|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
HjT - logi / Javaa ei saa poistettua
|
|
|
Eepska
Junior Member
|
3. helmikuuta 2009 @ 21:13 |
Linkki tähän viestiin
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:56:29, on 3.2.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Sony\SonicStage\SSAAD.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\foobar2000\foobar2000.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\mIRC\mirc.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Mozilla Firefox 3.1 Beta 2\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919293
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (file missing)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O3 - Toolbar: MSN-työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fi\msntb.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [Steam] "c:\downloads\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Miro] C:\Program Files\Participatory Culture Foundation\Miro\Miro.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add RSS Support Site to VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O18 - Protocol: bw+0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 25724 bytes
Ongelmana on se että en saa poistettua Java (TM) 6 Update 11 - tiedostoa ohjauspaneelin kautta. Se mukamas poistaa sen normaalisti mutta siellä se sovellus van kummittelee. Koitin etsiä koneelta kaikki java tiedostot "etsi"-toiminnon avulla, mutta mitään ei löytynyt! Olen koittanut ladata monia eri java versioita mutta mitkään ei vaan jostain syystä toimi. Mikä avuksi?
|
|
Hujo
Suspended permanently
|
3. helmikuuta 2009 @ 21:50 |
Linkki tähän viestiin
|
Vistassa pitää olla järjestelmän valvojana sisällä
Poista lisää poista sovelutuksesta
Logitech Desktop Messenger
Poista kansiot vikasiedossa
C:\Program Files\Winamp Toolbar
C:\Program Files\AskBarDis
C:\Program Files\Java
scannaa hjt:llä merkkaa paina Fix checked
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919293
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (file missing)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O3 - Toolbar: MSN-työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fi\msntb.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
=================
Mikäs virustorjunta on käytössä koneella f-securee ja nortoinia poista toinen
===============
Lataa Malwarebytes' Anti-Malware työpöydällesi.
1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi
==============
1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2
älä asenna palautus consolia
2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
==========
scannaa myös uusi hjt:n loki
Voiko tietsikka koskaan toimia?
|
|
Eepska
Junior Member
|
4. helmikuuta 2009 @ 17:26 |
Linkki tähän viestiin
|
Malwarebytes' Anti-Malware loki:
Malwarebytes' Anti-Malware 1.33
Tietokantaversio: 1721
Windows 6.0.6001 Service Pack 1
4.2.2009 8:32:52
mbam-log-2009-02-04 (08-32-52).txt
Tarkistustyyppi: Täysi tarkistus (C:\|)
Tarkistetut kohteet: 205313
Kulunut aika: 6 hour(s), 3 minute(s), 28 second(s)
Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 1
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0
Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)
Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisterikohteita:
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)
Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)
ComboFix loki:
ComboFix 09-02-02.04 - Veikko 2009-02-04 17:08:07.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1035.18.2045.1063 [GMT 2:00]
Sijainti: c:\users\Veikko\Desktop\ComboFix.exe
AV: F-Secure Internet Security 2008 8.00 *On-access scanning disabled* (Updated)
FW: F-Secure Internet Security 2008 8.00 *enabled*
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\x64
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-04 to 2009-02-04 )))))))))))))))))
.
2009-02-04 17:02 . 2009-02-04 17:04 <KANSIO> d-------- C:\32788R22FWJFW.1.tmp
2009-02-04 17:02 . 2009-02-04 17:02 <KANSIO> d-------- C:\32788R22FWJFW.0.tmp
2009-02-03 22:06 . 2009-02-03 22:06 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\Malwarebytes
2009-02-03 22:06 . 2009-02-03 22:06 <KANSIO> d-------- c:\programdata\Malwarebytes
2009-02-03 22:06 . 2009-02-04 08:32 <KANSIO> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-03 22:06 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-03 22:06 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-03 22:05 . 2009-02-03 22:05 0 --a------ c:\windows\System32\RENBE03.tmp
2009-02-03 22:05 . 2009-02-03 22:05 0 --a------ c:\windows\System32\RENBE02.tmp
2009-02-03 22:05 . 2009-02-03 22:05 0 --a------ c:\windows\System32\RENBE01.tmp
2009-02-03 21:33 . 2009-02-03 21:33 0 --a------ c:\windows\System32\RENB090.tmp
2009-02-03 21:33 . 2009-02-03 21:33 0 --a------ c:\windows\System32\RENB08F.tmp
2009-02-03 21:33 . 2009-02-03 21:33 0 --a------ c:\windows\System32\RENB08E.tmp
2009-02-03 20:55 . 2009-02-03 20:55 <KANSIO> d-------- c:\program files\Trend Micro
2009-02-02 22:57 . 2009-02-02 22:57 0 --a------ c:\windows\System32\RENCC28.tmp
2009-02-02 22:57 . 2009-02-02 22:57 0 --a------ c:\windows\System32\RENCC27.tmp
2009-02-02 22:57 . 2009-02-02 22:57 0 --a------ c:\windows\System32\RENCC26.tmp
2009-02-02 22:47 . 2009-02-03 21:24 <KANSIO> d-------- c:\program files\Mozilla Firefox 3.1 Beta 2
2009-02-02 21:18 . 2009-02-02 21:18 <KANSIO> d-------- c:\program files\CCleaner
2009-02-02 21:12 . 2009-02-02 21:12 0 --a------ c:\windows\System32\REN85A5.tmp
2009-02-02 21:12 . 2009-02-02 21:12 0 --a------ c:\windows\System32\REN85A4.tmp
2009-02-02 21:12 . 2009-02-02 21:12 0 --a------ c:\windows\System32\REN8593.tmp
2009-02-02 21:05 . 2009-02-02 21:05 0 --a------ c:\windows\System32\RENB424.tmp
2009-02-02 21:05 . 2009-02-02 21:05 0 --a------ c:\windows\System32\RENB413.tmp
2009-02-02 21:05 . 2009-02-02 21:05 0 --a------ c:\windows\System32\RENB402.tmp
2009-02-02 15:29 . 2009-02-02 15:28 410,984 --a------ c:\windows\System32\deploytk.dll
2009-01-22 00:22 . 2009-01-22 12:51 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\gtk-2.0
2009-01-22 00:21 . 2009-01-22 00:22 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\avidemux
2009-01-21 22:51 . 2009-01-21 22:51 <KANSIO> d-------- c:\program files\DC++
2009-01-14 12:35 . 2008-12-16 04:42 288,768 --a------ c:\windows\System32\drivers\srv.sys
2009-01-12 12:44 . 2009-02-03 21:45 <KANSIO> d-------- c:\users\Veikko\Tracing
2009-01-12 12:42 . 2009-01-12 12:42 <KANSIO> d-------- c:\program files\Microsoft
2009-01-12 12:41 . 2009-01-12 12:41 <KANSIO> d-------- c:\program files\Windows Live SkyDrive
2009-01-12 12:33 . 2009-01-12 12:33 <KANSIO> d-------- c:\program files\Common Files\Windows Live
2009-01-07 21:54 . 2009-01-07 21:54 <KANSIO> d-------- c:\program files\vixy.net
2009-01-05 00:20 . 2009-01-05 00:20 <KANSIO> d-------- c:\program files\DVDVideoSoft
2009-01-05 00:20 . 2009-01-05 00:20 <KANSIO> d-------- c:\program files\Common Files\DVDVideoSoft
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-04 15:00 --------- d-----w c:\users\Veikko\AppData\Roaming\Skype
2009-02-04 14:47 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-03 22:02 --------- d-----w c:\users\Veikko\AppData\Roaming\foobar2000
2009-02-03 20:03 --------- d-----w c:\programdata\Symantec
2009-02-03 19:58 --------- d-----w c:\program files\Logitech
2009-02-03 19:33 --------- d-----w c:\users\Veikko\AppData\Roaming\mIRC
2009-02-03 18:48 --------- d-----w c:\program files\Image-Line
2009-02-03 18:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-02 18:50 --------- d-----w c:\users\Veikko\AppData\Roaming\LimeWire
2009-01-31 12:24 --------- d-----w c:\program files\Microsoft SQL Server
2009-01-22 13:59 --------- d-----w c:\users\Veikko\AppData\Roaming\BitTorrent
2009-01-19 14:44 --------- d-----w c:\program files\Common Files\Steam
2009-01-15 08:31 --------- d-----w c:\program files\Windows Mail
2009-01-12 10:41 --------- d-----w c:\program files\Windows Live
2009-01-07 19:54 --------- d-----w c:\program files\vixy.net
2008-12-27 13:03 4,064,702 ----a-w c:\users\Veikko\Farmi15_SFX.exe
2008-12-26 23:13 --------- d-----w c:\program files\Deluxe Ski Jump 3
2008-12-24 13:58 --------- d-----w c:\program files\Sony
2008-12-22 22:10 --------- d-----w c:\users\Veikko\AppData\Roaming\Audacity
2008-12-22 11:29 --------- d-----w c:\users\Veikko\AppData\Roaming\teamspeak2
2008-12-13 19:56 --------- d-----w c:\program files\Teamspeak2_RC2
2008-12-02 20:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-11-24 20:31 65,888 ----a-w c:\windows\System32\sqlctr90.dll
2008-11-24 20:31 2,248,544 ----a-w c:\windows\System32\sqlncli.dll
2008-11-20 16:42 615,424 ----a-w c:\windows\System32\themeui.dll
2008-11-20 16:42 240,128 ----a-w c:\windows\System32\uxtheme.dll
2008-09-03 13:50 174 --sha-w c:\program files\desktop.ini
2007-05-21 10:58 0 ----a-w c:\users\Veikko\AppData\Roaming\wklnhst.dat
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2006-09-29 20053544]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-11-14 472632]
"Steam"="c:\downloads\steam\steam.exe" [2008-10-08 1410296]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-07-02 2321600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-09-11 118784]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2006-11-12 43128]
"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALuNotify.exe" [2007-09-12 492912]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"F-Secure Manager"="c:\program files\F-Secure Internet Security\Common\FSM32.EXE" [2007-05-25 183208]
"F-Secure TNB"="c:\program files\F-Secure Internet Security\FSGUI\TNBUtil.exe" [2007-05-25 740208]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-06-26 614960]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-07 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-07 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-11-24 20:36 73728 c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0BC8CEEB-0676-46F7-87F9-5C25E20A995C}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype
"{CA9C1993-E931-405E-AC12-3341F07F10C4}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype
"{BA5B2BA1-13B5-4D3D-B676-E6D636D013F7}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{D2587E63-CCC3-4A4C-A4FC-0A34C21DD9E3}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{1430669F-0AFF-467F-BC49-C64F0510427B}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{1E62F26C-48C6-48BA-8287-BAF995099108}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{D4DF20E9-563D-49E1-9AED-7BBEE7102F12}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{90992B76-A6C8-477F-83A4-C584083BEFC0}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{A493A5BF-5C2C-4899-BDAB-89D8BABC8C53}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{047B06FC-CF5A-443E-B74E-20B6C0C54B50}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{FA327854-EEF9-4100-9C2D-5D8581C273D5}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{6A9441CF-6F14-4447-8C49-84B70BA2E60F}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{B4B1A454-2C0D-4781-B8F3-E8E1ACAC5A13}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{287BCAB3-8895-4662-BE8E-B3F1AB5AF53D}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{BDF01D8E-195A-49F8-9F43-BA83F1BDBFFC}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{E008766E-216E-462E-9235-12D7ED9229CC}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{B7BF959B-71E4-4496-AA52-35CA5E64A87E}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{70D4255D-B13E-46B7-9D7E-1B8E6FDA58D8}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{8B495492-32D0-493B-BAC7-9C4789D3F2FD}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{9BF74940-8E25-4C54-B7A3-4D4087E34AE1}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"TCP Query User{77C64838-273A-40A8-896F-05A75CB70D3F}c:\\users\\veikko\\desktop\\strongdc\\strongdc.exe"= UDP:c:\users\veikko\desktop\strongdc\strongdc.exe:strongdc.exe
"UDP Query User{47BC04A9-23EE-44F8-8EAD-E988CA38B0FB}c:\\users\\veikko\\desktop\\strongdc\\strongdc.exe"= TCP:c:\users\veikko\desktop\strongdc\strongdc.exe:strongdc.exe
"{B4A68D98-54B9-417C-B5CC-559BB6504EF3}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{872C2044-5F03-4F48-9FA3-DB5DEFEB7466}"= TCP:c:\program files\DNA\btdna.exe:DNA
"TCP Query User{F034008E-5D36-45CE-A319-BCE49447D091}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"UDP Query User{C52E8E10-31EA-4314-B93D-B9DE234C32F3}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"TCP Query User{82252084-3908-498F-9119-8F3330596B11}c:\\program files\\dc++\\dcplusplus.exe"= UDP:c:\program files\dc++\dcplusplus.exe:DC++
"UDP Query User{F4066AD6-2D42-44CE-A369-0700FA7C1D03}c:\\program files\\dc++\\dcplusplus.exe"= TCP:c:\program files\dc++\dcplusplus.exe:DC++
"TCP Query User{0E777C11-0B5F-48A4-AA78-51A0E8F9820B}c:\\program files\\counter-strike 1.6 v31\\hl.exe"= UDP:c:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"UDP Query User{3CED78FE-4DDC-4A41-AD0A-4A29240680AC}c:\\program files\\counter-strike 1.6 v31\\hl.exe"= TCP:c:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"TCP Query User{841A7EE8-783A-4FEB-9BFA-74CD0515D1ED}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{8C330778-AD56-4E31-8EA5-1B31A4500114}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{ADA8C9B1-9042-4E17-9E5E-76B293647B4C}c:\\users\\veikko\\program files\\dna\\btdna.exe"= UDP:c:\users\veikko\program files\dna\btdna.exe:btdna.exe
"UDP Query User{04C9CE37-23F3-42CA-9599-1BD4EE26CCFE}c:\\users\\veikko\\program files\\dna\\btdna.exe"= TCP:c:\users\veikko\program files\dna\btdna.exe:btdna.exe
"TCP Query User{32270A38-D83B-4EC1-B772-EAB76486D992}c:\\downloads\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor.exe"= UDP:c:\downloads\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor.exe:rFactor
"UDP Query User{69F6112A-C8F3-4258-A014-F4793017EF48}c:\\downloads\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor.exe"= TCP:c:\downloads\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor.exe:rFactor
"TCP Query User{FECDC0D2-B86A-45EE-A4CE-3A908434D234}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{85632176-6999-4F00-8F82-E80235B1BB8A}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{E089B513-460D-4189-9757-5FDE8A69CD09}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{4852ADC9-F8E4-4887-92E4-1228015C1DBB}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{37C79CE0-96AA-4785-97A6-57D2D363457E}c:\\downloads\\steam\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steam\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{BCB5C2F9-1318-461F-B983-3BF96A788511}c:\\downloads\\steam\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steam\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{500F2B3B-9331-4769-B82A-06C6CCA99254}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{BE97C500-FC96-4F36-9B73-915952F2481B}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{C5200D3C-1C0F-4375-91DC-E1BC96423357}c:\\program files\\msn messenger\\msnmsgr.exe"= UDP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"UDP Query User{4D2E2AB8-D7B7-467D-BD00-22F95ADCA588}c:\\program files\\msn messenger\\msnmsgr.exe"= TCP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"TCP Query User{4D69306B-8C96-4AA7-B76F-8D21FF8F22AC}c:\\users\\veikko\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\users\veikko\program files\bittorrent\bittorrent.exe:bittorrent.exe
"UDP Query User{C98FBF60-CB71-4A51-B3AA-C3D9883E58EE}c:\\users\\veikko\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\users\veikko\program files\bittorrent\bittorrent.exe:bittorrent.exe
"TCP Query User{0FF64EFF-593C-4AD7-A053-5F6861D8E5C1}c:\\downloads\\ra2\\game.exe"= UDP:c:\downloads\ra2\game.exe:Main executable for Red Alert 2
"UDP Query User{B2B53663-0CCE-4F13-BA76-163E2A0FAF58}c:\\downloads\\ra2\\game.exe"= TCP:c:\downloads\ra2\game.exe:Main executable for Red Alert 2
"TCP Query User{BDEB28E4-E095-4ABB-A65A-1A6F10992C7F}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"UDP Query User{AB3CB54B-4576-4C31-B941-60E2316BC997}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"TCP Query User{ECC29E4E-4AB5-4B98-959D-CB15006F50D2}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{3A5830A4-709D-4693-9A3B-336436152326}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{4123F98A-FFBF-4D92-A4D5-D262D0BD1235}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{32EAC0D9-3716-4BD4-A7C5-E8A0AF4A633E}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"{5F8F2E8A-7A4F-4ACC-B3B5-5FC739B41706}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{722B0EC9-4148-4DE2-9C72-D095B27A7E6D}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{C55972E0-776D-4B99-83AB-5F41CBD14FC4}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"UDP Query User{4CE348D3-ED36-41E8-B62D-AA4EBC80B3FE}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"TCP Query User{275A0A88-27B0-4833-9AD6-B226A6680102}c:\\program files\\atari\\deer hunter 2005\\dh2005.exe"= UDP:c:\program files\atari\deer hunter 2005\dh2005.exe:DH2005
"UDP Query User{C9DF7B6E-D436-4FD4-A140-AC7B88BB1461}c:\\program files\\atari\\deer hunter 2005\\dh2005.exe"= TCP:c:\program files\atari\deer hunter 2005\dh2005.exe:DH2005
"TCP Query User{CB436BD8-4777-49C2-B474-CE0E13F687E5}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{C7D544F6-2934-4F67-B0E6-E1FC9716C9DF}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{4377A7E9-4F14-4AB4-8AAB-BED4EBD5BC68}c:\\users\\veikko\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\veikko\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"UDP Query User{B032A9C5-1A7A-4042-817D-9AAF74E5BE5D}c:\\users\\veikko\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= TCP:c:\users\veikko\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"TCP Query User{6BB43303-F778-4DF5-A84E-E1B4692FBC71}c:\\program files\\propilkki2\\propilkki2.exe"= UDP:c:\program files\propilkki2\propilkki2.exe:Main executable of PP2
"UDP Query User{511AB870-3106-4338-9500-448FA18FE4E4}c:\\program files\\propilkki2\\propilkki2.exe"= TCP:c:\program files\propilkki2\propilkki2.exe:Main executable of PP2
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\F-Secure Internet Security\HIPS\fshs.sys [2008-05-02 41184]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\System32\drivers\fses.sys [2008-05-02 35024]
R1 FSFW;F-Secure Firewall Driver;c:\windows\System32\drivers\fsdfw.sys [2008-05-02 60064]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsvista.sys [2008-05-02 13168]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys [2008-05-02 59760]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [2006-11-30 227328]
S3 TfBulk;TfBulk;c:\windows\System32\drivers\TfBulk.SYS [2008-03-20 13312]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-03-01 741376]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-03-01 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-03-01 1089536]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure Internet Security\Anti-Virus\win2k\fsfilter.sys [2008-05-02 40048]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure Internet Security\Anti-Virus\win2k\fsrec.sys [2008-05-02 25456]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17cfdf7a-f686-11dc-b475-0019c18d9023}]
\shell\AutoRun\command - f:\portableapps\PortableAppsMenu\PortableAppsMenu.exe
.
'Ajoitetut tehtävät'-kansion sisältö
2009-02-04 c:\windows\Tasks\User_Feed_Synchronization-{5A2A3500-5E6F-470A-AC91-4591A2526C09}.job
- c:\windows\system32\msfeedssync.exe [2008-01-19 09:33]
.
- - - - POISTETUT JÄMÄRIVIT - - - -
URLSearchHooks-{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - c:\program files\Winamp Toolbar\winamptb.dll
BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\AskBarDis\bar\bin\askBar.dll
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\AskBarDis\bar\bin\askBar.dll
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\AskBarDis\bar\bin\askBar.dll
HKCU-Run-LDM - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
HKCU-Run-Miro - c:\program files\Participatory Culture Foundation\Miro\Miro.exe
HKCU-Run-Start WingMan Profiler - (no file)
HKLM-Run-IgfxTray - c:\windows\system32\igfxtray.exe
HKLM-Run-HotKeysCmds - c:\windows\system32\hkcmd.exe
HKLM-Run-Persistence - c:\windows\system32\igfxpers.exe
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919293
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add RSS Support Site to VAIO Information FLOW - c:\program files\Sony\VAIO Information FLOW\aiesc.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\F-Secure Internet Security\FSPS\program\FSLSP.DLL
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -
FF - ProfilePath - c:\users\Veikko\AppData\Roaming\Mozilla\Firefox\Profiles\duaww0ta.default\
FF - plugin: c:\users\Veikko\Program Files\DNA\plugins\npbtdna.dll
---- FIREFOXIN KÄYTÄNNÖT ----
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-04 17:12:28
Windows 6.0.6001 Service Pack 1 NTFS
tarkistaa piilotettuja prosesseja ...
tarkistaa piilotettuja käynnistysarvoja ...
tarkistaa piilotettuja tiedostoja ...
tarkistus on valmis
piilotetut tiedostot: 0
**************************************************************************
.
Valmistumisajankohta: 2009-02-04 17:15:38
ComboFix-quarantined-files.txt 2009-02-04 15:15:34
Ennen ajoa: 36 512 501 760 tavua vapaana
Ajon jälkeen: 36,210,425,856 tavua vapaana
260 --- E O F --- 2009-02-03 07:45:32
Hijack loki:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:56:29, on 3.2.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Sony\SonicStage\SSAAD.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\foobar2000\foobar2000.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\mIRC\mirc.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Mozilla Firefox 3.1 Beta 2\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919293
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (file missing)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O3 - Toolbar: MSN-työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fi\msntb.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [Steam] "c:\downloads\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Miro] C:\Program Files\Participatory Culture Foundation\Miro\Miro.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add RSS Support Site to VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O18 - Protocol: bw+0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 25724 bytes
Muuta:
En saanut poistettua "Logitech Desktop Messenger"- sovellusta vaikka olen järjestelmänhaltija.
Mutta tässä olisi nyt nämä lokit
|
|
Hujo
Suspended permanently
|
4. helmikuuta 2009 @ 17:42 |
Linkki tähän viestiin
|
niin poista ensin vanha hjtn loki scannaa sitten uusi
Löytyy tuolta
C:\Program Files\Trend Micro\HijackThis\HijackThis.log tekstitedosto
Mikäs virustorjunta se oli käytössä
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 4. helmikuuta 2009 @ 17:42
|
|
Eepska
Junior Member
|
4. helmikuuta 2009 @ 17:53 |
Linkki tähän viestiin
|
Tässä uusi
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:51:23, on 4.2.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Opera\opera.exe
C:\32788R22FWJFW\prep.com
C:\32788R22FWJFW\prep.com
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\foobar2000\foobar2000.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919293
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (file missing)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O3 - Toolbar: MSN-työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fi\msntb.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [Steam] "c:\downloads\steam\steam.exe" -silent
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add RSS Support Site to VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O18 - Protocol: bw+0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 25340 bytes
F-Secure on käytössä, poistin Norttonin
|
|
Eepska
Junior Member
|
4. helmikuuta 2009 @ 18:58 |
Linkki tähän viestiin
|
|
Sain poistettua sen Java (TM) 6 update 11 tiedoston jonkin microsoftin ohjelman avulla, muta nyt on ongelmana se että mikään java ei toimi, oon kokeillu monia eri versioita
|
|
Hujo
Suspended permanently
|
4. helmikuuta 2009 @ 19:00 |
Linkki tähän viestiin
|
scannaa hjt:llä merkkaa paina Fix checked
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919293
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (file missing)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O18 - Protocol: bw+0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
==============
Nyt tuon alla olevan Lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio
Lainaus:
Folder::
c:\program files\Common Files\Symantec Shared
c:\programdata\Symantec
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
Tallenna se nimellä CFScript.txt työpöydälle
Sitten raahaa CFScript ComboFix.exeen kuten alla.
Laita tuleva loki tänne.
Sammutat ja käynnistät koneen
Voiko tietsikka koskaan toimia?
|
|
Eepska
Junior Member
|
4. helmikuuta 2009 @ 19:22 |
Linkki tähän viestiin
|
|
" Lainaus:
Folder::
c:\program files\Common Files\Symantec Shared
c:\programdata\Symantec
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"
Tuonne Symantec Shared kansioon kun menee niin siellä ovat vain nämä kansiot: CCPD-LC , COH, DecABI, Help, PIF, SPManifests
|
|
Hujo
Suspended permanently
|
4. helmikuuta 2009 @ 19:30 |
Linkki tähän viestiin
|
Voiko tietsikka koskaan toimia?
|
|
Eepska
Junior Member
|
4. helmikuuta 2009 @ 19:46 |
Linkki tähän viestiin
|
|
Nyt kyllä putosin kärryiltä, siit miten laitan muistioon nämä tiedostot : CCPD-LC , COH, DecABI, Help, PIF, SPManifests ? Ne ovat kansioita jotka sisältää kaiken maailman tiedostoja..
|
|
Hujo
Suspended permanently
|
4. helmikuuta 2009 @ 19:57 |
Linkki tähän viestiin
|
|
tuolla ylhäällä on se ohje ja tossa on minkä mitä siinå ohjeessa on
Nyt tuon alla olevan Lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio
Lainaus:
Folder::
c:\program files\Common Files\Symantec Shared
c:\programdata\Symantec
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
Tallenna se nimellä CFScript.txt työpöydälle
Sitten raahaa CFScript ComboFix.exeen kuten alla.
Laita tuleva loki tänne.
Sammutat ja käynnistät koneen
Voiko tietsikka koskaan toimia?
|
|
Eepska
Junior Member
|
4. helmikuuta 2009 @ 23:16 |
Linkki tähän viestiin
|
ComboFix 09-02-02.04 - Veikko 2009-02-04 22:47:15.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1035.18.2045.982 [GMT 2:00]
Sijainti: c:\users\Veikko\Desktop\ComboFix.exe
Käytetyt komentorivivalitsimet :: c:\users\Veikko\Desktop\CFScript.txt
AV: F-Secure Internet Security 2008 8.00 *On-access scanning disabled* (Updated)
FW: F-Secure Internet Security 2008 8.00 *disabled*
* Uusi palautuspiste luotu
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Common Files\Symantec Shared
c:\program files\Common Files\Symantec Shared\CCPD-LC\ez_log.html
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll
c:\program files\Common Files\Symantec Shared\COH\coh.cache
c:\program files\Common Files\Symantec Shared\COH\COH32.exe
c:\program files\Common Files\Symantec Shared\COH\COH64.exe
c:\program files\Common Files\Symantec Shared\DecABI\dec6E55.tmp
c:\program files\Common Files\Symantec Shared\Help\LUALL.CHM
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertUi.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\dcGlobal.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\dcmhSvar.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\dcProd.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\Languages\09\01\AlertEng.loc
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\Languages\fallback.dat
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\lun.ico
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\mhDSA.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\mhSched.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\mhUpgr.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\pifCrawl.exe
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifPep06.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifPep07.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollMgr.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\readme.txt
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\SymHTML.dll
c:\program files\Common Files\Symantec Shared\SPManifests\AlertEng.grd
c:\program files\Common Files\Symantec Shared\SPManifests\AlertEng.sig
c:\program files\Common Files\Symantec Shared\SPManifests\AlertEng.spm
c:\program files\Common Files\Symantec Shared\SPManifests\LuSymProtect.grd
c:\program files\Common Files\Symantec Shared\SPManifests\LuSymProtect.sig
c:\program files\Common Files\Symantec Shared\SPManifests\LuSymProtect.spm
c:\program files\Common Files\Symantec Shared\SPManifests\PifCore.grd
c:\program files\Common Files\Symantec Shared\SPManifests\PifCore.sig
c:\program files\Common Files\Symantec Shared\SPManifests\PifCore.spm
c:\programdata\Symantec\Common Client\settings.log
c:\programdata\Symantec\LiveUpdate\1.Configuration.Log.LiveUpdate
c:\programdata\Symantec\LiveUpdate\1.Product.Inventory.LiveUpdate
c:\programdata\Symantec\LiveUpdate\1.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\10.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2.Configuration.Log.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2.Product.Inventory.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-01-21_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-01-22_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-01-24_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-01-25_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-01-26_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-01-27_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-01-28_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-01-29_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-01-30_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-01-31_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-02-01_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-02-02_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\2009-02-03_Log.ALUSchedulerSvc.LiveUpdate
c:\programdata\Symantec\LiveUpdate\3.Product.Inventory.LiveUpdate
c:\programdata\Symantec\LiveUpdate\3.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\4.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\5.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\6.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\7.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\8.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\9.Settings.LiveUpdate
c:\programdata\Symantec\LiveUpdate\Configuration.Log.LiveUpdate
c:\programdata\Symantec\LiveUpdate\Downloads\1194300122jtun_lu32update.zip.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1206396700jtun_cohdata.rar.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1208230618jtun_pif145.x00.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1208566724jtun_80417038.skn.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1208614272jtun_nav2k7en80417001.m25.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1208664062jtun_ncodatcurd25.x01.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1208804135jtun_nisenidcurd25.x86.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1208841894jtun_80418039.skn.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1208873923jtun_nav2k7en80419003.m25.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1208884591jtun_ncodatcurd25.x01.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1208920753jtun_80421040.skn.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1208979198jtun_ncodat80422005-80423006.x01.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1209776195jtun_hbpatch07.x00.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\1217886497jtun_cohdata.rar.full.zip
c:\programdata\Symantec\LiveUpdate\Downloads\antivirus_1.1.00_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\automatic$20liveupdate_3.2.0.26_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\avenge$20microdefs25$20nav2007_microdefsb.curdefs_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\avenge$20microdefs25$20nav2007_microdefsb.mar_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\avenge$20microdefs25$20nav2007_microdefsb.old_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ccpd$5fretail$5flicensing$5ftechnology_6.0_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\coh$20data$20update_6.1.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\coh$20update_6.0.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\coh$20update_6.1.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\decomposer_1.0.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\firewall_2.1.0_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\firewall_2.1.1_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ids$20$2d$20consumer_7.1.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ids$20defs$202007$20microdefs25_microdefsb.apr_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ids$20defs$202007$20microdefs25_microdefsb.curdefs_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ids$20defs$202007$20microdefs25_microdefsb.mar_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\ids$20defs$202007$20microdefs25_microdefsb.old_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\liveupdate$20notice_1.4.5.83_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\liveupdate$20notice_1.4.5.91_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\minitri.flg
c:\programdata\Symantec\LiveUpdate\Downloads\navnt$202007$20resource_14.1.0.27_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\navnt$202007$20resource_14.5.0_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\navnt$202007_14.1.0.27_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\norton$20internet$20security$20other_2.0_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\norton$20internet$20security$20resource_10.1.0_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\norton$20internet$20security_10.1.0_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\nortonprotectioncenter_2007.1.02_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\opc70x$5fcore_7.1_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\opc70x$5fcore_7.5_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\spbbc_3.1.1_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\srtsp$20consumer_10.1.1_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\submission$20engine$20data_1.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symantec$20known$20application$20system_1.0.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symantec$20known$20application$20system_1.5.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symantec$20security$20content$20a_microdefsb.curdefs_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symantec$20trusted$20application$20list_2.0_english_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symevent$20installer$20$2d$20consumer_12.1_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symevent$20installer$20$2d$20consumer_12.5_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\symnet$20consumer_7.1.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\web$20authentication$20data_microdefsb.curdefs_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\web$20authentication$20data_microdefsb.mar_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\web$20authentication$20data_microdefsb.old_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\web$20protection$20data_1.0_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Downloads\web$20protection$20data_2006.1.0.60_symalllanguages_livetri.zip
c:\programdata\Symantec\LiveUpdate\Log.LiveUpdate
c:\programdata\Symantec\LiveUpdate\LUInstall.LiveUpdate
c:\programdata\Symantec\LiveUpdate\Product.Inventory.LastGood.LiveUpdate
c:\programdata\Symantec\LiveUpdate\Product.Inventory.LiveUpdate
c:\programdata\Symantec\LiveUpdate\Settings.LiveUpdate
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\Pep2_{BC8D3EAF-F864-4D4B-AB4D-B3D0C32E2840}.dat
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\System_.dat
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\System_.tmp
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollManager\PollManager_Current.dat
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollManager\PollManager_Job.dat
c:\programdata\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\SVAR\SVAR_{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}.dat
c:\programdata\Symantec\rmt.dat
c:\programdata\Symantec\wds.dat
c:\programdata\Symantec . . . . poisto epäonnistui
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-04 to 2009-02-04 )))))))))))))))))
.
2009-02-04 22:44 . 2009-02-04 22:44 <KANSIO> d-------- C:\32788R22FWJFW.2.tmp
2009-02-04 22:38 . 2009-02-04 22:38 0 --a------ c:\windows\System32\RENCA24.tmp
2009-02-04 22:38 . 2009-02-04 22:38 0 --a------ c:\windows\System32\RENCA23.tmp
2009-02-04 22:38 . 2009-02-04 22:38 0 --a------ c:\windows\System32\RENCA22.tmp
2009-02-04 22:35 . 2009-02-04 22:35 0 --a------ c:\windows\System32\REN7B0.tmp
2009-02-04 22:35 . 2009-02-04 22:35 0 --a------ c:\windows\System32\REN7AF.tmp
2009-02-04 22:35 . 2009-02-04 22:35 0 --a------ c:\windows\System32\REN7AE.tmp
2009-02-04 22:20 . 2009-02-04 22:20 0 --a------ c:\windows\System32\RENF3F0.tmp
2009-02-04 22:20 . 2009-02-04 22:20 0 --a------ c:\windows\System32\RENF3EF.tmp
2009-02-04 22:14 . 2009-02-04 22:14 0 --a------ c:\windows\System32\REN5EF2.tmp
2009-02-04 22:14 . 2009-02-04 22:14 0 --a------ c:\windows\System32\REN5EF1.tmp
2009-02-04 22:01 . 2009-02-04 22:01 0 --a------ c:\windows\System32\REN26B3.tmp
2009-02-04 22:01 . 2009-02-04 22:01 0 --a------ c:\windows\System32\REN26B2.tmp
2009-02-04 21:46 . 2009-02-04 21:46 0 --a------ c:\windows\System32\RENB52D.tmp
2009-02-04 21:46 . 2009-02-04 21:46 0 --a------ c:\windows\System32\RENB52C.tmp
2009-02-04 20:23 . 2009-02-04 20:23 0 --a------ c:\windows\System32\REN235.tmp
2009-02-04 20:23 . 2009-02-04 20:23 0 --a------ c:\windows\System32\REN234.tmp
2009-02-04 20:23 . 2009-02-04 20:23 0 --a------ c:\windows\System32\REN233.tmp
2009-02-04 19:26 . 2009-02-04 19:26 0 --a------ c:\windows\System32\RENC331.tmp
2009-02-04 19:26 . 2009-02-04 19:26 0 --a------ c:\windows\System32\RENC330.tmp
2009-02-04 19:26 . 2009-02-04 19:26 0 --a------ c:\windows\System32\RENC32F.tmp
2009-02-04 19:02 . 2009-02-04 19:02 0 --a------ c:\windows\System32\RENE66C.tmp
2009-02-04 19:02 . 2009-02-04 19:02 0 --a------ c:\windows\System32\RENE65B.tmp
2009-02-04 19:02 . 2009-02-04 19:02 0 --a------ c:\windows\System32\RENE65A.tmp
2009-02-04 18:53 . 2009-02-04 18:53 0 --a------ c:\windows\System32\REN8884.tmp
2009-02-04 18:53 . 2009-02-04 18:53 0 --a------ c:\windows\System32\REN8883.tmp
2009-02-04 18:53 . 2009-02-04 18:53 0 --a------ c:\windows\System32\REN8872.tmp
2009-02-04 18:49 . 2009-02-04 18:49 0 --a------ c:\windows\System32\REN4157.tmp
2009-02-04 18:49 . 2009-02-04 18:49 0 --a------ c:\windows\System32\REN4156.tmp
2009-02-04 18:49 . 2009-02-04 18:49 0 --a------ c:\windows\System32\REN4155.tmp
2009-02-04 18:39 . 2009-02-04 18:39 <KANSIO> d-------- c:\program files\Windows Installer Clean Up
2009-02-04 18:39 . 2009-02-04 18:39 <KANSIO> d-------- c:\program files\MSECACHE
2009-02-04 17:02 . 2009-02-04 17:04 <KANSIO> d-------- C:\32788R22FWJFW.1.tmp
2009-02-04 17:02 . 2009-02-04 17:02 <KANSIO> d-------- C:\32788R22FWJFW.0.tmp
2009-02-03 22:06 . 2009-02-03 22:06 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\Malwarebytes
2009-02-03 22:06 . 2009-02-03 22:06 <KANSIO> d-------- c:\programdata\Malwarebytes
2009-02-03 22:06 . 2009-02-04 08:32 <KANSIO> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-03 22:06 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-03 22:06 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-03 22:05 . 2009-02-03 22:05 0 --a------ c:\windows\System32\RENBE03.tmp
2009-02-03 22:05 . 2009-02-03 22:05 0 --a------ c:\windows\System32\RENBE02.tmp
2009-02-03 22:05 . 2009-02-03 22:05 0 --a------ c:\windows\System32\RENBE01.tmp
2009-02-03 21:33 . 2009-02-03 21:33 0 --a------ c:\windows\System32\RENB090.tmp
2009-02-03 21:33 . 2009-02-03 21:33 0 --a------ c:\windows\System32\RENB08F.tmp
2009-02-03 21:33 . 2009-02-03 21:33 0 --a------ c:\windows\System32\RENB08E.tmp
2009-02-03 20:55 . 2009-02-03 20:55 <KANSIO> d-------- c:\program files\Trend Micro
2009-02-02 22:57 . 2009-02-02 22:57 0 --a------ c:\windows\System32\RENCC28.tmp
2009-02-02 22:57 . 2009-02-02 22:57 0 --a------ c:\windows\System32\RENCC27.tmp
2009-02-02 22:57 . 2009-02-02 22:57 0 --a------ c:\windows\System32\RENCC26.tmp
2009-02-02 22:47 . 2009-02-03 21:24 <KANSIO> d-------- c:\program files\Mozilla Firefox 3.1 Beta 2
2009-02-02 21:18 . 2009-02-02 21:18 <KANSIO> d-------- c:\program files\CCleaner
2009-02-02 21:12 . 2009-02-02 21:12 0 --a------ c:\windows\System32\REN85A5.tmp
2009-02-02 21:12 . 2009-02-02 21:12 0 --a------ c:\windows\System32\REN85A4.tmp
2009-02-02 21:12 . 2009-02-02 21:12 0 --a------ c:\windows\System32\REN8593.tmp
2009-02-02 21:05 . 2009-02-02 21:05 0 --a------ c:\windows\System32\RENB424.tmp
2009-02-02 21:05 . 2009-02-02 21:05 0 --a------ c:\windows\System32\RENB413.tmp
2009-02-02 21:05 . 2009-02-02 21:05 0 --a------ c:\windows\System32\RENB402.tmp
2009-02-02 15:29 . 2009-02-04 20:30 410,984 --a------ c:\windows\System32\deploytk.dll
2009-01-22 00:22 . 2009-01-22 12:51 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\gtk-2.0
2009-01-22 00:21 . 2009-01-22 00:22 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\avidemux
2009-01-21 22:51 . 2009-01-21 22:51 <KANSIO> d-------- c:\program files\DC++
2009-01-14 12:35 . 2008-12-16 04:42 288,768 --a------ c:\windows\System32\drivers\srv.sys
2009-01-12 12:44 . 2009-02-04 22:33 <KANSIO> d-------- c:\users\Veikko\Tracing
2009-01-12 12:42 . 2009-01-12 12:42 <KANSIO> d-------- c:\program files\Microsoft
2009-01-12 12:41 . 2009-01-12 12:41 <KANSIO> d-------- c:\program files\Windows Live SkyDrive
2009-01-12 12:33 . 2009-01-12 12:33 <KANSIO> d-------- c:\program files\Common Files\Windows Live
2009-01-07 21:54 . 2009-01-07 21:54 <KANSIO> d-------- c:\program files\vixy.net
2009-01-05 00:20 . 2009-01-05 00:20 <KANSIO> d-------- c:\program files\DVDVideoSoft
2009-01-05 00:20 . 2009-01-05 00:20 <KANSIO> d-------- c:\program files\Common Files\DVDVideoSoft
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-04 20:59 --------- d-----w c:\users\Veikko\AppData\Roaming\Skype
2009-02-04 20:48 --------- d-----w c:\programdata\Symantec
2009-02-04 19:55 --------- d-----w c:\program files\Common Files\Adobe
2009-02-04 19:47 --------- d-----w c:\users\Veikko\AppData\Roaming\foobar2000
2009-02-04 18:36 --------- d-----w c:\program files\Common Files\Steam
2009-02-04 18:31 --------- d-----w c:\users\Veikko\AppData\Roaming\mIRC
2009-02-03 19:58 --------- d-----w c:\program files\Logitech
2009-02-03 18:48 --------- d-----w c:\program files\Image-Line
2009-02-03 18:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-02 18:50 --------- d-----w c:\users\Veikko\AppData\Roaming\LimeWire
2009-01-31 12:24 --------- d-----w c:\program files\Microsoft SQL Server
2009-01-22 13:59 --------- d-----w c:\users\Veikko\AppData\Roaming\BitTorrent
2009-01-15 08:31 --------- d-----w c:\program files\Windows Mail
2009-01-12 10:41 --------- d-----w c:\program files\Windows Live
2009-01-07 19:54 --------- d-----w c:\program files\vixy.net
2008-12-27 13:03 4,064,702 ----a-w c:\users\Veikko\Farmi15_SFX.exe
2008-12-26 23:13 --------- d-----w c:\program files\Deluxe Ski Jump 3
2008-12-24 13:58 --------- d-----w c:\program files\Sony
2008-12-22 22:10 --------- d-----w c:\users\Veikko\AppData\Roaming\Audacity
2008-12-22 11:29 --------- d-----w c:\users\Veikko\AppData\Roaming\teamspeak2
2008-12-13 19:56 --------- d-----w c:\program files\Teamspeak2_RC2
2008-12-02 20:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-11-24 20:31 65,888 ----a-w c:\windows\System32\sqlctr90.dll
2008-11-24 20:31 2,248,544 ----a-w c:\windows\System32\sqlncli.dll
2008-11-20 16:42 615,424 ----a-w c:\windows\System32\themeui.dll
2008-11-20 16:42 240,128 ----a-w c:\windows\System32\uxtheme.dll
2008-09-03 13:50 174 --sha-w c:\program files\desktop.ini
2007-05-21 10:58 0 ----a-w c:\users\Veikko\AppData\Roaming\wklnhst.dat
.
((((((((((((((((((((((((((((( snapshot@2009-02-04_17.13.40,58 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-02-04 19:57:23 295,606 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81200000003}\SC_Reader.exe
- 2009-02-04 14:47:34 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-02-04 20:53:04 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-02-04 14:47:34 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-02-04 20:53:04 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-02-04 15:12:31 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-04 20:54:08 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-04 20:54:08 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2009-02-04 15:12:23 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-04 20:57:08 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-04 20:57:08 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2009-02-04 14:47:36 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-04 20:34:31 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-04 14:47:36 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-04 20:34:31 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-04 17:58:08 57,344 ----a-w c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\6bc65f4a-6eabd74b-n\Decora-SSE.dll
+ 2009-02-04 17:58:06 315,392 ----a-w c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\4b13650b-264c0d32-n\jogl.dll
+ 2009-02-04 17:58:06 20,480 ----a-w c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\4b13650b-264c0d32-n\jogl_awt.dll
+ 2009-02-04 17:58:06 114,688 ----a-w c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\4b13650b-264c0d32-n\jogl_cg.dll
+ 2009-02-04 17:58:07 24,064 ----a-w c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\5e8cbb75-4bd76012-n\Decora-D3D.dll
+ 2009-02-04 17:58:03 499,712 ----a-w c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\35fdae37-3bf5f6ce-n\jmc.dll
+ 2009-02-04 17:58:03 503,808 ----a-w c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\35fdae37-3bf5f6ce-n\msvcp71.dll
+ 2009-02-04 17:58:03 348,160 ----a-w c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\35fdae37-3bf5f6ce-n\msvcr71.dll
+ 2009-02-04 17:58:04 20,480 ----a-w c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\252441bb-21841b09-n\gluegen-rt.dll
- 2009-02-04 14:47:36 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-04 20:34:31 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-01-16 23:05:37 6,553,600 ----a-w c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-02-04 20:03:07 6,553,600 ----a-w c:\windows\System32\SMI\Store\Machine\schema.dat
- 2009-02-04 14:49:34 11,190 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3215037636-2131323785-3305771590-1003_UserData.bin
+ 2009-02-04 20:55:32 11,190 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3215037636-2131323785-3305771590-1003_UserData.bin
- 2009-02-04 14:49:33 73,740 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-04 20:55:32 73,740 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-02-03 06:57:49 2,842 ----a-w c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2009-02-04 19:48:25 2,842 ----a-w c:\windows\System32\WDI\ERCQueuedResolutions.dat
- 2009-02-04 14:49:26 55,942 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-02-04 20:55:26 57,252 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
-- Snapshot nollattu tähän hetkeen --
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2006-09-29 20053544]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-11-14 472632]
"Steam"="c:\downloads\steam\steam.exe" [2008-10-08 1410296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-09-11 118784]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2006-11-12 43128]
"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALuNotify.exe" [2007-09-12 492912]
"F-Secure Manager"="c:\program files\F-Secure Internet Security\Common\FSM32.EXE" [2007-05-25 183208]
"F-Secure TNB"="c:\program files\F-Secure Internet Security\FSGUI\TNBUtil.exe" [2007-05-25 740208]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-06-26 614960]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-07 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-07 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-11-24 20:36 73728 c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0BC8CEEB-0676-46F7-87F9-5C25E20A995C}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype
"{CA9C1993-E931-405E-AC12-3341F07F10C4}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype
"{BA5B2BA1-13B5-4D3D-B676-E6D636D013F7}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{D2587E63-CCC3-4A4C-A4FC-0A34C21DD9E3}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{1430669F-0AFF-467F-BC49-C64F0510427B}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{1E62F26C-48C6-48BA-8287-BAF995099108}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{D4DF20E9-563D-49E1-9AED-7BBEE7102F12}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{90992B76-A6C8-477F-83A4-C584083BEFC0}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{A493A5BF-5C2C-4899-BDAB-89D8BABC8C53}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{047B06FC-CF5A-443E-B74E-20B6C0C54B50}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{FA327854-EEF9-4100-9C2D-5D8581C273D5}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{6A9441CF-6F14-4447-8C49-84B70BA2E60F}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{B4B1A454-2C0D-4781-B8F3-E8E1ACAC5A13}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{287BCAB3-8895-4662-BE8E-B3F1AB5AF53D}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{BDF01D8E-195A-49F8-9F43-BA83F1BDBFFC}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{E008766E-216E-462E-9235-12D7ED9229CC}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{B7BF959B-71E4-4496-AA52-35CA5E64A87E}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{70D4255D-B13E-46B7-9D7E-1B8E6FDA58D8}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{8B495492-32D0-493B-BAC7-9C4789D3F2FD}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{9BF74940-8E25-4C54-B7A3-4D4087E34AE1}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"TCP Query User{77C64838-273A-40A8-896F-05A75CB70D3F}c:\\users\\veikko\\desktop\\strongdc\\strongdc.exe"= UDP:c:\users\veikko\desktop\strongdc\strongdc.exe:strongdc.exe
"UDP Query User{47BC04A9-23EE-44F8-8EAD-E988CA38B0FB}c:\\users\\veikko\\desktop\\strongdc\\strongdc.exe"= TCP:c:\users\veikko\desktop\strongdc\strongdc.exe:strongdc.exe
"{B4A68D98-54B9-417C-B5CC-559BB6504EF3}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{872C2044-5F03-4F48-9FA3-DB5DEFEB7466}"= TCP:c:\program files\DNA\btdna.exe:DNA
"TCP Query User{F034008E-5D36-45CE-A319-BCE49447D091}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"UDP Query User{C52E8E10-31EA-4314-B93D-B9DE234C32F3}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"TCP Query User{82252084-3908-498F-9119-8F3330596B11}c:\\program files\\dc++\\dcplusplus.exe"= UDP:c:\program files\dc++\dcplusplus.exe:DC++
"UDP Query User{F4066AD6-2D42-44CE-A369-0700FA7C1D03}c:\\program files\\dc++\\dcplusplus.exe"= TCP:c:\program files\dc++\dcplusplus.exe:DC++
"TCP Query User{0E777C11-0B5F-48A4-AA78-51A0E8F9820B}c:\\program files\\counter-strike 1.6 v31\\hl.exe"= UDP:c:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"UDP Query User{3CED78FE-4DDC-4A41-AD0A-4A29240680AC}c:\\program files\\counter-strike 1.6 v31\\hl.exe"= TCP:c:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"TCP Query User{841A7EE8-783A-4FEB-9BFA-74CD0515D1ED}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{8C330778-AD56-4E31-8EA5-1B31A4500114}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{ADA8C9B1-9042-4E17-9E5E-76B293647B4C}c:\\users\\veikko\\program files\\dna\\btdna.exe"= UDP:c:\users\veikko\program files\dna\btdna.exe:btdna.exe
"UDP Query User{04C9CE37-23F3-42CA-9599-1BD4EE26CCFE}c:\\users\\veikko\\program files\\dna\\btdna.exe"= TCP:c:\users\veikko\program files\dna\btdna.exe:btdna.exe
"TCP Query User{32270A38-D83B-4EC1-B772-EAB76486D992}c:\\downloads\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor.exe"= UDP:c:\downloads\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor.exe:rFactor
"UDP Query User{69F6112A-C8F3-4258-A014-F4793017EF48}c:\\downloads\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor.exe"= TCP:c:\downloads\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor.exe:rFactor
"TCP Query User{FECDC0D2-B86A-45EE-A4CE-3A908434D234}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{85632176-6999-4F00-8F82-E80235B1BB8A}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{E089B513-460D-4189-9757-5FDE8A69CD09}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{4852ADC9-F8E4-4887-92E4-1228015C1DBB}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{37C79CE0-96AA-4785-97A6-57D2D363457E}c:\\downloads\\steam\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steam\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{BCB5C2F9-1318-461F-B983-3BF96A788511}c:\\downloads\\steam\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steam\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{500F2B3B-9331-4769-B82A-06C6CCA99254}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{BE97C500-FC96-4F36-9B73-915952F2481B}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{C5200D3C-1C0F-4375-91DC-E1BC96423357}c:\\program files\\msn messenger\\msnmsgr.exe"= UDP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"UDP Query User{4D2E2AB8-D7B7-467D-BD00-22F95ADCA588}c:\\program files\\msn messenger\\msnmsgr.exe"= TCP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"TCP Query User{4D69306B-8C96-4AA7-B76F-8D21FF8F22AC}c:\\users\\veikko\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\users\veikko\program files\bittorrent\bittorrent.exe:bittorrent.exe
"UDP Query User{C98FBF60-CB71-4A51-B3AA-C3D9883E58EE}c:\\users\\veikko\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\users\veikko\program files\bittorrent\bittorrent.exe:bittorrent.exe
"TCP Query User{0FF64EFF-593C-4AD7-A053-5F6861D8E5C1}c:\\downloads\\ra2\\game.exe"= UDP:c:\downloads\ra2\game.exe:Main executable for Red Alert 2
"UDP Query User{B2B53663-0CCE-4F13-BA76-163E2A0FAF58}c:\\downloads\\ra2\\game.exe"= TCP:c:\downloads\ra2\game.exe:Main executable for Red Alert 2
"TCP Query User{BDEB28E4-E095-4ABB-A65A-1A6F10992C7F}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"UDP Query User{AB3CB54B-4576-4C31-B941-60E2316BC997}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"TCP Query User{ECC29E4E-4AB5-4B98-959D-CB15006F50D2}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{3A5830A4-709D-4693-9A3B-336436152326}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{4123F98A-FFBF-4D92-A4D5-D262D0BD1235}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{32EAC0D9-3716-4BD4-A7C5-E8A0AF4A633E}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"{5F8F2E8A-7A4F-4ACC-B3B5-5FC739B41706}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{722B0EC9-4148-4DE2-9C72-D095B27A7E6D}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{C55972E0-776D-4B99-83AB-5F41CBD14FC4}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"UDP Query User{4CE348D3-ED36-41E8-B62D-AA4EBC80B3FE}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"TCP Query User{275A0A88-27B0-4833-9AD6-B226A6680102}c:\\program files\\atari\\deer hunter 2005\\dh2005.exe"= UDP:c:\program files\atari\deer hunter 2005\dh2005.exe:DH2005
"UDP Query User{C9DF7B6E-D436-4FD4-A140-AC7B88BB1461}c:\\program files\\atari\\deer hunter 2005\\dh2005.exe"= TCP:c:\program files\atari\deer hunter 2005\dh2005.exe:DH2005
"TCP Query User{CB436BD8-4777-49C2-B474-CE0E13F687E5}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{C7D544F6-2934-4F67-B0E6-E1FC9716C9DF}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{4377A7E9-4F14-4AB4-8AAB-BED4EBD5BC68}c:\\users\\veikko\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\veikko\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"UDP Query User{B032A9C5-1A7A-4042-817D-9AAF74E5BE5D}c:\\users\\veikko\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= TCP:c:\users\veikko\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"TCP Query User{6BB43303-F778-4DF5-A84E-E1B4692FBC71}c:\\program files\\propilkki2\\propilkki2.exe"= UDP:c:\program files\propilkki2\propilkki2.exe:Main executable of PP2
"UDP Query User{511AB870-3106-4338-9500-448FA18FE4E4}c:\\program files\\propilkki2\\propilkki2.exe"= TCP:c:\program files\propilkki2\propilkki2.exe:Main executable of PP2
"TCP Query User{8CC9500E-B3BE-4644-A5A3-9EEC38FA8FD5}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{8FEB3118-C44F-4AFB-A5F9-B692DD88F9D0}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{80CFA458-3C93-44FE-9A6C-06F6A5D5C86D}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{E402AA20-078A-4276-9470-00B3C9CF5E46}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"{C2E976F1-385A-480C-953A-4A310474E53B}"= UDP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\SteamProxy.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{F74F0B38-9D82-4AAA-8A23-0D956DD2443D}"= TCP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\SteamProxy.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{24BDAE99-E97C-4FAD-9771-4407A0F3FAAD}"= UDP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\RaceConfig_Steam.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{D8C0C30D-9E51-4824-8A03-306BF7CD5F64}"= TCP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\RaceConfig_Steam.exe:RACE 07 Demo - Crowne Plaza Raceway edition
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\F-Secure Internet Security\HIPS\fshs.sys [2008-05-02 41184]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\System32\drivers\fses.sys [2008-05-02 35024]
R1 FSFW;F-Secure Firewall Driver;c:\windows\System32\drivers\fsdfw.sys [2008-05-02 60064]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsvista.sys [2008-05-02 13168]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys [2008-05-02 59760]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [2006-11-30 227328]
S3 TfBulk;TfBulk;c:\windows\System32\drivers\TfBulk.SYS [2008-03-20 13312]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-03-01 741376]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-03-01 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-03-01 1089536]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure Internet Security\Anti-Virus\win2k\fsfilter.sys [2008-05-02 40048]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure Internet Security\Anti-Virus\win2k\fsrec.sys [2008-05-02 25456]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17cfdf7a-f686-11dc-b475-0019c18d9023}]
\shell\AutoRun\command - f:\portableapps\PortableAppsMenu\PortableAppsMenu.exe
.
'Ajoitetut tehtävät'-kansion sisältö
2009-02-04 c:\windows\Tasks\User_Feed_Synchronization-{5A2A3500-5E6F-470A-AC91-4591A2526C09}.job
- c:\windows\system32\msfeedssync.exe [2008-01-19 09:33]
.
- - - - POISTETUT JÄMÄRIVIT - - - -
HKLM-Run-Symantec PIF AlertEng - c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919293
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add RSS Support Site to VAIO Information FLOW - c:\program files\Sony\VAIO Information FLOW\aiesc.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\F-Secure Internet Security\FSPS\program\FSLSP.DLL
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -
FF - ProfilePath - c:\users\Veikko\AppData\Roaming\Mozilla\Firefox\Profiles\duaww0ta.default\
FF - plugin: c:\users\Veikko\Program Files\DNA\plugins\npbtdna.dll
---- FIREFOXIN KÄYTÄNNÖT ----
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-04 22:54:20
Windows 6.0.6001 Service Pack 1 NTFS
tarkistaa piilotettuja prosesseja ...
tarkistaa piilotettuja käynnistysarvoja ...
tarkistaa piilotettuja tiedostoja ...
**************************************************************************
.
--------------------- Prosesseihin ladatut DLLt ---------------------
- - - - - - - > 'Explorer.exe'(10784)
c:\program files\F-Secure Internet Security\Spam Control\fsscoepl.dll
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
.
------------------------ Muut prosessit ------------------------
.
c:\program files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
c:\windows\System32\audiodg.exe
c:\program files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
c:\program files\F-Secure Internet Security\Common\FSMA32.EXE
c:\program files\F-Secure Internet Security\Common\FSMB32.EXE
c:\program files\F-Secure Internet Security\Anti-Virus\fsgk32.exe
c:\program files\F-Secure Internet Security\Common\FCH32.EXE
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\program files\F-Secure Internet Security\Anti-Virus\fsqh.exe
c:\program files\F-Secure Internet Security\Common\FAMEH32.EXE
c:\program files\F-Secure Internet Security\FSPC\fspc.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\windows\System32\WUDFHost.exe
c:\windows\System32\drivers\XAudio.exe
c:\program files\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\program files\Sony\VAIO Power Management\SPMgr.exe
c:\program files\F-Secure Internet Security\FSAUA\program\fsaua.exe
c:\program files\F-Secure Internet Security\FWES\program\fsdfwd.exe
c:\program files\F-Secure Internet Security\Anti-Virus\fssm32.exe
c:\windows\System32\conime.exe
c:\program files\F-Secure Internet Security\FSAUA\program\fsus.exe
c:\program files\F-Secure Internet Security\FSGUI\fsguidll.exe
c:\combofix\hidec.exe
c:\program files\Apoint\ApMsgFwd.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
c:\program files\F-Secure Internet Security\Anti-Virus\fsav32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Apoint\ApntEx.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
c:\program files\Logitech\QuickCam10\COCIManager.exe
c:\windows\servicing\TrustedInstaller.exe
c:\combofix\Catchme.tmp
.
**************************************************************************
.
Valmistumisajankohta: 2009-02-04 23:11:57 - kone käynnistettiin uudelleen
ComboFix-quarantined-files.txt 2009-02-04 21:10:05
ComboFix2.txt 2009-02-04 15:15:42
Ennen ajoa: 36 093 382 656 tavua vapaana
Ajon jälkeen: 35,863,293,952 tavua vapaana
516 --- E O F --- 2009-02-03 07:45:32
|
|
Hujo
Suspended permanently
|
5. helmikuuta 2009 @ 19:27 |
Linkki tähän viestiin
|
Luo poistolista:
? Avaa HiJackThis
? Klikkaa "Configure" valintaa oikealla alhaalla
? Klikkaa "Misc Tools"
? Klikkaa boxia joka sanoo "Uninstall Manager"
? Klikkaa valintaa "Save list"
? Kopioi ja liitä kyseinen lista muistiosta ketjuusi
Voiko tietsikka koskaan toimia?
|
|
Eepska
Junior Member
|
5. helmikuuta 2009 @ 20:09 |
Linkki tähän viestiin
|
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Help Center 2.1
Adobe Photoshop Elements 5.0
Adobe Reader 8.1.2
Adobe Shockwave Player 11
Alps Pointing-device for VAIO
Apple Software Update
ASIO4ALL
Audacity 1.3.5 (Unicode)
Avidemux 2.4
Browser Address Error Redirector
CCleaner (remove only)
Choice Guard
Click to DVD 2.0.05 Menu Data
Click to DVD 2.6.00
Collab
Counter-Strike 1.6 V31.1
Counter-Strike: Source
DC++ 0.7091
Deluxe Ski Jump 3 v1.1
DVgate Plus
FL Studio 8
foobar2000 v0.9.5.3
Free YouTube to Mp3 Converter version 3.1
F-Secure Internet Security 2008
Google Earth
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HijackThis 2.0.2
IL Download Manager
LAN Setting Utility
Last.fm 1.5.1.30182
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Logitech Audio Echo Cancellation Component
Logitech QuickCam
Logitech Video Enumerator
Logitech® Camera -ohjain
Malwarebytes' Anti-Malware
Microsoft Office Standard Edition 2003
Microsoft Office Standard Edition 2003
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
mIRC
Mozilla Firefox (3.1b2)
MSN-työkalurivi
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
NVIDIA Drivers
Office 2003 Trial Assistant
OpenAL
OpenMG Secure Module 4.6.01
OpenOffice.org Installer 1.0
Opera 9.60
Pro Pilkki 2
RACE 07 Demo - Crowne Plaza Raceway edition
Realtek High Definition Audio Driver
Setting Utility Series
SonicStage 4.2
Sony Snymsico for Vista
Sony Utilities DLL
Sony Video Shared Library
Steam
sXe Injected
TeamSpeak 2 RC2
Total Video Converter 3.12 080330
Toxic Biohazard
Trials 2 Second Edition
Tv Style Beta 0.5
UEFA Champions League 2006-2007
UMVPLStandalone
Uninstall 1.0.0.1
URUSoft ViPlay
VAIO Aqua Breeze Wallpaper
VAIO Control Center
VAIO Cozy Orange Wallpaper
VAIO Data Restore Tool
VAIO Entertainment Platform
VAIO Event Service
VAIO Hardware Diagnostics
VAIO Information FLOW
VAIO Long Battery Life Wallpaper
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.0
VAIO Media Redistribution 6.0
VAIO Media Registration Tool 6.0
VAIO Photo 2007
VAIO Power Management
VAIO Update 4
VideoLAN VLC media player 0.8.6i
Winamp Remote
Winamp Toolbar for Firefox
Winamp Toolbar for Internet Explorer
Windows Installer Clean Up
Windows Live Call
Windows Live Communications Platform
Windows Live Messenger
Windows Liven asennustyökalu
Windows Liven asennustyökalu
Windows Liven kirjautumisavustaja
Windows Liven lataustyökalu
Windows Media Player Firefox Plugin
WinDVD for VAIO
WingMan Software
WinRAR-pakkausohjelma
Wireless Switch Setting Utility
vixy converter uninstall
|
|
Hujo
Suspended permanently
|
5. helmikuuta 2009 @ 20:16 |
Linkki tähän viestiin
|
|
Poista lisää poista sovelutuksesta
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
==============
scannaa combofix uudelleen
=============
scannaa uusi hjt:n loki
Voiko tietsikka koskaan toimia?
|
|
Eepska
Junior Member
|
5. helmikuuta 2009 @ 20:22 |
Linkki tähän viestiin
|
|
"Poista lisää poista sovelutuksesta
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)"
Tuota LiveUpdate 3.2 (Symantec Corparation) tiedostoa ei näköjään voi poistaa. Se sanoo tämän " One or more required folders cannot be created. Installation aborting"
|
|
Hujo
Suspended permanently
|
5. helmikuuta 2009 @ 20:27 |
Linkki tähän viestiin
|
|
tuolta ylhäältä löytyy tämä
Lataa ja suorita Norton-poistotyökalu
aja se poistotyökalu
Voiko tietsikka koskaan toimia?
|
|
Eepska
Junior Member
|
5. helmikuuta 2009 @ 21:03 |
Linkki tähän viestiin
|
HiJack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:21:59, on 4.2.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Sony\SonicStage\SSAAD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\foobar2000\foobar2000.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919293
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (file missing)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O3 - Toolbar: MSN-työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fi\msntb.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [Steam] "c:\downloads\steam\steam.exe" -silent
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add RSS Support Site to VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O18 - Protocol: bw+0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 25839 bytes
ComboFix :
ComboFix 09-02-02.04 - Veikko 2009-02-05 20:48:57.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1035.18.2045.1215 [GMT 2:00]
Sijainti: c:\users\Veikko\Desktop\ComboFix.exe
AV: F-Secure Internet Security 2008 8.00 *On-access scanning disabled* (Updated)
FW: F-Secure Internet Security 2008 8.00 *disabled*
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-05 to 2009-02-05 )))))))))))))))))
.
2009-02-05 20:46 . 2009-02-05 20:47 <KANSIO> d-------- C:\32788R22FWJFW.3.tmp
2009-02-05 20:36 . 2009-02-05 20:36 <KANSIO> d-------- c:\programdata\NortonInstaller
2009-02-05 19:05 . 2009-02-05 19:05 0 --a------ c:\windows\System32\REN2B50.tmp
2009-02-05 19:05 . 2009-02-05 19:05 0 --a------ c:\windows\System32\REN2B4F.tmp
2009-02-05 19:05 . 2009-02-05 19:05 0 --a------ c:\windows\System32\REN2B4E.tmp
2009-02-05 19:03 . 2009-02-05 19:03 0 --a------ c:\windows\System32\RENDDAD.tmp
2009-02-05 19:03 . 2009-02-05 19:03 0 --a------ c:\windows\System32\RENDDAC.tmp
2009-02-05 19:03 . 2009-02-05 19:03 0 --a------ c:\windows\System32\RENDD9C.tmp
2009-02-04 22:44 . 2009-02-04 22:44 <KANSIO> d-------- C:\32788R22FWJFW.2.tmp
2009-02-04 22:38 . 2009-02-04 22:38 0 --a------ c:\windows\System32\RENCA24.tmp
2009-02-04 22:38 . 2009-02-04 22:38 0 --a------ c:\windows\System32\RENCA23.tmp
2009-02-04 22:38 . 2009-02-04 22:38 0 --a------ c:\windows\System32\RENCA22.tmp
2009-02-04 22:35 . 2009-02-04 22:35 0 --a------ c:\windows\System32\REN7B0.tmp
2009-02-04 22:35 . 2009-02-04 22:35 0 --a------ c:\windows\System32\REN7AF.tmp
2009-02-04 22:35 . 2009-02-04 22:35 0 --a------ c:\windows\System32\REN7AE.tmp
2009-02-04 22:20 . 2009-02-04 22:20 0 --a------ c:\windows\System32\RENF3F0.tmp
2009-02-04 22:20 . 2009-02-04 22:20 0 --a------ c:\windows\System32\RENF3EF.tmp
2009-02-04 22:14 . 2009-02-04 22:14 0 --a------ c:\windows\System32\REN5EF2.tmp
2009-02-04 22:14 . 2009-02-04 22:14 0 --a------ c:\windows\System32\REN5EF1.tmp
2009-02-04 22:01 . 2009-02-04 22:01 0 --a------ c:\windows\System32\REN26B3.tmp
2009-02-04 22:01 . 2009-02-04 22:01 0 --a------ c:\windows\System32\REN26B2.tmp
2009-02-04 21:46 . 2009-02-04 21:46 0 --a------ c:\windows\System32\RENB52D.tmp
2009-02-04 21:46 . 2009-02-04 21:46 0 --a------ c:\windows\System32\RENB52C.tmp
2009-02-04 20:23 . 2009-02-04 20:23 0 --a------ c:\windows\System32\REN235.tmp
2009-02-04 20:23 . 2009-02-04 20:23 0 --a------ c:\windows\System32\REN234.tmp
2009-02-04 20:23 . 2009-02-04 20:23 0 --a------ c:\windows\System32\REN233.tmp
2009-02-04 19:26 . 2009-02-04 19:26 0 --a------ c:\windows\System32\RENC331.tmp
2009-02-04 19:26 . 2009-02-04 19:26 0 --a------ c:\windows\System32\RENC330.tmp
2009-02-04 19:26 . 2009-02-04 19:26 0 --a------ c:\windows\System32\RENC32F.tmp
2009-02-04 19:02 . 2009-02-04 19:02 0 --a------ c:\windows\System32\RENE66C.tmp
2009-02-04 19:02 . 2009-02-04 19:02 0 --a------ c:\windows\System32\RENE65B.tmp
2009-02-04 19:02 . 2009-02-04 19:02 0 --a------ c:\windows\System32\RENE65A.tmp
2009-02-04 18:53 . 2009-02-04 18:53 0 --a------ c:\windows\System32\REN8884.tmp
2009-02-04 18:53 . 2009-02-04 18:53 0 --a------ c:\windows\System32\REN8883.tmp
2009-02-04 18:53 . 2009-02-04 18:53 0 --a------ c:\windows\System32\REN8872.tmp
2009-02-04 18:49 . 2009-02-04 18:49 0 --a------ c:\windows\System32\REN4157.tmp
2009-02-04 18:49 . 2009-02-04 18:49 0 --a------ c:\windows\System32\REN4156.tmp
2009-02-04 18:49 . 2009-02-04 18:49 0 --a------ c:\windows\System32\REN4155.tmp
2009-02-04 18:39 . 2009-02-04 18:39 <KANSIO> d-------- c:\program files\Windows Installer Clean Up
2009-02-04 18:39 . 2009-02-04 18:39 <KANSIO> d-------- c:\program files\MSECACHE
2009-02-04 17:02 . 2009-02-04 17:04 <KANSIO> d-------- C:\32788R22FWJFW.1.tmp
2009-02-04 17:02 . 2009-02-04 17:02 <KANSIO> d-------- C:\32788R22FWJFW.0.tmp
2009-02-03 22:06 . 2009-02-03 22:06 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\Malwarebytes
2009-02-03 22:06 . 2009-02-03 22:06 <KANSIO> d-------- c:\programdata\Malwarebytes
2009-02-03 22:06 . 2009-02-04 08:32 <KANSIO> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-03 22:06 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-03 22:06 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-03 22:05 . 2009-02-03 22:05 0 --a------ c:\windows\System32\RENBE03.tmp
2009-02-03 22:05 . 2009-02-03 22:05 0 --a------ c:\windows\System32\RENBE02.tmp
2009-02-03 22:05 . 2009-02-03 22:05 0 --a------ c:\windows\System32\RENBE01.tmp
2009-02-03 21:33 . 2009-02-03 21:33 0 --a------ c:\windows\System32\RENB090.tmp
2009-02-03 21:33 . 2009-02-03 21:33 0 --a------ c:\windows\System32\RENB08F.tmp
2009-02-03 21:33 . 2009-02-03 21:33 0 --a------ c:\windows\System32\RENB08E.tmp
2009-02-03 20:55 . 2009-02-03 20:55 <KANSIO> d-------- c:\program files\Trend Micro
2009-02-02 22:57 . 2009-02-02 22:57 0 --a------ c:\windows\System32\RENCC28.tmp
2009-02-02 22:57 . 2009-02-02 22:57 0 --a------ c:\windows\System32\RENCC27.tmp
2009-02-02 22:57 . 2009-02-02 22:57 0 --a------ c:\windows\System32\RENCC26.tmp
2009-02-02 22:47 . 2009-02-03 21:24 <KANSIO> d-------- c:\program files\Mozilla Firefox 3.1 Beta 2
2009-02-02 21:18 . 2009-02-02 21:18 <KANSIO> d-------- c:\program files\CCleaner
2009-02-02 21:12 . 2009-02-02 21:12 0 --a------ c:\windows\System32\REN85A5.tmp
2009-02-02 21:12 . 2009-02-02 21:12 0 --a------ c:\windows\System32\REN85A4.tmp
2009-02-02 21:12 . 2009-02-02 21:12 0 --a------ c:\windows\System32\REN8593.tmp
2009-02-02 21:05 . 2009-02-02 21:05 0 --a------ c:\windows\System32\RENB424.tmp
2009-02-02 21:05 . 2009-02-02 21:05 0 --a------ c:\windows\System32\RENB413.tmp
2009-02-02 21:05 . 2009-02-02 21:05 0 --a------ c:\windows\System32\RENB402.tmp
2009-02-02 15:29 . 2009-02-04 20:30 410,984 --a------ c:\windows\System32\deploytk.dll
2009-01-22 00:22 . 2009-01-22 12:51 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\gtk-2.0
2009-01-22 00:21 . 2009-01-22 00:22 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\avidemux
2009-01-21 22:51 . 2009-01-21 22:51 <KANSIO> d-------- c:\program files\DC++
2009-01-14 12:35 . 2008-12-16 04:42 288,768 --a------ c:\windows\System32\drivers\srv.sys
2009-01-12 12:44 . 2009-02-05 20:10 <KANSIO> d-------- c:\users\Veikko\Tracing
2009-01-12 12:42 . 2009-01-12 12:42 <KANSIO> d-------- c:\program files\Microsoft
2009-01-12 12:41 . 2009-01-12 12:41 <KANSIO> d-------- c:\program files\Windows Live SkyDrive
2009-01-12 12:33 . 2009-01-12 12:33 <KANSIO> d-------- c:\program files\Common Files\Windows Live
2009-01-07 21:54 . 2009-01-07 21:54 <KANSIO> d-------- c:\program files\vixy.net
2009-01-05 00:20 . 2009-01-05 00:20 <KANSIO> d-------- c:\program files\DVDVideoSoft
2009-01-05 00:20 . 2009-01-05 00:20 <KANSIO> d-------- c:\program files\Common Files\DVDVideoSoft
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-05 18:42 --------- d-----w c:\program files\Symantec
2009-02-05 18:40 --------- d-----w c:\users\Veikko\AppData\Roaming\foobar2000
2009-02-05 17:06 --------- d-----w c:\program files\Frets on Fire
2009-02-05 16:25 --------- d-----w c:\users\Veikko\AppData\Roaming\Skype
2009-02-04 19:55 --------- d-----w c:\program files\Common Files\Adobe
2009-02-04 18:36 --------- d-----w c:\program files\Common Files\Steam
2009-02-04 18:31 --------- d-----w c:\users\Veikko\AppData\Roaming\mIRC
2009-02-03 19:58 --------- d-----w c:\program files\Logitech
2009-02-03 18:48 --------- d-----w c:\program files\Image-Line
2009-02-03 18:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-02 18:50 --------- d-----w c:\users\Veikko\AppData\Roaming\LimeWire
2009-01-31 12:24 --------- d-----w c:\program files\Microsoft SQL Server
2009-01-22 13:59 --------- d-----w c:\users\Veikko\AppData\Roaming\BitTorrent
2009-01-15 08:31 --------- d-----w c:\program files\Windows Mail
2009-01-12 10:41 --------- d-----w c:\program files\Windows Live
2009-01-07 19:54 --------- d-----w c:\program files\vixy.net
2008-12-27 13:03 4,064,702 ----a-w c:\users\Veikko\Farmi15_SFX.exe
2008-12-26 23:13 --------- d-----w c:\program files\Deluxe Ski Jump 3
2008-12-24 13:58 --------- d-----w c:\program files\Sony
2008-12-22 22:10 --------- d-----w c:\users\Veikko\AppData\Roaming\Audacity
2008-12-22 11:29 --------- d-----w c:\users\Veikko\AppData\Roaming\teamspeak2
2008-12-13 19:56 --------- d-----w c:\program files\Teamspeak2_RC2
2008-12-02 20:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-11-24 20:31 65,888 ----a-w c:\windows\System32\sqlctr90.dll
2008-11-24 20:31 2,248,544 ----a-w c:\windows\System32\sqlncli.dll
2008-11-20 16:42 615,424 ----a-w c:\windows\System32\themeui.dll
2008-11-20 16:42 240,128 ----a-w c:\windows\System32\uxtheme.dll
2008-09-03 13:50 174 --sha-w c:\program files\desktop.ini
2007-05-21 10:58 0 ----a-w c:\users\Veikko\AppData\Roaming\wklnhst.dat
.
((((((((((((((((((((((((((((( snapshot_2009-02-04_23.07.36.32 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-02 21:02:30 51,200 ----a-w c:\windows\inf\infpub.dat
+ 2009-02-05 17:10:03 51,200 ----a-w c:\windows\inf\infpub.dat
- 2008-10-02 21:02:27 86,016 ----a-w c:\windows\inf\infstor.dat
+ 2009-02-05 17:10:03 86,016 ----a-w c:\windows\inf\infstor.dat
- 2008-10-02 21:02:30 143,360 ----a-w c:\windows\inf\infstrng.dat
+ 2009-02-05 17:10:03 143,360 ----a-w c:\windows\inf\infstrng.dat
- 2009-02-04 20:53:04 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-02-05 18:42:23 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-02-04 20:53:04 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-02-05 18:42:23 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-02-04 20:54:08 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-05 18:45:31 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-05 18:45:31 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2009-02-04 20:57:08 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-05 18:45:26 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2009-02-04 20:34:31 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-05 17:20:33 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-04 20:34:31 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-05 17:20:33 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-04 20:34:31 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-05 17:20:33 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-02-04 20:55:32 11,190 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3215037636-2131323785-3305771590-1003_UserData.bin
+ 2009-02-05 18:45:09 11,190 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3215037636-2131323785-3305771590-1003_UserData.bin
- 2009-02-04 20:55:32 73,740 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-05 18:45:08 73,740 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-02-04 20:55:26 57,252 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-02-05 18:44:51 57,466 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-02-04 06:31:19 344,294 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-02-05 16:24:45 344,566 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-11-14 472632]
"Steam"="c:\downloads\steam\steam.exe" [2008-10-08 1410296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-09-11 118784]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2006-11-12 43128]
"F-Secure Manager"="c:\program files\F-Secure Internet Security\Common\FSM32.EXE" [2007-05-25 183208]
"F-Secure TNB"="c:\program files\F-Secure Internet Security\FSGUI\TNBUtil.exe" [2007-05-25 740208]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-06-26 614960]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-07 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-07 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-11-24 20:36 73728 c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0BC8CEEB-0676-46F7-87F9-5C25E20A995C}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype
"{CA9C1993-E931-405E-AC12-3341F07F10C4}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype
"{BA5B2BA1-13B5-4D3D-B676-E6D636D013F7}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{D2587E63-CCC3-4A4C-A4FC-0A34C21DD9E3}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{1430669F-0AFF-467F-BC49-C64F0510427B}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{1E62F26C-48C6-48BA-8287-BAF995099108}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{D4DF20E9-563D-49E1-9AED-7BBEE7102F12}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{90992B76-A6C8-477F-83A4-C584083BEFC0}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{A493A5BF-5C2C-4899-BDAB-89D8BABC8C53}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{047B06FC-CF5A-443E-B74E-20B6C0C54B50}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{FA327854-EEF9-4100-9C2D-5D8581C273D5}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{6A9441CF-6F14-4447-8C49-84B70BA2E60F}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{B4B1A454-2C0D-4781-B8F3-E8E1ACAC5A13}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{287BCAB3-8895-4662-BE8E-B3F1AB5AF53D}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{BDF01D8E-195A-49F8-9F43-BA83F1BDBFFC}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{E008766E-216E-462E-9235-12D7ED9229CC}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{B7BF959B-71E4-4496-AA52-35CA5E64A87E}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{70D4255D-B13E-46B7-9D7E-1B8E6FDA58D8}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{8B495492-32D0-493B-BAC7-9C4789D3F2FD}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{9BF74940-8E25-4C54-B7A3-4D4087E34AE1}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"TCP Query User{77C64838-273A-40A8-896F-05A75CB70D3F}c:\\users\\veikko\\desktop\\strongdc\\strongdc.exe"= UDP:c:\users\veikko\desktop\strongdc\strongdc.exe:strongdc.exe
"UDP Query User{47BC04A9-23EE-44F8-8EAD-E988CA38B0FB}c:\\users\\veikko\\desktop\\strongdc\\strongdc.exe"= TCP:c:\users\veikko\desktop\strongdc\strongdc.exe:strongdc.exe
"{B4A68D98-54B9-417C-B5CC-559BB6504EF3}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{872C2044-5F03-4F48-9FA3-DB5DEFEB7466}"= TCP:c:\program files\DNA\btdna.exe:DNA
"TCP Query User{F034008E-5D36-45CE-A319-BCE49447D091}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"UDP Query User{C52E8E10-31EA-4314-B93D-B9DE234C32F3}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"TCP Query User{82252084-3908-498F-9119-8F3330596B11}c:\\program files\\dc++\\dcplusplus.exe"= UDP:c:\program files\dc++\dcplusplus.exe:DC++
"UDP Query User{F4066AD6-2D42-44CE-A369-0700FA7C1D03}c:\\program files\\dc++\\dcplusplus.exe"= TCP:c:\program files\dc++\dcplusplus.exe:DC++
"TCP Query User{0E777C11-0B5F-48A4-AA78-51A0E8F9820B}c:\\program files\\counter-strike 1.6 v31\\hl.exe"= UDP:c:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"UDP Query User{3CED78FE-4DDC-4A41-AD0A-4A29240680AC}c:\\program files\\counter-strike 1.6 v31\\hl.exe"= TCP:c:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"TCP Query User{841A7EE8-783A-4FEB-9BFA-74CD0515D1ED}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{8C330778-AD56-4E31-8EA5-1B31A4500114}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{ADA8C9B1-9042-4E17-9E5E-76B293647B4C}c:\\users\\veikko\\program files\\dna\\btdna.exe"= UDP:c:\users\veikko\program files\dna\btdna.exe:btdna.exe
"UDP Query User{04C9CE37-23F3-42CA-9599-1BD4EE26CCFE}c:\\users\\veikko\\program files\\dna\\btdna.exe"= TCP:c:\users\veikko\program files\dna\btdna.exe:btdna.exe
"TCP Query User{32270A38-D83B-4EC1-B772-EAB76486D992}c:\\downloads\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor.exe"= UDP:c:\downloads\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor.exe:rFactor
"UDP Query User{69F6112A-C8F3-4258-A014-F4793017EF48}c:\\downloads\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor.exe"= TCP:c:\downloads\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor.exe:rFactor
"TCP Query User{FECDC0D2-B86A-45EE-A4CE-3A908434D234}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{85632176-6999-4F00-8F82-E80235B1BB8A}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{E089B513-460D-4189-9757-5FDE8A69CD09}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{4852ADC9-F8E4-4887-92E4-1228015C1DBB}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{37C79CE0-96AA-4785-97A6-57D2D363457E}c:\\downloads\\steam\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steam\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{BCB5C2F9-1318-461F-B983-3BF96A788511}c:\\downloads\\steam\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steam\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{500F2B3B-9331-4769-B82A-06C6CCA99254}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{BE97C500-FC96-4F36-9B73-915952F2481B}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{C5200D3C-1C0F-4375-91DC-E1BC96423357}c:\\program files\\msn messenger\\msnmsgr.exe"= UDP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"UDP Query User{4D2E2AB8-D7B7-467D-BD00-22F95ADCA588}c:\\program files\\msn messenger\\msnmsgr.exe"= TCP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"TCP Query User{4D69306B-8C96-4AA7-B76F-8D21FF8F22AC}c:\\users\\veikko\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\users\veikko\program files\bittorrent\bittorrent.exe:bittorrent.exe
"UDP Query User{C98FBF60-CB71-4A51-B3AA-C3D9883E58EE}c:\\users\\veikko\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\users\veikko\program files\bittorrent\bittorrent.exe:bittorrent.exe
"TCP Query User{0FF64EFF-593C-4AD7-A053-5F6861D8E5C1}c:\\downloads\\ra2\\game.exe"= UDP:c:\downloads\ra2\game.exe:Main executable for Red Alert 2
"UDP Query User{B2B53663-0CCE-4F13-BA76-163E2A0FAF58}c:\\downloads\\ra2\\game.exe"= TCP:c:\downloads\ra2\game.exe:Main executable for Red Alert 2
"TCP Query User{BDEB28E4-E095-4ABB-A65A-1A6F10992C7F}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"UDP Query User{AB3CB54B-4576-4C31-B941-60E2316BC997}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"TCP Query User{ECC29E4E-4AB5-4B98-959D-CB15006F50D2}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{3A5830A4-709D-4693-9A3B-336436152326}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{4123F98A-FFBF-4D92-A4D5-D262D0BD1235}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{32EAC0D9-3716-4BD4-A7C5-E8A0AF4A633E}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"TCP Query User{C55972E0-776D-4B99-83AB-5F41CBD14FC4}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"UDP Query User{4CE348D3-ED36-41E8-B62D-AA4EBC80B3FE}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"TCP Query User{275A0A88-27B0-4833-9AD6-B226A6680102}c:\\program files\\atari\\deer hunter 2005\\dh2005.exe"= UDP:c:\program files\atari\deer hunter 2005\dh2005.exe:DH2005
"UDP Query User{C9DF7B6E-D436-4FD4-A140-AC7B88BB1461}c:\\program files\\atari\\deer hunter 2005\\dh2005.exe"= TCP:c:\program files\atari\deer hunter 2005\dh2005.exe:DH2005
"TCP Query User{CB436BD8-4777-49C2-B474-CE0E13F687E5}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{C7D544F6-2934-4F67-B0E6-E1FC9716C9DF}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{4377A7E9-4F14-4AB4-8AAB-BED4EBD5BC68}c:\\users\\veikko\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\veikko\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"UDP Query User{B032A9C5-1A7A-4042-817D-9AAF74E5BE5D}c:\\users\\veikko\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= TCP:c:\users\veikko\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"TCP Query User{6BB43303-F778-4DF5-A84E-E1B4692FBC71}c:\\program files\\propilkki2\\propilkki2.exe"= UDP:c:\program files\propilkki2\propilkki2.exe:Main executable of PP2
"UDP Query User{511AB870-3106-4338-9500-448FA18FE4E4}c:\\program files\\propilkki2\\propilkki2.exe"= TCP:c:\program files\propilkki2\propilkki2.exe:Main executable of PP2
"TCP Query User{8CC9500E-B3BE-4644-A5A3-9EEC38FA8FD5}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{8FEB3118-C44F-4AFB-A5F9-B692DD88F9D0}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{80CFA458-3C93-44FE-9A6C-06F6A5D5C86D}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{E402AA20-078A-4276-9470-00B3C9CF5E46}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"{C2E976F1-385A-480C-953A-4A310474E53B}"= UDP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\SteamProxy.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{F74F0B38-9D82-4AAA-8A23-0D956DD2443D}"= TCP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\SteamProxy.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{24BDAE99-E97C-4FAD-9771-4407A0F3FAAD}"= UDP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\RaceConfig_Steam.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{D8C0C30D-9E51-4824-8A03-306BF7CD5F64}"= TCP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\RaceConfig_Steam.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{A1B2A393-7697-4FA0-A6A7-8CB1E0C89704}"= UDP:c:\users\Veikko\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{59D7A2BD-9D28-4722-85B0-5B70AC31027C}"= TCP:c:\users\Veikko\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\F-Secure Internet Security\HIPS\fshs.sys [2008-05-02 41184]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\System32\drivers\fses.sys [2008-05-02 35024]
R1 FSFW;F-Secure Firewall Driver;c:\windows\System32\drivers\fsdfw.sys [2008-05-02 60064]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsvista.sys [2008-05-02 13168]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys [2008-05-02 59760]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [2006-11-30 227328]
S3 TfBulk;TfBulk;c:\windows\System32\drivers\TfBulk.SYS [2008-03-20 13312]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-03-01 741376]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-03-01 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-03-01 1089536]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure Internet Security\Anti-Virus\win2k\fsfilter.sys [2008-05-02 40048]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure Internet Security\Anti-Virus\win2k\fsrec.sys [2008-05-02 25456]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17cfdf7a-f686-11dc-b475-0019c18d9023}]
\shell\AutoRun\command - f:\portableapps\PortableAppsMenu\PortableAppsMenu.exe
.
'Ajoitetut tehtävät'-kansion sisältö
2009-02-05 c:\windows\Tasks\User_Feed_Synchronization-{5A2A3500-5E6F-470A-AC91-4591A2526C09}.job
- c:\windows\system32\msfeedssync.exe [2008-01-19 09:33]
.
- - - - POISTETUT JÄMÄRIVIT - - - -
HKLM-Run-ALUAlert - c:\program files\Symantec\LiveUpdate\ALuNotify.exe
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919293
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add RSS Support Site to VAIO Information FLOW - c:\program files\Sony\VAIO Information FLOW\aiesc.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\F-Secure Internet Security\FSPS\program\FSLSP.DLL
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -
FF - ProfilePath - c:\users\Veikko\AppData\Roaming\Mozilla\Firefox\Profiles\duaww0ta.default\
---- FIREFOXIN KÄYTÄNNÖT ----
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-05 20:54:10
Windows 6.0.6001 Service Pack 1 NTFS
tarkistaa piilotettuja prosesseja ...
tarkistaa piilotettuja käynnistysarvoja ...
tarkistaa piilotettuja tiedostoja ...
tarkistus on valmis
piilotetut tiedostot: 0
**************************************************************************
.
Valmistumisajankohta: 2009-02-05 20:57:20
ComboFix-quarantined-files.txt 2009-02-05 18:57:15
ComboFix2.txt 2009-02-04 21:12:03
ComboFix3.txt 2009-02-04 15:15:42
Ennen ajoa: 36 425 170 944 tavua vapaana
Ajon jälkeen: 36,395,573,248 tavua vapaana
320 --- E O F --- 2009-02-05 16:31:15
|
|
Hujo
Suspended permanently
|
5. helmikuuta 2009 @ 21:46 |
Linkki tähän viestiin
|
ja ota ne järjetelmän valvojanoikeudet tai muuten saat formatoida sen koneen
kun ei ole fixsattu niitä pois mitä on laitettu
tänne opiskeleen
=======================
scannaa hjt:llä merkkaa paina Fix checked
alla olevien rivien eteen pikkusta neliöö klikaten tulee siihen ruksi.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finnish.toggle.com/fi/index.php?rvs=hompag&d=79919293
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (file missing)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O18 - Protocol: bw+0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 - {0BF1A236-F50A-476B-96F7-D2875D68EBA7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
====================
Kirjoita suorita luukkuun
services.msc
Klikkaa OK
Etsi nuo serviset
LiveUpdate Notice Ex
LiveUpdate Notice Service
CLTNetCnService
Automatic LiveUpdate Scheduler
tuplalikkaa yllä olevia serviseitä
Laita seis
alasvetovalikosta ei käytössä
käytä ja ok
====================
Nyt tuon alla olevan lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio
Lainaus:
Folder::
c:\program files\Symantec
c:\programdata\NortonInstaller
C:\Program Files\Logitech\Desktop Messenger
Tallenna se nimellä CFScript.txt työpöydälle
Sitten raahaa CFScript ComboFix.exeen kuten alla.
Laita tuleva loki tänne.
Sammutat ja käynnistät koneen
Voiko tietsikka koskaan toimia?
|
|
Eepska
Junior Member
|
5. helmikuuta 2009 @ 22:29 |
Linkki tähän viestiin
|
ComboFix 09-02-02.04 - Veikko 2009-02-05 22:18:23.4 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1035.18.2045.1112 [GMT 2:00]
Sijainti: c:\users\Veikko\Desktop\ComboFix.exe
Käytetyt komentorivivalitsimet :: c:\users\Veikko\Desktop\CFScript.txt
AV: F-Secure Internet Security 2008 8.00 *On-access scanning disabled* (Updated)
FW: F-Secure Internet Security 2008 8.00 *disabled*
* Uusi palautuspiste luotu
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Symantec
c:\programdata\NortonInstaller
c:\programdata\NortonInstaller\Logs\2-5-2009-20h36m01s\SymNRT-2-5-2009-20h36m01s.log
c:\programdata\NortonInstaller\Logs\2-5-2009-20h36m01s\SymNRT.1.mft.7z
c:\programdata\NortonInstaller\Settings\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.7z
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-05 to 2009-02-05 )))))))))))))))))
.
2009-02-05 22:13 . 2009-02-05 22:14 <KANSIO> d-------- C:\32788R22FWJFW.4.tmp
2009-02-05 21:32 . 2009-02-05 21:32 <KANSIO> d-------- c:\program files\Java
2009-02-05 21:32 . 2009-02-05 21:32 0 --a------ c:\windows\System32\REN57D.tmp
2009-02-05 21:32 . 2009-02-05 21:32 0 --a------ c:\windows\System32\REN57C.tmp
2009-02-05 21:31 . 2009-02-05 21:31 <KANSIO> d-------- c:\program files\Common Files\Java
2009-02-05 21:22 . 2009-02-05 21:22 0 --a------ c:\windows\System32\REND23D.tmp
2009-02-05 21:22 . 2009-02-05 21:22 0 --a------ c:\windows\System32\REND22C.tmp
2009-02-05 21:12 . 2009-02-05 21:12 0 --a------ c:\windows\System32\REN84B.tmp
2009-02-05 21:12 . 2009-02-05 21:12 0 --a------ c:\windows\System32\REN83A.tmp
2009-02-05 20:46 . 2009-02-05 20:47 <KANSIO> d-------- C:\32788R22FWJFW.3.tmp
2009-02-05 19:05 . 2009-02-05 19:05 0 --a------ c:\windows\System32\REN2B50.tmp
2009-02-05 19:05 . 2009-02-05 19:05 0 --a------ c:\windows\System32\REN2B4F.tmp
2009-02-05 19:05 . 2009-02-05 19:05 0 --a------ c:\windows\System32\REN2B4E.tmp
2009-02-05 19:03 . 2009-02-05 19:03 0 --a------ c:\windows\System32\RENDDAD.tmp
2009-02-05 19:03 . 2009-02-05 19:03 0 --a------ c:\windows\System32\RENDDAC.tmp
2009-02-05 19:03 . 2009-02-05 19:03 0 --a------ c:\windows\System32\RENDD9C.tmp
2009-02-04 22:44 . 2009-02-04 22:44 <KANSIO> d-------- C:\32788R22FWJFW.2.tmp
2009-02-04 22:38 . 2009-02-04 22:38 0 --a------ c:\windows\System32\RENCA24.tmp
2009-02-04 22:38 . 2009-02-04 22:38 0 --a------ c:\windows\System32\RENCA23.tmp
2009-02-04 22:38 . 2009-02-04 22:38 0 --a------ c:\windows\System32\RENCA22.tmp
2009-02-04 22:35 . 2009-02-04 22:35 0 --a------ c:\windows\System32\REN7B0.tmp
2009-02-04 22:35 . 2009-02-04 22:35 0 --a------ c:\windows\System32\REN7AF.tmp
2009-02-04 22:35 . 2009-02-04 22:35 0 --a------ c:\windows\System32\REN7AE.tmp
2009-02-04 22:20 . 2009-02-04 22:20 0 --a------ c:\windows\System32\RENF3F0.tmp
2009-02-04 22:20 . 2009-02-04 22:20 0 --a------ c:\windows\System32\RENF3EF.tmp
2009-02-04 22:14 . 2009-02-04 22:14 0 --a------ c:\windows\System32\REN5EF2.tmp
2009-02-04 22:14 . 2009-02-04 22:14 0 --a------ c:\windows\System32\REN5EF1.tmp
2009-02-04 22:01 . 2009-02-04 22:01 0 --a------ c:\windows\System32\REN26B3.tmp
2009-02-04 22:01 . 2009-02-04 22:01 0 --a------ c:\windows\System32\REN26B2.tmp
2009-02-04 21:46 . 2009-02-04 21:46 0 --a------ c:\windows\System32\RENB52D.tmp
2009-02-04 21:46 . 2009-02-04 21:46 0 --a------ c:\windows\System32\RENB52C.tmp
2009-02-04 20:23 . 2009-02-04 20:23 0 --a------ c:\windows\System32\REN235.tmp
2009-02-04 20:23 . 2009-02-04 20:23 0 --a------ c:\windows\System32\REN234.tmp
2009-02-04 20:23 . 2009-02-04 20:23 0 --a------ c:\windows\System32\REN233.tmp
2009-02-04 19:26 . 2009-02-04 19:26 0 --a------ c:\windows\System32\RENC331.tmp
2009-02-04 19:26 . 2009-02-04 19:26 0 --a------ c:\windows\System32\RENC330.tmp
2009-02-04 19:26 . 2009-02-04 19:26 0 --a------ c:\windows\System32\RENC32F.tmp
2009-02-04 19:02 . 2009-02-04 19:02 0 --a------ c:\windows\System32\RENE66C.tmp
2009-02-04 19:02 . 2009-02-04 19:02 0 --a------ c:\windows\System32\RENE65B.tmp
2009-02-04 19:02 . 2009-02-04 19:02 0 --a------ c:\windows\System32\RENE65A.tmp
2009-02-04 18:53 . 2009-02-04 18:53 0 --a------ c:\windows\System32\REN8884.tmp
2009-02-04 18:53 . 2009-02-04 18:53 0 --a------ c:\windows\System32\REN8883.tmp
2009-02-04 18:53 . 2009-02-04 18:53 0 --a------ c:\windows\System32\REN8872.tmp
2009-02-04 18:49 . 2009-02-04 18:49 0 --a------ c:\windows\System32\REN4157.tmp
2009-02-04 18:49 . 2009-02-04 18:49 0 --a------ c:\windows\System32\REN4156.tmp
2009-02-04 18:49 . 2009-02-04 18:49 0 --a------ c:\windows\System32\REN4155.tmp
2009-02-04 18:39 . 2009-02-04 18:39 <KANSIO> d-------- c:\program files\Windows Installer Clean Up
2009-02-04 18:39 . 2009-02-04 18:39 <KANSIO> d-------- c:\program files\MSECACHE
2009-02-04 17:02 . 2009-02-04 17:04 <KANSIO> d-------- C:\32788R22FWJFW.1.tmp
2009-02-04 17:02 . 2009-02-04 17:02 <KANSIO> d-------- C:\32788R22FWJFW.0.tmp
2009-02-03 22:06 . 2009-02-03 22:06 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\Malwarebytes
2009-02-03 22:06 . 2009-02-03 22:06 <KANSIO> d-------- c:\programdata\Malwarebytes
2009-02-03 22:06 . 2009-02-04 08:32 <KANSIO> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-03 22:06 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-03 22:06 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-03 22:05 . 2009-02-03 22:05 0 --a------ c:\windows\System32\RENBE03.tmp
2009-02-03 22:05 . 2009-02-03 22:05 0 --a------ c:\windows\System32\RENBE02.tmp
2009-02-03 22:05 . 2009-02-03 22:05 0 --a------ c:\windows\System32\RENBE01.tmp
2009-02-03 21:33 . 2009-02-03 21:33 0 --a------ c:\windows\System32\RENB090.tmp
2009-02-03 21:33 . 2009-02-03 21:33 0 --a------ c:\windows\System32\RENB08F.tmp
2009-02-03 21:33 . 2009-02-03 21:33 0 --a------ c:\windows\System32\RENB08E.tmp
2009-02-03 20:55 . 2009-02-03 20:55 <KANSIO> d-------- c:\program files\Trend Micro
2009-02-02 22:57 . 2009-02-02 22:57 0 --a------ c:\windows\System32\RENCC28.tmp
2009-02-02 22:57 . 2009-02-02 22:57 0 --a------ c:\windows\System32\RENCC27.tmp
2009-02-02 22:57 . 2009-02-02 22:57 0 --a------ c:\windows\System32\RENCC26.tmp
2009-02-02 22:47 . 2009-02-03 21:24 <KANSIO> d-------- c:\program files\Mozilla Firefox 3.1 Beta 2
2009-02-02 21:18 . 2009-02-02 21:18 <KANSIO> d-------- c:\program files\CCleaner
2009-02-02 21:12 . 2009-02-02 21:12 0 --a------ c:\windows\System32\REN85A5.tmp
2009-02-02 21:12 . 2009-02-02 21:12 0 --a------ c:\windows\System32\REN85A4.tmp
2009-02-02 21:12 . 2009-02-02 21:12 0 --a------ c:\windows\System32\REN8593.tmp
2009-02-02 21:05 . 2009-02-02 21:05 0 --a------ c:\windows\System32\RENB424.tmp
2009-02-02 21:05 . 2009-02-02 21:05 0 --a------ c:\windows\System32\RENB413.tmp
2009-02-02 21:05 . 2009-02-02 21:05 0 --a------ c:\windows\System32\RENB402.tmp
2009-02-02 15:29 . 2009-02-04 20:30 410,984 --a------ c:\windows\System32\deploytk.dll
2009-01-22 00:22 . 2009-01-22 12:51 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\gtk-2.0
2009-01-22 00:21 . 2009-01-22 00:22 <KANSIO> d-------- c:\users\Veikko\AppData\Roaming\avidemux
2009-01-21 22:51 . 2009-01-21 22:51 <KANSIO> d-------- c:\program files\DC++
2009-01-14 12:35 . 2008-12-16 04:42 288,768 --a------ c:\windows\System32\drivers\srv.sys
2009-01-12 12:44 . 2009-02-05 21:35 <KANSIO> d-------- c:\users\Veikko\Tracing
2009-01-12 12:42 . 2009-01-12 12:42 <KANSIO> d-------- c:\program files\Microsoft
2009-01-12 12:41 . 2009-01-12 12:41 <KANSIO> d-------- c:\program files\Windows Live SkyDrive
2009-01-12 12:33 . 2009-01-12 12:33 <KANSIO> d-------- c:\program files\Common Files\Windows Live
2009-01-07 21:54 . 2009-01-07 21:54 <KANSIO> d-------- c:\program files\vixy.net
2009-01-05 00:20 . 2009-01-05 00:20 <KANSIO> d-------- c:\program files\DVDVideoSoft
2009-01-05 00:20 . 2009-01-05 00:20 <KANSIO> d-------- c:\program files\Common Files\DVDVideoSoft
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-05 20:12 --------- d-----w c:\users\Veikko\AppData\Roaming\foobar2000
2009-02-05 17:06 --------- d-----w c:\program files\Frets on Fire
2009-02-05 16:25 --------- d-----w c:\users\Veikko\AppData\Roaming\Skype
2009-02-04 19:55 --------- d-----w c:\program files\Common Files\Adobe
2009-02-04 18:36 --------- d-----w c:\program files\Common Files\Steam
2009-02-04 18:31 --------- d-----w c:\users\Veikko\AppData\Roaming\mIRC
2009-02-03 19:58 --------- d-----w c:\program files\Logitech
2009-02-03 18:48 --------- d-----w c:\program files\Image-Line
2009-02-03 18:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-02 18:50 --------- d-----w c:\users\Veikko\AppData\Roaming\LimeWire
2009-01-31 12:24 --------- d-----w c:\program files\Microsoft SQL Server
2009-01-22 13:59 --------- d-----w c:\users\Veikko\AppData\Roaming\BitTorrent
2009-01-15 08:31 --------- d-----w c:\program files\Windows Mail
2009-01-12 10:41 --------- d-----w c:\program files\Windows Live
2009-01-07 19:54 --------- d-----w c:\program files\vixy.net
2008-12-27 13:03 4,064,702 ----a-w c:\users\Veikko\Farmi15_SFX.exe
2008-12-26 23:13 --------- d-----w c:\program files\Deluxe Ski Jump 3
2008-12-24 13:58 --------- d-----w c:\program files\Sony
2008-12-22 22:10 --------- d-----w c:\users\Veikko\AppData\Roaming\Audacity
2008-12-22 11:29 --------- d-----w c:\users\Veikko\AppData\Roaming\teamspeak2
2008-12-13 19:56 --------- d-----w c:\program files\Teamspeak2_RC2
2008-12-02 20:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-11-24 20:31 65,888 ----a-w c:\windows\System32\sqlctr90.dll
2008-11-24 20:31 2,248,544 ----a-w c:\windows\System32\sqlncli.dll
2008-11-20 16:42 615,424 ----a-w c:\windows\System32\themeui.dll
2008-11-20 16:42 240,128 ----a-w c:\windows\System32\uxtheme.dll
2008-09-03 13:50 174 --sha-w c:\program files\desktop.ini
2007-05-21 10:58 0 ----a-w c:\users\Veikko\AppData\Roaming\wklnhst.dat
.
((((((((((((((((((((((((((((( snapshot_2009-02-04_23.07.36.32 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-02 21:02:30 51,200 ----a-w c:\windows\inf\infpub.dat
+ 2009-02-05 17:10:03 51,200 ----a-w c:\windows\inf\infpub.dat
- 2008-10-02 21:02:27 86,016 ----a-w c:\windows\inf\infstor.dat
+ 2009-02-05 17:10:03 86,016 ----a-w c:\windows\inf\infstor.dat
- 2008-10-02 21:02:30 143,360 ----a-w c:\windows\inf\infstrng.dat
+ 2009-02-05 17:10:03 143,360 ----a-w c:\windows\inf\infstrng.dat
- 2009-02-04 20:53:04 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-02-05 19:14:49 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-02-04 20:53:04 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-02-05 19:14:49 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-02-04 20:54:08 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-05 19:17:59 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-05 19:17:59 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2009-02-04 20:57:08 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-05 19:17:53 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-05 19:17:53 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2009-02-04 20:34:31 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-05 19:35:56 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-04 20:34:31 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-05 19:35:56 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-04 20:34:31 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-05 19:35:56 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-02-04 20:55:32 11,190 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3215037636-2131323785-3305771590-1003_UserData.bin
+ 2009-02-05 19:17:51 11,190 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3215037636-2131323785-3305771590-1003_UserData.bin
- 2009-02-04 20:55:32 73,740 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-05 19:17:50 73,740 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-02-04 20:55:26 57,252 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-02-05 19:17:24 57,864 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-02-04 06:31:19 344,294 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-02-05 16:24:45 344,566 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
.
-- Snapshot nollattu tähän hetkeen --
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-11-14 472632]
"Steam"="c:\downloads\steam\steam.exe" [2008-10-08 1410296]
"Google Update"="c:\users\Veikko\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-02-05 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-09-11 118784]
"F-Secure Manager"="c:\program files\F-Secure Internet Security\Common\FSM32.EXE" [2007-05-25 183208]
"F-Secure TNB"="c:\program files\F-Secure Internet Security\FSGUI\TNBUtil.exe" [2007-05-25 740208]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-06-26 614960]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-11-24 20:36 73728 c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0BC8CEEB-0676-46F7-87F9-5C25E20A995C}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype
"{CA9C1993-E931-405E-AC12-3341F07F10C4}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype
"{BA5B2BA1-13B5-4D3D-B676-E6D636D013F7}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{D2587E63-CCC3-4A4C-A4FC-0A34C21DD9E3}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{1430669F-0AFF-467F-BC49-C64F0510427B}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{1E62F26C-48C6-48BA-8287-BAF995099108}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{D4DF20E9-563D-49E1-9AED-7BBEE7102F12}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{90992B76-A6C8-477F-83A4-C584083BEFC0}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{A493A5BF-5C2C-4899-BDAB-89D8BABC8C53}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{047B06FC-CF5A-443E-B74E-20B6C0C54B50}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{FA327854-EEF9-4100-9C2D-5D8581C273D5}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{6A9441CF-6F14-4447-8C49-84B70BA2E60F}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{B4B1A454-2C0D-4781-B8F3-E8E1ACAC5A13}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{287BCAB3-8895-4662-BE8E-B3F1AB5AF53D}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{BDF01D8E-195A-49F8-9F43-BA83F1BDBFFC}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{E008766E-216E-462E-9235-12D7ED9229CC}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{B7BF959B-71E4-4496-AA52-35CA5E64A87E}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{70D4255D-B13E-46B7-9D7E-1B8E6FDA58D8}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{8B495492-32D0-493B-BAC7-9C4789D3F2FD}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{9BF74940-8E25-4C54-B7A3-4D4087E34AE1}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"TCP Query User{77C64838-273A-40A8-896F-05A75CB70D3F}c:\\users\\veikko\\desktop\\strongdc\\strongdc.exe"= UDP:c:\users\veikko\desktop\strongdc\strongdc.exe:strongdc.exe
"UDP Query User{47BC04A9-23EE-44F8-8EAD-E988CA38B0FB}c:\\users\\veikko\\desktop\\strongdc\\strongdc.exe"= TCP:c:\users\veikko\desktop\strongdc\strongdc.exe:strongdc.exe
"{B4A68D98-54B9-417C-B5CC-559BB6504EF3}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{872C2044-5F03-4F48-9FA3-DB5DEFEB7466}"= TCP:c:\program files\DNA\btdna.exe:DNA
"TCP Query User{F034008E-5D36-45CE-A319-BCE49447D091}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"UDP Query User{C52E8E10-31EA-4314-B93D-B9DE234C32F3}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"TCP Query User{82252084-3908-498F-9119-8F3330596B11}c:\\program files\\dc++\\dcplusplus.exe"= UDP:c:\program files\dc++\dcplusplus.exe:DC++
"UDP Query User{F4066AD6-2D42-44CE-A369-0700FA7C1D03}c:\\program files\\dc++\\dcplusplus.exe"= TCP:c:\program files\dc++\dcplusplus.exe:DC++
"TCP Query User{0E777C11-0B5F-48A4-AA78-51A0E8F9820B}c:\\program files\\counter-strike 1.6 v31\\hl.exe"= UDP:c:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"UDP Query User{3CED78FE-4DDC-4A41-AD0A-4A29240680AC}c:\\program files\\counter-strike 1.6 v31\\hl.exe"= TCP:c:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"TCP Query User{841A7EE8-783A-4FEB-9BFA-74CD0515D1ED}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{8C330778-AD56-4E31-8EA5-1B31A4500114}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{ADA8C9B1-9042-4E17-9E5E-76B293647B4C}c:\\users\\veikko\\program files\\dna\\btdna.exe"= UDP:c:\users\veikko\program files\dna\btdna.exe:btdna.exe
"UDP Query User{04C9CE37-23F3-42CA-9599-1BD4EE26CCFE}c:\\users\\veikko\\program files\\dna\\btdna.exe"= TCP:c:\users\veikko\program files\dna\btdna.exe:btdna.exe
"TCP Query User{32270A38-D83B-4EC1-B772-EAB76486D992}c:\\downloads\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor.exe"= UDP:c:\downloads\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor.exe:rFactor
"UDP Query User{69F6112A-C8F3-4258-A014-F4793017EF48}c:\\downloads\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor [pc-dvd] [english] [www.topetorrent.com]\\rfactor.exe"= TCP:c:\downloads\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor [pc-dvd] [english] [www.topetorrent.com]\rfactor.exe:rFactor
"TCP Query User{FECDC0D2-B86A-45EE-A4CE-3A908434D234}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{85632176-6999-4F00-8F82-E80235B1BB8A}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{E089B513-460D-4189-9757-5FDE8A69CD09}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{4852ADC9-F8E4-4887-92E4-1228015C1DBB}c:\\downloads\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{37C79CE0-96AA-4785-97A6-57D2D363457E}c:\\downloads\\steam\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= UDP:c:\downloads\steam\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"UDP Query User{BCB5C2F9-1318-461F-B983-3BF96A788511}c:\\downloads\\steam\\steamapps\\derbiili\\counter-strike source\\hl2.exe"= TCP:c:\downloads\steam\steamapps\derbiili\counter-strike source\hl2.exe:hl2
"TCP Query User{500F2B3B-9331-4769-B82A-06C6CCA99254}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{BE97C500-FC96-4F36-9B73-915952F2481B}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{C5200D3C-1C0F-4375-91DC-E1BC96423357}c:\\program files\\msn messenger\\msnmsgr.exe"= UDP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"UDP Query User{4D2E2AB8-D7B7-467D-BD00-22F95ADCA588}c:\\program files\\msn messenger\\msnmsgr.exe"= TCP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"TCP Query User{4D69306B-8C96-4AA7-B76F-8D21FF8F22AC}c:\\users\\veikko\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\users\veikko\program files\bittorrent\bittorrent.exe:bittorrent.exe
"UDP Query User{C98FBF60-CB71-4A51-B3AA-C3D9883E58EE}c:\\users\\veikko\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\users\veikko\program files\bittorrent\bittorrent.exe:bittorrent.exe
"TCP Query User{0FF64EFF-593C-4AD7-A053-5F6861D8E5C1}c:\\downloads\\ra2\\game.exe"= UDP:c:\downloads\ra2\game.exe:Main executable for Red Alert 2
"UDP Query User{B2B53663-0CCE-4F13-BA76-163E2A0FAF58}c:\\downloads\\ra2\\game.exe"= TCP:c:\downloads\ra2\game.exe:Main executable for Red Alert 2
"TCP Query User{BDEB28E4-E095-4ABB-A65A-1A6F10992C7F}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"UDP Query User{AB3CB54B-4576-4C31-B941-60E2316BC997}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"TCP Query User{ECC29E4E-4AB5-4B98-959D-CB15006F50D2}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{3A5830A4-709D-4693-9A3B-336436152326}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{4123F98A-FFBF-4D92-A4D5-D262D0BD1235}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{32EAC0D9-3716-4BD4-A7C5-E8A0AF4A633E}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"TCP Query User{C55972E0-776D-4B99-83AB-5F41CBD14FC4}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"UDP Query User{4CE348D3-ED36-41E8-B62D-AA4EBC80B3FE}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. The whole world can talk for free.
"TCP Query User{275A0A88-27B0-4833-9AD6-B226A6680102}c:\\program files\\atari\\deer hunter 2005\\dh2005.exe"= UDP:c:\program files\atari\deer hunter 2005\dh2005.exe:DH2005
"UDP Query User{C9DF7B6E-D436-4FD4-A140-AC7B88BB1461}c:\\program files\\atari\\deer hunter 2005\\dh2005.exe"= TCP:c:\program files\atari\deer hunter 2005\dh2005.exe:DH2005
"TCP Query User{CB436BD8-4777-49C2-B474-CE0E13F687E5}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{C7D544F6-2934-4F67-B0E6-E1FC9716C9DF}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{4377A7E9-4F14-4AB4-8AAB-BED4EBD5BC68}c:\\users\\veikko\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\veikko\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"UDP Query User{B032A9C5-1A7A-4042-817D-9AAF74E5BE5D}c:\\users\\veikko\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= TCP:c:\users\veikko\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe
"TCP Query User{6BB43303-F778-4DF5-A84E-E1B4692FBC71}c:\\program files\\propilkki2\\propilkki2.exe"= UDP:c:\program files\propilkki2\propilkki2.exe:Main executable of PP2
"UDP Query User{511AB870-3106-4338-9500-448FA18FE4E4}c:\\program files\\propilkki2\\propilkki2.exe"= TCP:c:\program files\propilkki2\propilkki2.exe:Main executable of PP2
"TCP Query User{8CC9500E-B3BE-4644-A5A3-9EEC38FA8FD5}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{8FEB3118-C44F-4AFB-A5F9-B692DD88F9D0}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{80CFA458-3C93-44FE-9A6C-06F6A5D5C86D}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{E402AA20-078A-4276-9470-00B3C9CF5E46}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"{C2E976F1-385A-480C-953A-4A310474E53B}"= UDP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\SteamProxy.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{F74F0B38-9D82-4AAA-8A23-0D956DD2443D}"= TCP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\SteamProxy.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{24BDAE99-E97C-4FAD-9771-4407A0F3FAAD}"= UDP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\RaceConfig_Steam.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{D8C0C30D-9E51-4824-8A03-306BF7CD5F64}"= TCP:c:\downloads\steam\steamapps\derbiili\race 07 demo crowne plaza raceway edition\RaceConfig_Steam.exe:RACE 07 Demo - Crowne Plaza Raceway edition
"{A1B2A393-7697-4FA0-A6A7-8CB1E0C89704}"= UDP:c:\users\Veikko\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{59D7A2BD-9D28-4722-85B0-5B70AC31027C}"= TCP:c:\users\Veikko\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\F-Secure Internet Security\HIPS\fshs.sys [2008-05-02 41184]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\System32\drivers\fses.sys [2008-05-02 35024]
R1 FSFW;F-Secure Firewall Driver;c:\windows\System32\drivers\fsdfw.sys [2008-05-02 60064]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsvista.sys [2008-05-02 13168]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys [2008-05-02 59760]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [2006-11-30 227328]
S3 TfBulk;TfBulk;c:\windows\System32\drivers\TfBulk.SYS [2008-03-20 13312]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure Internet Security\Anti-Virus\win2k\fsfilter.sys [2008-05-02 40048]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure Internet Security\Anti-Virus\win2k\fsrec.sys [2008-05-02 25456]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17cfdf7a-f686-11dc-b475-0019c18d9023}]
\shell\AutoRun\command - f:\portableapps\PortableAppsMenu\PortableAppsMenu.exe
.
'Ajoitetut tehtävät'-kansion sisältö
2009-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3215037636-2131323785-3305771590-1003.job
- c:\users\Veikko\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-05 21:04]
2009-02-05 c:\windows\Tasks\User_Feed_Synchronization-{5A2A3500-5E6F-470A-AC91-4591A2526C09}.job
- c:\windows\system32\msfeedssync.exe [2008-01-19 09:33]
.
.
------- Täydentävä tarkistus -------
.
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add RSS Support Site to VAIO Information FLOW - c:\program files\Sony\VAIO Information FLOW\aiesc.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\F-Secure Internet Security\FSPS\program\FSLSP.DLL
FF - ProfilePath - c:\users\Veikko\AppData\Roaming\Mozilla\Firefox\Profiles\duaww0ta.default\
FF - plugin: c:\program files\Opera\program\plugins\NPJava11.dll
FF - plugin: c:\program files\Opera\program\plugins\NPJava12.dll
FF - plugin: c:\program files\Opera\program\plugins\NPJava13.dll
FF - plugin: c:\program files\Opera\program\plugins\NPJava14.dll
FF - plugin: c:\program files\Opera\program\plugins\NPJava32.dll
FF - plugin: c:\program files\Opera\program\plugins\NPJPI142.dll
FF - plugin: c:\program files\Opera\program\plugins\NPOJI610.dll
FF - plugin: c:\users\Veikko\AppData\Local\Google\Update\1.2.133.37\npGoogleOneClick7.dll
FF - plugin: c:\users\Veikko\Program Files\DNA\plugins\npbtdna.dll
---- FIREFOXIN KÄYTÄNNÖT ----
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-05 22:22:05
Windows 6.0.6001 Service Pack 1 NTFS
tarkistaa piilotettuja prosesseja ...
tarkistaa piilotettuja käynnistysarvoja ...
tarkistaa piilotettuja tiedostoja ...
c:\windows\TEMP\TMP0000007FC4B3E6A5674F7CE1 524288 bytes executable
tarkistus on valmis
piilotetut tiedostot: 1
**************************************************************************
.
Valmistumisajankohta: 2009-02-05 22:25:16
ComboFix-quarantined-files.txt 2009-02-05 20:25:13
ComboFix2.txt 2009-02-05 18:57:21
ComboFix3.txt 2009-02-04 21:12:03
ComboFix4.txt 2009-02-04 15:15:42
Ennen ajoa: 36 270 632 960 tavua vapaana
Ajon jälkeen: 36,130,942,976 tavua vapaana
343 --- E O F --- 2009-02-05 16:31:15
|
|
Hujo
Suspended permanently
|
5. helmikuuta 2009 @ 22:46 |
Linkki tähän viestiin
|
|
minkäs näköinen se hjt:n loki on joko homma onnistunut
Voiko tietsikka koskaan toimia?
|
|
Eepska
Junior Member
|
5. helmikuuta 2009 @ 22:58 |
Linkki tähän viestiin
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:58:01, on 5.2.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Sony\SonicStage\SSAAD.exe
C:\Users\Veikko\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: MSN-työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fi\msntb.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [Steam] "c:\downloads\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Veikko\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add RSS Support Site to VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9049 bytes
|
|
Hujo
Suspended permanently
|
5. helmikuuta 2009 @ 23:16 |
Linkki tähän viestiin
|
No niin nyt se näyttää lokilta
scannaa hjt:llä merkkaa paina Fix checked
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
===================
Kirjoita suorita luukkuun
ComboFix /u
Klikkaa ok
===========
Lataa OTMoveIt
OTMoveIt ja tallenna se työpöydällesi.
Tuplaklikkaa OTMoveIt.exe.
Klikkaa CleanUp!.
Valitse Yes kun kysytään "Begin cleanup Process?".
Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.
HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.
Voiko tietsikka koskaan toimia?
|
|
Eepska
Junior Member
|
5. helmikuuta 2009 @ 23:43 |
Linkki tähän viestiin
|
|
Noin, tein niinkuin käskit.
|
|
Mainos
|
|
|
|
Hujo
Suspended permanently
|
5. helmikuuta 2009 @ 23:56 |
Linkki tähän viestiin
|
|
no niin mites se kone toimii nyt
Voiko tietsikka koskaan toimia?
|
|
