09] - Removing HKLM\...\Browser Helper Objects\{78BF8974-A9A7-47CE-A9E0-29A92DF626E2}
[03/03/2007, 14:53:09] - Removing HKCR\CLSID\{78BF8974-A9A7-47CE-A9E0-29A92DF626E2}
[03/03/2007, 14:53:09] - Adding Kill Bit for ActiveX for GUID: {78BF8974-A9A7-47CE-A9E0-29A92DF626E2}
[03/03/2007, 14:53:09] - Deleting ATLEvents/MSEvents Registry entries
[03/03/2007, 14:53:09] - Removing HKLM\...\Winlogon\Notify\khfcbxw
[03/03/2007, 14:53:09] - Searching for Browser Helper Objects:
[03/03/2007, 14:53:09] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[03/03/2007, 14:53:09] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[03/03/2007, 14:53:09] - BHO 3: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} ()
[03/03/2007, 14:53:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:53:09] - Checking for HKLM\...\Winlogon\Notify\NppBho
[03/03/2007, 14:53:09] - Key not found: HKLM\...\Winlogon\Notify\NppBho, continuing.
[03/03/2007, 14:53:09] - BHO 4: {3C503E1A-BB2D-7625-3CB0-0BA12C17A258} ()
[03/03/2007, 14:53:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:53:09] - Checking for HKLM\...\Winlogon\Notify\lcbnaxc
[03/03/2007, 14:53:09] - Key not found: HKLM\...\Winlogon\Notify\lcbnaxc, continuing.
[03/03/2007, 14:53:09] - BHO 5: {A1C041E3-F6CC-4582-BD15-1124D9A06747} (MSEvents Object)
[03/03/2007, 14:53:09] - ALERT: Found MSEvents Object!
[03/03/2007, 14:53:09] - BHO 6: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[03/03/2007, 14:53:09] - BHO 7: {B4EFE0DD-4CFA-430B-BBC3-E8FD16C45D71} ()
[03/03/2007, 14:53:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:53:09] - Checking for HKLM\...\Winlogon\Notify\mllml
[03/03/2007, 14:53:09] - Key not found: HKLM\...\Winlogon\Notify\mllml, continuing.
[03/03/2007, 14:53:09] - BHO 8: {D38439EC-4A7F-42b4-90C2-D810D7778FDD} ()
[03/03/2007, 14:53:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:53:09] - Checking for HKLM\...\Winlogon\Notify\qcngfpwk
[03/03/2007, 14:53:09] - Key not found: HKLM\...\Winlogon\Notify\qcngfpwk, continuing.
[03/03/2007, 14:53:09] - BHO 9: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
[03/03/2007, 14:53:09] - Finished Searching Browser Helper Objects
[03/03/2007, 14:53:09] - *** Detected MSEvents Object
[03/03/2007, 14:53:09] - Trying to remove MSEvents Object...
[03/03/2007, 14:53:10] - Terminating Process: IEXPLORE.EXE
[03/03/2007, 14:53:10] - Terminating Process: RUNDLL32.EXE
[03/03/2007, 14:53:11] - Disabling Automatic Shell Restart
[03/03/2007, 14:53:11] - Terminating Process: EXPLORER.EXE
[03/03/2007, 14:53:11] - Suspending the NT Session Manager System Service
[03/03/2007, 14:53:11] - Terminating Windows NT Logon/Logoff Manager
[03/03/2007, 14:53:11] - Re-enabling Automatic Shell Restart
[03/03/2007, 14:53:11] - File to disable: C:\WINDOWS\system32\pmnll.dll
[03/03/2007, 14:53:11] - Renaming C:\WINDOWS\system32\pmnll.dll -> C:\WINDOWS\system32\pmnll.dll.vir
[03/03/2007, 14:53:11] - File successfully renamed!
[03/03/2007, 14:53:11] - Removing HKLM\...\Browser Helper Objects\{A1C041E3-F6CC-4582-BD15-1124D9A06747}
[03/03/2007, 14:53:11] - Removing HKCR\CLSID\{A1C041E3-F6CC-4582-BD15-1124D9A06747}
[03/03/2007, 14:53:11] - Adding Kill Bit for ActiveX for GUID: {A1C041E3-F6CC-4582-BD15-1124D9A06747}
[03/03/2007, 14:53:11] - Deleting ATLEvents/MSEvents Registry entries
[03/03/2007, 14:53:11] - Removing HKLM\...\Winlogon\Notify\pmnll
[03/03/2007, 14:53:11] - Searching for Browser Helper Objects:
[03/03/2007, 14:53:11] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[03/03/2007, 14:53:11] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[03/03/2007, 14:53:11] - BHO 3: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} ()
[03/03/2007, 14:53:11] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:53:11] - Checking for HKLM\...\Winlogon\Notify\NppBho
[03/03/2007, 14:53:11] - Key not found: HKLM\...\Winlogon\Notify\NppBho, continuing.
[03/03/2007, 14:53:11] - BHO 4: {3C503E1A-BB2D-7625-3CB0-0BA12C17A258} ()
[03/03/2007, 14:53:11] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:53:11] - Checking for HKLM\...\Winlogon\Notify\lcbnaxc
[03/03/2007, 14:53:11] - Key not found: HKLM\...\Winlogon\Notify\lcbnaxc, continuing.
[03/03/2007, 14:53:11] - BHO 5: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[03/03/2007, 14:53:11] - BHO 6: {B4EFE0DD-4CFA-430B-BBC3-E8FD16C45D71} ()
[03/03/2007, 14:53:11] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:53:11] - Checking for HKLM\...\Winlogon\Notify\mllml
[03/03/2007, 14:53:11] - Key not found: HKLM\...\Winlogon\Notify\mllml, continuing.
[03/03/2007, 14:53:11] - BHO 7: {D38439EC-4A7F-42b4-90C2-D810D7778FDD} ()
[03/03/2007, 14:53:11] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2007, 14:53:11] - Checking for HKLM\...\Winlogon\Notify\qcngfpwk
[03/03/2007, 14:53:11] - Key not found: HKLM\...\Winlogon\Notify\qcngfpwk, continuing.
[03/03/2007, 14:53:11] - BHO 8: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
[03/03/2007, 14:53:11] - Finished Searching Browser Helper Objects
[03/03/2007, 14:53:11] - Finishing up...
[03/03/2007, 14:53:11] - A restart is needed.
[03/03/2007, 16:48:19] - Attempting to Restart via STOP error (Blue Screen!)
[ + lainaa]
jallu79
tomato71
Suspended due to non-functional email address
_ 		5. maaliskuuta 2007 @ 06:00 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
niin ja tuore HjT-loki vielä(unohdin pyytää sitä edellises viestis :()

edit/ei tarvitse lähettää vielä.en huomannu sitä siellä lokien välissä
[ + lainaa]

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 5. maaliskuuta 2007 @ 07:48
tomato71
Suspended due to non-functional email address
_ 		5. maaliskuuta 2007 @ 09:57 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
ja sitten...

Siirrä HijackThis.exe omaan kansioon C:\HJT\HijackThis.exe

.
Tee uusi HjT-scannaus Do a System scan only
Sulje kaikki muut ikkunat ja selaimen.Merkkaa nämä rivit ja paina Fix checked


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {3C503E1A-BB2D-7625-3CB0-0BA12C17A258} - C:\WINDOWS\system32\lcbnaxc.dll
O2 - BHO: (no name) - {B4EFE0DD-4CFA-430B-BBC3-E8FD16C45D71} - C:\WINDOWS\system32\mllml.dll (file missing)
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\system32\qcngfpwk.dll (file missing)
O20 - Winlogon Notify: winzdn32 - winzdn32.dll (file missing)

Lataa VundoFix.exe työpöydällesi.
Tupla-klikkaa VundoFix.exe ajaaksesi sen.

Oikea-klikkaa listaboksin sisällä (valkoinen laatikko) ja valitse Add more files
Kopioi ja liitä seuraavat 2 riviä kahteen ylimmäiseen boksiin

C:\WINDOWS\system32\lcbnaxc.dll
C:\WINDOWS\system32\cxanbcl.*

Klikkaa Add Files ja sitten klikkaa Close Window.
Kun skannaus on valmis, klikkaa Remove Vundo valintaa.
Sinulta kysytään haluatko poistaa filut - klikkaa YES.
Kun olet klikannut yes, työpöytäsi tyhjenee kun se alkaa poistamaan Vundoa.
Kun se on valmis, fiksi ilmoittaa käynnistäväsi koneesi uudelleen, klikkaa OK.
Postita C:\vundofix.txt lokin sekä tuoreen HijackThis lokin sisältö.


Huomaa: Se on mahdollista että VundoFix löysi tiedoston jota se ei pystynyt poistamaan.
Tässä tilanteessa, VundoFix ajaa itsensä rebootissa, seuraa vain yläpuolelle olevia ohjeita alkaen kohdasta "Klikkaa Scan for Vundo valintaa." kun VundoFix ilmaantuu uudelleenkäynnistyksen yhteydessä.

Postita C:\vundofix.txt lokin sekä tuoreen HijackThis lokin sisältö.
[ + lainaa]
JPN79
Newbie
_ 		5. maaliskuuta 2007 @ 16:49 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
ja yritetty on?
VundoFix V6.3.11

Checking Java version...

Sun Java not detected
Scan started at 19:13:20 2.3.2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.3.11

Checking Java version...

Sun Java not detected
Scan started at 20:17:57 2.3.2007

Listing files found while scanning....

C:\WINDOWS\system32\jkkljhg.dll
C:\WINDOWS\system32\lmllm.bak1
C:\WINDOWS\system32\lmllm.bak2
C:\WINDOWS\system32\lmllm.ini
C:\WINDOWS\system32\mllml.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\jkkljhg.dll
C:\WINDOWS\system32\jkkljhg.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\lmllm.bak1
C:\WINDOWS\system32\lmllm.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\lmllm.bak2
C:\WINDOWS\system32\lmllm.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\lmllm.ini
C:\WINDOWS\system32\lmllm.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\mllml.dll
C:\WINDOWS\system32\mllml.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\jkkljhg.dll
C:\WINDOWS\system32\jkkljhg.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mllml.dll
C:\WINDOWS\system32\mllml.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.3.11

Checking Java version...

Sun Java not detected
Scan started at 20:28:37 2.3.2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.3.11

Checking Java version...

Sun Java not detected
Scan started at 21:24:33 5.3.2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.3.11

Checking Java version...

Sun Java not detected
Scan started at 21:37:23 5.3.2007

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V6.3.11

Checking Java version...

Sun Java not detected
Scan started at 21:38:58 5.3.2007

Listing files found while scanning....

No infected files were found.


Beginning removal...

Performing Repairs to the registry.
Done!
Logfile of HijackThis v1.99.1
Scan saved at 21:48:12, on 5.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton-työkalurivi - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat...b?1141620351656
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1141384360812
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O18 - Protocol: bw+0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Automaattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
[ + lainaa]
jallu79
tomato71
Suspended due to non-functional email address
_ 		5. maaliskuuta 2007 @ 17:53 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
ja sitten vielä tarkistus...

Skannaa koneesi Kaspersky Online Skannerilla

Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.[list]
[*] Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.
[*] Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.
[*] Klikkaa nyt asetuksia, Scan Settings
[*] Tarkista asetuksista, että seuraavat ovat valittuina:

o Scan using the following Anti-Virus database:

+ Extended (Jos valittavissa, muuten valitse Standard)

o Scan Options:

+ Scan Archives
+ Scan Mail Bases

[*] Klikkaa OK
[*] Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer
[*] Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.
[*] Klikkaa nyt Save as Text-painiketta.
[*] Tallenna tiedosto työpöydällesi.
[*] Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi.[/list][/size]


Lähetä uusi HjT-loki ja Kaspersky-loki
[ + lainaa]
JPN79
Newbie
_ 		6. maaliskuuta 2007 @ 11:25 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Logfile of HijackThis v1.99.1
Scan saved at 16:21:26, on 6.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HJT\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton-työkalurivi - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat...b?1141620351656
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1141384360812
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O18 - Protocol: bw+0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Automaattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

KASPERSKY ONLINE SCANNER REPORT
Tuesday, March 06, 2007 4:20:04 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 6/03/2007
Kaspersky Anti-Virus database records: 276439
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
Scan Statistics
Total number of scanned objects 90929
Number of viruses found 11
Number of infected objects 26 / 0
Number of suspicious objects 0
Duration of the scan process 02:03:58

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-03-06_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03E631FF.exe Infected: Trojan-Downloader.Win32.INService.bl skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5AA215FF.exe Infected: not-a-virus:Downloader.Win32.Agent.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\65D5195D.exe Infected: Trojan-Downloader.Win32.Tiny.fk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\1B0F7A66.TMP Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SubEng\submissions.idx Object is locked skipped
C:\Documents and Settings\jallu\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\jallu\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\jallu\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\jallu\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\NFH3FLWW\xc29[1].exe Infected: Trojan.Win32.Agent.qt skipped
C:\Documents and Settings\jallu\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\jallu\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\RECYCLER\S-1-5-21-484763869-152049171-839522115-1003\Dc166.exe Infected: not-a-virus:FraudTool.Win32.SecurityCenter.a skipped
C:\RECYCLER\S-1-5-21-484763869-152049171-839522115-1003\Dc73.exe Infected: Trojan.Win32.Agent.qt skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091268.exe Infected: Trojan-Downloader.Win32.Tiny.fk skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091270.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091271.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091272.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091273.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091274.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091275.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091276.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091277.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091278.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091279.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091280.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091281.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091282.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091283.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091284.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454\A0091635.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP462\A0094295.exe Infected: Trojan-Downloader.Win32.Agent.bgn skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP462\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd7005.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP452\A0091446.exe/data0011 Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
D:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP452\A0091446.exe NSIS: infected - 1 skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
[ + lainaa]
jallu79
JPN79
Newbie
_ 		6. maaliskuuta 2007 @ 11:25 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Logfile of HijackThis v1.99.1
Scan saved at 16:21:26, on 6.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HJT\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton-työkalurivi - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat...b?1141620351656
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1141384360812
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O18 - Protocol: bw+0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {0DE71303-E55D-47F9-9607-1E96A5086222} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Automaattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

KASPERSKY ONLINE SCANNER REPORT
Tuesday, March 06, 2007 4:20:04 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 6/03/2007
Kaspersky Anti-Virus database records: 276439
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
Scan Statistics
Total number of scanned objects 90929
Number of viruses found 11
Number of infected objects 26 / 0
Number of suspicious objects 0
Duration of the scan process 02:03:58

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-03-06_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03E631FF.exe Infected: Trojan-Downloader.Win32.INService.bl skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5AA215FF.exe Infected: not-a-virus:Downloader.Win32.Agent.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\65D5195D.exe Infected: Trojan-Downloader.Win32.Tiny.fk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\1B0F7A66.TMP Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SubEng\submissions.idx Object is locked skipped
C:\Documents and Settings\jallu\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\jallu\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\jallu\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\jallu\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\jallu\Local Settings\Temporary Internet Files\Content.IE5\NFH3FLWW\xc29[1].exe Infected: Trojan.Win32.Agent.qt skipped
C:\Documents and Settings\jallu\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\jallu\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\RECYCLER\S-1-5-21-484763869-152049171-839522115-1003\Dc166.exe Infected: not-a-virus:FraudTool.Win32.SecurityCenter.a skipped
C:\RECYCLER\S-1-5-21-484763869-152049171-839522115-1003\Dc73.exe Infected: Trojan.Win32.Agent.qt skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091268.exe Infected: Trojan-Downloader.Win32.Tiny.fk skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091270.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091271.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091272.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091273.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091274.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091275.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091276.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091277.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091278.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091279.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091280.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091281.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091282.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091283.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP451\A0091284.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP454\A0091635.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP462\A0094295.exe Infected: Trojan-Downloader.Win32.Agent.bgn skipped
C:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP462\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd7005.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP452\A0091446.exe/data0011 Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
D:\System Volume Information\_restore{876AE76A-482E-45AF-B558-E1EE297DBE8C}\RP452\A0091446.exe NSIS: infected - 1 skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
[ + lainaa]
jallu79
tomato71
Suspended due to non-functional email address
_ 		6. maaliskuuta 2007 @ 19:07 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Loki on OK
Pientä jälkisiivousta viel...

Tyhjennä Norttonin quarantine


Lataa Atribunen ATF Cleaner

Ohjeet;

Tupla-klikkaa ATF-Cleaner.exe käynnistääksesi ohjelman.
Main:n alla valitse: Select All
Klikkaa Empty Selected valintaa.

Jos käytät FireFoxia selaimenasiKlikkaa Firefox yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.

Jos käytät Operaa selaimenasi
Klikkaa Opera yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa taas.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Klikkaa Exit päävalikosta sulkeaksesi ohjelman.
Teknistä tukea tulee jos tupla-klikkaat sähköpostiosoitetta joka sijaitsee jokaisen menun alapuolella kyseisessä työkalussa. (Huomatkaa että se tuki on sitten englanniksi)


Putsaa järjestelmän palautus:
1. Klikkaa oikealla käynnistävalikon My Computer- tai oma tietokone-kuvaketta
2. Valitse Properties/ominaisuudet
3. Valitse System Restore/järjestelmän palauttaminen välilehti
4. Valitse "Turn off System Restore"/poista järjestelmän palauttaminen kaikissa asemissa
5. Paina Apply/käytä
6. Paina OK
7. Käynnistä kone uudelleen
8. Palauta asetukset takaisin



Pysy Puhtaana !

Käytä Firefox
Firefox on nopeampi turvallisempi selain kuin Internet Explorer
Lataa Firefox

Asenna Hosts-tiedosto
Hosts-tiedosto estää haitalliset internet-osoitteet
Lataa Hosts-tiedosto
Opas!

Asenna AVG Anti-Spyware
AVG Anti-Spyware poistaa haittaohjelmia ja puhdistaa myös rekisteriä
Lataa AVG Anti-Spyware
Opas!

Asenna Ccleaner
Ccleaner puhdistaa väliaikaistiedostot ja rekisteriä
Lataa Ccleaner
Opas!

Asenna SpywareBlaster
SpywareBlaster estää haittaohjelmien asentumista koneelle
Lataa SpywareBlaster
Opas!

Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste.
Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä.
Opas!

Pidä järjestelmäsi ajantasalla
Windows Update

Pidä palomuuri ja virustorjunta ajantasalla
Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi.

Taistele vastaan!!--> Malware Complaints
Sivusto antaa haittaohjelmien uhreille mahdollisuuden kertoa tarinansa ja tehdä valituksen asiasta. Taistellaan yhdessä haittaohjelmien tekijöitä vastaan!

Vielä ongelmia??
[ + lainaa]
JPN79
Newbie
_ 		7. maaliskuuta 2007 @ 05:52 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
joo tuntuu pelaavan paremmin,eikä norttoni herjaa sitä vundoa enää ollenkaan.kaikki ongelmat alkoi siitä kun norttoni meni vanhaksi ja iman virusturvaa viis päivää,sitä ennen ei mitään ongelmia pärjäsin näillä ohjelmilla Ad-Aware SE Personal,Spybot - Search & Destroy 1.4,EasyCleaner.iso kiitos avusta,on hyvä kun on tälläinen paikka joka auttaa koneen sairastuessa
[ + lainaa]
jallu79
tomato71
Suspended due to non-functional email address
_ 		7. maaliskuuta 2007 @ 05:55 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
oleppa hyvä :)
[ + lainaa]
JPN79
Newbie
_ 		7. maaliskuuta 2007 @ 06:05 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
vielä vaivaa yks asia,mistä saa muutettua sellaista asetusta kun klikkaan c,e,d kansiota se menee siihen etsi osioon eikä avaa kansiota vaan joudun klikkaamaan oikealla ja valitsemaan avaa
[ + lainaa]
jallu79
Mainos
_ 		__
 
_
tomato71
Suspended due to non-functional email address
_ 		7. maaliskuuta 2007 @ 06:18 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Mulla oli kanssa joskus sellanen ongelma,en nyt muista mistä sain sen kuntoon...
Kokeile ohjauspanelis olevaa "Kansion asetukset" tai sitten hiiren asetukset
[ + lainaa]
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > kone tökkii ja herjaa vundoa
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2025 AfterDawn Oy