Elikkäs minulla on tuttavan kone huollossa joka on vähän mullin mallin.. Eli siis katselkaa te expertit logi läpi ja ilmoitelkaa jos jotain löytyypi Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:40:23, on 3.6.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0\bin\jusched.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\mservice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\WINDOWS\winudspm.exe C:\WINDOWS\service.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\HJT\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Windows UDP Control] winudspm.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [Burn Dvd Mail More] C:\Documents and Settings\All Users\Application Data\Part title burn dvd\Acid info.exe O4 - HKLM\..\Run: [Windows svchost] service.exe O4 - HKLM\..\Run: [MSN] C:\Windows\mservice.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-21-1482476501-842925246-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Mikko') O4 - HKUS\S-1-5-21-1482476501-842925246-682003330-1006\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Mikko') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1208432666468 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - Winlogon Notify: ljJARijG - ljJARijG.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 8402 bytes EDIT: Kone iskee seuraavanlaista ruutua näytöllä Luin että kyseessä voi olla joku virus tms. Ainakaan ite en löytänyt eScannilla viiruksia.
Javan voisit ainakin poistaa on sen verta vanha. Lataa uusi java alla olevasta linkistä http://java.sun.com/javase/downloads/index.jsp etsi alla olevan tekstin niminen kohta paina download ja tämän jälkeen valitset käyttiksen ja hyväksyt ehdot ja lataat offline installition packaden. Java Runtime Environment (JRE) 6 Update 6 1. Lataa Combofix.exe työpöydällesi jommastakummasta linkistä: Combofix.exe Combofix.exe Avaa Muistio ja kopioi/liitä Lainaus: laatikon sisältö sinne: Tallenna nimellä CFScript (itse asiassa combofix tunnistaa tuon vaikka tiedostopääte ei olisi edes .txt). Sitten raahaa ja pudota CFScript ComboFix.exeen kuten alla.(Älä klikkaa) Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen. Käynnistä kone uudelleen, jos niin pyydetään ja lähetä combofix.txt-tiedoston sisältö tänne. Sammuta selain ja muut ohjelmat Fixin ajaksi. (ei virustorjuntaa) Käynnistä HijackThis:ja Scan ja ruksaa seuraavat punaisella listatut tiedostot sekä poista ne.(fix Chekked) O4 - HKLM\..\Run: [Windows svchost] service.exe O4 - HKLM\..\Run: [MSN] C:\Windows\mservice.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Windows UDP Control] winudspm.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O20 - Winlogon Notify: ljJARijG - ljJARijG.dll (file missing) Tyhjennä roskakori ja käynnistä koneesi uudelleen. Postita tänne seuraavat lokit: * Tuore HijackThis loki (Otetaan viimeisenä ennen postitusta) * (C:\ComboFix.txt) raportti *
No niin nyt on vähän lokia.. Onnistuin sivuuttamaan tuossa sinun ohjeessasi sen kohdan että viruksentorjunta pitää olla pois päältä.. Joten tämän takia poistin fixin aikana 4 troijalaista.. Oliko tämä isokin moka? ComboFix 08-06-01.6 - Kirsi 2008-06-03 14:21:59.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.617 [GMT 3:00] Running from: C:\Documents and Settings\Kirsi\Työpöytä\ComboFix.exe Command switches used :: C:\Documents and Settings\Kirsi\Työpöytä\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\Windows\mservice.exe C:\WINDOWS\service.exe C:\WINDOWS\winudspm.exe . /wow section - STAGE 41 Prosessi ei voi käyttää tiedostoa, koska se on toisen prosessin käytössä. Prosessi ei voi käyttää tiedostoa, koska se on toisen prosessin käytössä. Prosessi ei voi käyttää tiedostoa, koska se on toisen prosessin käytössä. Prosessi ei voi käyttää tiedostoa, koska se on toisen prosessin käytössä. Prosessi ei voi käyttää tiedostoa, koska se on toisen prosessin käytössä. (((((((((((((((((((((((((((((((((((((( Muut poistot )))))))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\bot.exe C:\d.exe C:\setup.exe C:\Windows\mservice.exe C:\WINDOWS\service.exe C:\WINDOWS\system32\byXQGvtR.dll C:\WINDOWS\system32\cbXOIcdd.dll C:\WINDOWS\system32\iifCRkig.dll C:\WINDOWS\system32\vtUkLDUo.dll C:\WINDOWS\winudspm.exe . ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-05-03 to 2008-06-03 ))))))))))))))))) . 2008-06-03 13:11 . 2008-06-03 10:05 17,788,920 --a------ C:\antivir_workstation_win7u_en_h.exe 2008-06-03 13:07 . 2008-06-03 13:07 <KANSIO> d-------- C:\Program Files\SpywareBlaster 2008-06-03 13:07 . 2008-06-03 13:07 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-03 13:07 . 2005-04-15 19:58 1,071,088 --a------ C:\WINDOWS\system32\MSCOMCTL.OCX 2008-06-03 13:07 . 2005-08-25 18:18 118,784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL 2008-06-03 13:07 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX 2008-06-03 13:05 . 2008-06-03 12:47 41,412,496 --a------ C:\zaZA_Setup_en_7.1.100.000.exe 2008-06-03 12:42 . 2008-06-03 12:42 <KANSIO> d-------- C:\Documents and Settings\Kirsi\Application Data\Grisoft 2008-06-03 12:42 . 2008-06-03 12:42 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-06-03 12:42 . 2007-05-30 15:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2008-06-03 12:41 . 2008-06-03 10:04 2,671,816 --a------ C:\spywareblastersetup40.exe 2008-06-03 12:40 . 2008-06-03 10:10 12,413,440 --a------ C:\avgas-setup-7.5.1.43.exe 2008-06-03 12:39 . 2008-06-03 12:40 <KANSIO> d-------- C:\HJT 2008-06-03 12:33 . 2008-06-03 12:33 268 --ah----- C:\sqmdata11.sqm 2008-06-03 12:33 . 2008-06-03 12:33 244 --ah----- C:\sqmnoopt11.sqm 2008-06-03 11:46 . 2008-06-03 11:46 0 --a------ C:\23990098.$$$ 2008-06-03 10:24 . 2008-06-03 10:25 <KANSIO> d-------- C:\Kaspersky 2008-06-03 10:22 . 2008-06-03 10:22 <KANSIO> d-------- C:\Documents and Settings\Kirsi\Application Data\Winamp 2008-06-02 22:29 . 2008-06-02 22:29 97,116 --a------ C:\WINDOWS\DC5177176.zip 2008-06-02 21:27 . 2008-06-02 21:27 96,950 --a------ C:\stupx.exe 2008-06-02 21:23 . 2008-06-02 21:23 96,950 --a------ C:\stup.exe 2008-06-02 19:19 . 2008-06-02 19:19 244 --ah----- C:\sqmnoopt10.sqm 2008-06-02 19:19 . 2008-06-02 19:19 232 --ah----- C:\sqmdata10.sqm 2008-06-02 19:00 . 2008-06-02 19:00 244 --ah----- C:\sqmnoopt09.sqm 2008-06-02 19:00 . 2008-06-02 19:00 232 --ah----- C:\sqmdata09.sqm 2008-06-02 18:58 . 2008-06-02 19:00 14,336 --a------ C:\hldtlwe.exe 2008-06-02 18:58 . 2008-06-02 18:58 244 --ah----- C:\sqmnoopt08.sqm 2008-06-02 18:58 . 2008-06-02 18:58 244 --ah----- C:\sqmnoopt07.sqm 2008-06-02 18:58 . 2008-06-02 18:58 232 --ah----- C:\sqmdata08.sqm 2008-06-02 18:58 . 2008-06-02 18:58 232 --ah----- C:\sqmdata07.sqm 2008-06-02 18:57 . 2008-06-02 18:57 6,144 --a------ C:\mgoilhuqomfmnhs.exe 2008-06-02 18:02 . 2008-06-02 18:02 244 --ah----- C:\sqmnoopt06.sqm 2008-06-02 18:02 . 2008-06-02 18:02 232 --ah----- C:\sqmdata06.sqm 2008-06-02 17:52 . 2008-06-03 06:52 60,114 --a------ C:\bot1.exe 2008-06-02 17:52 . 2008-06-02 17:52 244 --ah----- C:\sqmnoopt05.sqm 2008-06-02 17:52 . 2008-06-02 17:52 232 --ah----- C:\sqmdata05.sqm 2008-06-01 16:46 . 2008-06-01 16:46 86,512 --a------ C:\irc.com 2008-05-31 18:53 . 2008-05-31 20:38 86,512 --a------ C:\Documents and Settings\Noora\setup1.exe 2008-05-31 14:12 . 2008-05-31 15:14 86,512 --a------ C:\setup1.exe 2008-05-30 19:23 . 2008-05-30 22:12 60,132 --a------ C:\dcsi.exe 2008-05-30 19:08 . 2008-06-02 22:33 96,950 --a------ C:\Documents and Settings\Noora\setup.exe 2008-05-30 18:37 . 2004-09-14 16:12 16,384 --a------ C:\WINDOWS\system32\ipsink.ax 2008-05-30 18:37 . 2004-09-14 16:12 16,384 --a--c--- C:\WINDOWS\system32\dllcache\ipsink.ax 2008-05-30 18:37 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys 2008-05-30 18:37 . 2004-08-03 23:10 15,360 --a--c--- C:\WINDOWS\system32\dllcache\streamip.sys 2008-05-30 18:37 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys 2008-05-30 18:37 . 2004-08-03 23:10 10,880 --a--c--- C:\WINDOWS\system32\dllcache\ndisip.sys 2008-05-30 18:37 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys 2008-05-30 18:37 . 2004-08-03 22:58 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys 2008-05-30 18:35 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2008-05-30 18:35 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys 2008-05-30 16:55 . 2008-05-30 18:05 86,498 --a------ C:\Documents and Settings\Mikko\setup.exe 2008-05-29 23:08 . 2008-05-29 23:08 86,340 --a------ C:\profile.com 2008-05-29 20:12 . 2008-05-29 20:12 268 --ah----- C:\sqmdata04.sqm 2008-05-29 20:12 . 2008-05-29 20:12 244 --ah----- C:\sqmnoopt04.sqm 2008-05-29 20:06 . 2008-05-29 20:06 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\Winamp 2008-05-29 19:52 . 2008-05-29 20:08 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\else bags user 2008-05-29 19:38 . 2008-05-29 19:48 40,960 --a------ C:\dsdc.exe 2008-05-29 17:03 . 2008-05-29 18:12 56,832 --a------ C:\fa.com 2008-05-29 15:46 . 2008-05-29 23:08 60,132 --a------ C:\ddc.exe 2008-05-28 22:22 . 2008-05-28 22:22 <KANSIO> d-------- C:\Program Files\else bags user 2008-05-28 22:07 . 2008-05-28 22:07 <KANSIO> d-------- C:\Program Files\Windows Defender 2008-05-27 23:25 . 2008-05-28 17:22 40,960 --a------ C:\dciz.exe 2008-05-27 22:52 . 2008-06-01 20:46 86,502 --a------ C:\sexy.com 2008-05-27 20:49 . 2008-05-30 21:49 60,132 --a------ C:\dci.exe 2008-05-19 20:12 . 2008-05-19 20:13 <KANSIO> d-------- C:\Documents and Settings\Reijo\Application Data\Winamp 2008-05-16 23:53 . 2008-05-16 23:53 <KANSIO> d-------- C:\Program Files\Winamp Toolbar 2008-05-16 23:53 . 2008-05-16 23:53 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar 2008-05-16 23:52 . 2008-05-25 13:27 <KANSIO> d-------- C:\Documents and Settings\Noora\Application Data\Winamp 2008-05-14 20:55 . 2008-05-21 16:38 <KANSIO> d-------- C:\Documents and Settings\Reijo\Application Data\OpenOffice.org2 2008-05-12 20:04 . 2008-05-12 20:04 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Autodesk 2008-05-12 18:48 . 2004-09-14 16:11 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2008-05-12 18:48 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2008-05-12 18:48 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys 2008-05-12 18:48 . 2001-10-05 16:31 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2008-05-12 09:49 . 2008-05-12 09:49 <KANSIO> d-------- C:\Program Files\Common Files\Autodesk Shared 2008-05-12 09:49 . 2008-05-12 09:49 <KANSIO> d-------- C:\Program Files\Autodesk 2008-05-12 09:49 . 2008-05-12 20:04 <KANSIO> d-------- C:\Documents and Settings\Kirsi\Application Data\Autodesk 2008-05-09 07:47 . 2008-05-09 07:47 268 --ah----- C:\sqmdata03.sqm 2008-05-09 07:47 . 2008-05-09 07:47 244 --ah----- C:\sqmnoopt03.sqm 2008-05-06 21:43 . 2008-06-01 15:29 <KANSIO> d-------- C:\Documents and Settings\Noora\Application Data\LimeWire 2008-05-05 17:40 . 2008-05-21 19:05 <KANSIO> d-------- C:\WINDOWS\.jagex_cache_32 2008-05-05 10:39 . 2008-05-05 10:39 <KANSIO> d-------- C:\Documents and Settings\Kirsi\Application Data\Template 2008-05-05 10:39 . 2008-05-19 08:11 540 --a------ C:\Documents and Settings\Kirsi\Application Data\wklnhst.dat . (((((((((((((((((((((((((((((((((((( Find3M-raportti )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-03 09:36 --------- d-----w C:\Documents and Settings\Kirsi\Application Data\OpenOffice.org2 2008-06-02 20:11 --------- d-----w C:\Documents and Settings\Noora\Application Data\OpenOffice.org2 2008-05-29 18:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-05-28 19:23 --------- d-----w C:\Documents and Settings\Noora\Application Data\else bags user 2008-05-28 19:22 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-05-28 19:22 --------- d-----w C:\Program Files\Circle Developement 2008-05-28 19:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Part title burn dvd 2008-05-27 04:42 --------- d-----w C:\Documents and Settings\Mikko\Application Data\else bags user 2008-05-04 10:43 --------- d-----w C:\Program Files\Google 2008-04-28 13:52 --------- d-----w C:\Documents and Settings\Mikko\Application Data\GetRightToGo 2008-04-28 05:29 --------- d-----w C:\Documents and Settings\Kirsi\Application Data\else bags user 2008-04-27 14:40 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-04-27 11:17 --------- d-----w C:\Documents and Settings\Reijo\Application Data\else bags user 2008-04-25 16:33 --------- d-----w C:\Program Files\OpenOffice.org 2.4 2008-04-25 16:05 --------- d-----w C:\Program Files\PhotoFiltre 2008-04-24 17:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2008-04-24 06:54 --------- d-----w C:\Program Files\Siemens Subscriber Networks 2008-04-24 06:09 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-24 06:09 --------- d-----w C:\Program Files\ToniArts 2008-04-24 06:03 --------- d-----w C:\Program Files\Common Files\Nero 2008-04-24 06:03 --------- d-----w C:\Program Files\Ahead 2008-04-24 06:01 --------- d-----w C:\Program Files\Common Files\Ahead 2008-04-24 06:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead 2008-04-23 12:29 --------- d-----w C:\Program Files\GIMP-2.0 2008-04-23 12:15 --------- d-----w C:\Program Files\Windows Live 2008-04-23 11:49 --------- d-----w C:\Program Files\Common Files\Adobe 2008-04-22 10:57 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition 2008-04-22 10:56 --------- d-----w C:\Program Files\Windows Live Toolbar 2008-04-22 10:54 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller 2008-04-22 10:42 --------- d-----w C:\Program Files\Combined Community Codec Pack 2008-04-22 08:39 --------- d-----w C:\Program Files\MSXML 6.0 2008-04-17 12:18 --------- d-----w C:\Program Files\MSBuild 2008-04-17 12:14 --------- d-----w C:\Program Files\Reference Assemblies 2008-04-17 12:12 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-04-17 11:58 0 ----a-w C:\Documents and Settings\Omistaja\Application Data\wklnhst.dat 2008-04-17 11:58 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Template 2008-04-17 11:56 --------- d-----w C:\Program Files\Microsoft Works 2008-04-17 11:44 --------- d-----w C:\Program Files\Alwil Software 2008-04-17 11:13 --------- d-----w C:\Program Files\Analog Devices 2008-04-17 11:02 --------- d-----w C:\Program Files\Lavalys 2008-04-17 10:55 --------- d-----w C:\Program Files\microsoft frontpage 2008-04-17 10:55 --------- d-----w C:\Program Files\Java 2008-04-17 10:55 --------- d-----w C:\Program Files\Common Files\Java 2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:51 166,688 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-20 08:09 1,845,504 ----a-w C:\WINDOWS\system32\win32k.sys . (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet ))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] 2008-03-20 01:36 1267040 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2008-03-20 01:36 1267040] [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2008-03-20 01:36 1267040] [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 15:00 15360] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-06 20:00 68856] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0\bin\jusched.exe" [2008-04-17 13:55 36972] "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 10:11 1388544] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 02:19 79224] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776] "nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "Windows UDP Control"="winudspm.exe" [] "Burn Dvd Mail More"="C:\Documents and Settings\All Users\Application Data\Part title burn dvd\Acid info.exe" [2008-06-03 12:36 512000] "Windows svchost"="service.exe" [] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 12:25 6731312] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-15 15:00 15360] C:\Documents and Settings\Noora\K„ynnist„-valikko\Ohjelmat\K„ynnistys\ OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-03-16 17:54:44 393216] C:\Documents and Settings\Kirsi\K„ynnist„-valikko\Ohjelmat\K„ynnistys\ OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-03-16 17:54:44 393216] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljJARijG] ljJARijG.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.ffds"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "D:\\LimeWire\\LimeWire.exe"= "D:\\Mikko\\Ohjelmat\\Uusi kansio\\SRO_NEW_Full-Client_Downloader0001.exe"= "D:\\Mikko\\Ohjelmat\\Mikko\\SRO_NEW_Full-Client_Downloader.exe"= R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 02:20] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 02:16] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{277c3dbc-14e7-11dd-97d4-00e018123456}] \Shell\AutoRun\command - J:\InstallTomTomHOME.exe *Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER *Newly Created Service* - AVG_ANTI-SPYWARE_GUARD *Newly Created Service* - CATCHME . 'Ajoitetut tehtävät'-kansion sisältö "2008-06-03 11:00:00 C:\WINDOWS\Tasks\A47D8FBF918A0A5F.job" - c:\docume~1\mikko\applic~1\elseba~1\SLOWTESTANTE.exe "2008-06-03 11:00:00 C:\WINDOWS\Tasks\AE23CF83903C4A7F.job" - c:\docume~1\reijo\applic~1\elseba~1\SLOWTESTANTE.exe "2008-06-03 11:00:00 C:\WINDOWS\Tasks\B1277A2891A4F5F4.job" - c:\docume~1\noora\applic~1\elseba~1\SLOWTESTANTE.exe "2008-06-03 07:22:14 C:\WINDOWS\Tasks\MP Scheduled Scan.job" - C:\Program Files\Windows Defender\MpCmdRun.exe "2008-06-03 10:56:08 C:\WINDOWS\Tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-03 14:26:04 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-06-03 14:27:32 ComboFix-quarantined-files.txt 2008-06-03 11:27:26 Pre-Run: 620,466,176 tavua vapaana Post-Run: 1,559,363,584 tavua vapaana 256 --- E O F --- 2008-05-30 12:53:59 Ja sitten HJT Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:45:31, on 3.6.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0\bin\jusched.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\WINDOWS\system32\wuauclt.exe C:\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Burn Dvd Mail More] C:\Documents and Settings\All Users\Application Data\Part title burn dvd\Acid info.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1208432666468 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 7545 bytes Javan päivitän sitten myöhemmin.
