1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

onko kone puhdas?jotain vikoja? (hjt-log)

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi toope92 27.02.2008.

  1. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:28:13, on 22.8.2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\arservice.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Desktop\OTMoveIt2.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
    O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
    O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1213715790651
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1213715949948
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15105/CTPID.cab
    O18 - Protocol: bw+0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 23950 bytes
     
  2.  
  3. Hujo

    Hujo Guest

    Scannaa hjt:llä merkkaa paina Fix checked

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    ================

    Koneella kasi virustorjuntaa norton ja kapensky poista toinen

    =========

    Poista lisää poista sovelutuksesta

    Logitech Desktop Messenger

    ============

    Jos koneella on Malwarebytes' Anti-Malware ennestään suorita ensin päivitys aja sen jälkeen
    Lataa Malwarebytes' Anti-Malware työpöydällesi.

    1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
    2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
    Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
    3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
    4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
    5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
    6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
    7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
    löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
    Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
    8. Lähetä lokin sisältö seuraavassa viestissäsi.
     
    Moderaattorin viimeksi muokkaama: 22.08.2008
  4. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:39:50, on 23.8.2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\arservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\Program Files\a-squared Anti-Malware\a2guard.exe
    C:\Program Files\LimeWire SpeedUp Pro\LimeWire SpeedUp Pro.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Last.fm\LastFM.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1213715790651
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1213715949948
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15105/CTPID.cab
    O18 - Protocol: bw+0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 23828 bytes

    Malwarebytes' Anti-Malware 1.25
    Tietokantaversio: 1077
    Windows 5.1.2600 Service Pack 3

    20:22:04 22.8.2008
    mbam-log-08-22-2008 (20-22-02).txt

    Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
    Tarkistetut kohteet: 194271
    Kulunut aika: 1 hour(s), 17 minute(s), 44 second(s)

    Saastuneita muistiprosesseja: 0
    Saastuneita muistimoduuleja: 0
    Saastuneita rekisteriavaimia: 0
    Saastuneita rekisteriarvoja: 0
    Saastuneita rekisterikohteita: 0
    Saastuneita hakemistoja: 0
    Saastuneita tiedostoja: 0

    Saastuneita muistiprosesseja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita muistimoduuleja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriavaimia:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriarvoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisterikohteita:
    (Haitallisia kohteita ei löydetty)

    Saastuneita hakemistoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita tiedostoja:
    (Haitallisia kohteita ei löydetty)


     
  5. Hujo

    Hujo Guest

    1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
    combofix1
    combofix2

    2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
    3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
    Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
     
  6. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    ComboFix 08-08-21.02 - HP_Administrator 2008-08-23 11:12:06.13 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.475 [GMT 3:00]
    Running from: C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Favorites\Download programs.url
    C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Favorites\Games.url
    C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Favorites\Translator.url
    C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Favorites\Videos.url
    C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Start Menu\Programs\Download programs.url
    C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Start Menu\Programs\Games.url
    C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Start Menu\Programs\Translator.url
    C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Start Menu\Programs\Videos.url

    .
    ((((((((((((((((((((((((( Files Created from 2008-07-23 to 2008-08-23 )))))))))))))))))))))))))))))))
    .

    2008-08-22 16:56 . 2008-08-22 16:56 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-08-22 16:56 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-08-22 16:56 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-08-22 16:30 . 2008-08-22 22:13 <KANSIO> d-------- C:\Program Files\a-squared Anti-Malware
    2008-08-18 16:12 . 2008-08-18 16:12 <KANSIO> d-------- C:\Program Files\Kaspersky Lab
    2008-08-18 16:11 . 2008-08-18 16:11 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2008-08-17 17:24 . 2008-07-30 17:42 23,888 --a------ C:\WINDOWS\system32\drivers\COH_Mon.sys
    2008-08-17 17:24 . 2008-07-30 17:28 10,537 --a------ C:\WINDOWS\system32\drivers\COH_Mon.cat
    2008-08-17 17:24 . 2008-07-30 17:28 706 --a------ C:\WINDOWS\system32\drivers\COH_Mon.inf
    2008-08-17 13:08 . 2008-08-18 17:02 <KANSIO> d-------- C:\Program Files\Norton 360
    2008-08-17 13:07 . 2008-08-17 14:47 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2008-08-17 13:07 . 2008-08-17 14:47 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
    2008-08-17 13:06 . 2008-08-17 14:47 <KANSIO> d-------- C:\Program Files\Symantec
    2008-08-15 15:07 . 2008-07-22 17:45 1,214,526 --------- C:\WINDOWS\system32\dllcache\sysmain.sdb
    2008-08-15 15:07 . 2008-07-22 17:45 790,846 --------- C:\WINDOWS\system32\dllcache\apph_sp.sdb
    2008-08-15 15:07 . 2008-07-22 17:45 9,696 --------- C:\WINDOWS\system32\dllcache\drvmain.sdb
    2008-08-13 20:02 . 2008-04-11 22:04 691,712 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll
    2008-08-13 20:01 . 2008-05-01 17:33 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
    2008-08-12 19:59 . 2008-08-12 19:59 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\ZoomBrowser EX
    2008-08-12 19:57 . 2008-04-14 03:12 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
    2008-08-12 19:57 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
    2008-08-12 19:53 . 2008-08-12 19:53 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Canon
    2008-08-12 18:44 . 2008-08-12 18:44 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
    2008-08-12 18:36 . 2008-08-12 18:36 <KANSIO> d-------- C:\Program Files\Common Files\Canon
    2008-08-05 16:55 . 2008-08-05 16:55 <KANSIO> d-------- C:\Program Files\Yahoo!
    2008-08-05 00:09 . 2008-08-16 14:01 <KANSIO> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-08-05 00:09 . 2008-08-16 14:01 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-08-02 15:10 . 2008-08-02 15:12 <KANSIO> d-------- C:\Program Files\Safari
    2008-08-01 15:44 . 2008-08-01 15:44 578,560 --a------ C:\WINDOWS\system32\dllcache\user32.dll
    2008-07-29 03:58 . 2008-07-29 03:58 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\F-Secure
    2008-07-29 03:49 . 2008-08-17 20:50 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\F-Secure
    2008-07-29 03:48 . 2008-08-17 20:50 <KANSIO> d-------- C:\Program Files\F-Secure Internet Security
    2008-07-29 03:48 . 2008-07-29 03:48 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\fssg
    2008-07-29 03:23 . 2008-07-29 03:23 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\WinBatch
    2008-07-28 13:29 . 2008-07-28 13:29 1,024 --a------ C:\WINDOWS\system32\ej1qrio.tgz
    2008-07-28 13:28 . 2008-07-28 13:28 <KANSIO> d-------- C:\Program Files\Vertus Fluid Mask 3
    2008-07-28 13:28 . 2008-07-28 13:28 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\VertusTech
    2008-07-27 19:17 . 2008-07-27 19:17 <KANSIO> d-------- C:\Program Files\LimeWire SpeedUp Pro
    2008-07-26 21:59 . 2008-07-26 21:59 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Windows Search
    2008-07-25 16:20 . 2008-07-25 16:20 <KANSIO> d-------- C:\Program Files\Lavasoft
    2008-07-25 16:20 . 2008-07-25 17:25 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-07-25 11:36 . 2008-07-25 11:36 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
    2008-07-25 11:36 . 2008-07-25 11:36 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
    2008-07-24 23:18 . 2008-07-24 23:18 <KANSIO> d-------- C:\WINDOWS\system32\GroupPolicy
    2008-07-24 23:18 . 2008-07-24 23:18 <KANSIO> d-------- C:\Program Files\Windows Desktop Search
    2008-07-24 23:18 . 2008-07-24 23:18 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Windows Desktop Search
    2008-07-24 23:16 . 2008-03-07 20:02 192,000 --------- C:\WINDOWS\system32\dllcache\offfilt.dll
    2008-07-24 23:16 . 2008-03-07 20:02 98,304 --------- C:\WINDOWS\system32\dllcache\nlhtml.dll
    2008-07-24 23:16 . 2008-03-07 20:02 29,696 --------- C:\WINDOWS\system32\dllcache\mimefilt.dll
    2008-07-23 19:50 . 2008-07-23 19:50 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
    2008-07-23 19:48 . 2008-07-23 19:48 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
    2008-07-23 19:48 . 2008-07-23 19:48 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
    2008-07-23 19:47 . 2008-07-23 19:47 634,880 --a------ C:\WINDOWS\system32\divxdec.ax
    2008-07-23 19:47 . 2008-07-23 19:47 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax
    2008-07-23 19:47 . 2008-07-23 19:47 416 --a------ C:\WINDOWS\system32\dtu100.dll.manifest
    2008-07-23 19:47 . 2008-07-23 19:47 416 --a------ C:\WINDOWS\system32\dpl100.dll.manifest
    2008-07-23 19:46 . 2008-07-23 19:46 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-08-23 08:11 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-08-22 17:06 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\LimeWire
    2008-08-22 13:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-08-19 18:44 --------- d--h--w C:\Program Files\Creative Installation Information
    2008-08-19 18:43 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Creative
    2008-08-19 18:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Creative
    2008-08-19 04:32 --------- d-----w C:\Program Files\Microsoft Silverlight
    2008-08-18 13:11 --------- d-----w C:\Program Files\Common Files\Download Manager
    2008-08-17 14:10 --------- d-----w C:\Program Files\DivX
    2008-08-17 11:47 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2008-08-17 11:47 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2008-08-12 15:55 --------- d-----w C:\Program Files\Canon
    2008-08-09 12:21 --------- d-----w C:\Program Files\Apple Software Update
    2008-08-09 08:01 --------- d-----w C:\Program Files\Windows Live Safety Center
    2008-08-08 16:21 --------- d-----w C:\Program Files\Subdownloader
    2008-08-04 20:55 --------- d-----w C:\Program Files\Uniblue
    2008-08-04 20:55 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Uniblue
    2008-08-04 20:54 --------- d-----w C:\Program Files\MUSICMATCH
    2008-08-03 22:07 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Apple Computer
    2008-08-02 13:04 --------- d-----w C:\Program Files\iTunes
    2008-08-02 13:02 --------- d-----w C:\Program Files\iPod
    2008-07-26 19:52 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2008-07-23 16:50 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
    2008-07-23 16:50 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2008-07-23 16:50 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2008-07-20 16:04 --------- d-----w C:\Program Files\LG PC Suite 2
    2008-07-20 16:00 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\InstallShield
    2008-07-18 11:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\LGMOBILEAX
    2008-07-17 13:39 --------- d-----w C:\Program Files\World of Warcraft
    2008-07-15 22:45 --------- d-----w C:\Program Files\Undisker
    2008-07-13 16:02 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\IObit
    2008-07-13 15:53 --------- d-----w C:\Program Files\IObit
    2008-07-13 15:32 --------- d-----w C:\Program Files\WinPcap
    2008-07-13 15:32 --------- d-----w C:\Program Files\ADSL Router Utility
    2008-07-10 17:48 --------- d-----w C:\Program Files\Bonjour
    2008-07-08 18:06 4,224 ----a-w C:\WINDOWS\system32\drivers\beep.sys
    2008-07-08 18:06 4,224 ----a-w C:\WINDOWS\system32\dllcache\beep.sys
    2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
    2008-07-07 20:26 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
    2008-07-07 11:48 --------- d-----w C:\Program Files\Nik Software
    2008-07-04 20:08 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment
    2008-07-02 23:12 32,000 ----a-w C:\WINDOWS\system32\drivers\usbaapl.sys
    2008-06-30 22:32 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\uTorrent
    2008-06-30 21:57 0 ----a-w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\wklnhst.dat
    2008-06-28 20:04 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Sonic
    2008-06-28 19:09 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Leadertech
    2008-06-28 17:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\MediaLife
    2008-06-28 17:53 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\MediaLife
    2008-06-28 16:36 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Logitech
    2008-06-28 16:27 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-06-28 16:25 --------- d-----w C:\Program Files\Logitech
    2008-06-28 16:25 --------- d-----w C:\Program Files\CyberLink
    2008-06-28 16:24 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
    2008-06-28 16:23 --------- d-----w C:\Program Files\Common Files\Logitech
    2008-06-27 22:52 --------- d-----w C:\Program Files\Windows Live
    2008-06-27 22:38 1,776 ----a-w C:\WINDOWS\system32\ealregsnapshot1.reg
    2008-06-27 16:57 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
    2008-06-27 16:57 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\DAEMON Tools
    2008-06-26 18:49 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Malwarebytes
    2008-06-26 18:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-06-26 18:09 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\Uniblue
    2008-06-26 12:19 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
    2008-06-26 12:19 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\ScanSoft
    2008-06-26 12:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanWizard
    2008-06-26 12:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
    2008-06-26 12:18 --------- d-----w C:\Program Files\ScanSoft
    2008-06-26 10:44 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\HP
    2008-06-26 10:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Last.fm
    2008-06-26 10:01 --------- d-----w C:\Program Files\LimeWire
    2008-06-26 09:57 --------- d-----w C:\Program Files\PC-Clean
    2008-06-25 21:35 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Symantec
    2008-06-25 21:02 --------- d-----w C:\Program Files\Windows Sidebar
    2008-06-25 19:17 --------- d-----w C:\Program Files\Nobilis
    2008-06-25 16:20 --------- d-----w C:\Program Files\Last.fm
    2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
    2008-06-24 16:01 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\DivX
    2008-06-23 19:34 --------- d-----w C:\Program Files\Google
    2008-06-23 11:22 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\InterVideo
    2008-06-23 09:20 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2008-06-23 09:20 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
    2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-06-21 05:23 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
    2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
    2008-06-20 17:46 245,248 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
    2008-06-20 17:46 147,968 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
    2008-06-20 11:51 361,600 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
    2008-06-20 11:40 138,496 ------w C:\WINDOWS\system32\dllcache\afd.sys
    2008-06-20 11:08 225,856 ------w C:\WINDOWS\system32\dllcache\tcpip6.sys
    2008-06-17 21:18 61,440 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll
    2008-06-17 21:18 45,056 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
    2008-06-17 21:18 44,032 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
    2008-06-17 21:18 40,960 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll
    2008-06-17 21:18 341,048 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll
    2008-06-17 21:18 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll
    2008-06-17 21:18 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll
    2008-06-17 21:18 163,840 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll
    2008-06-17 15:16 139,264 ----a-w C:\WINDOWS\system32\hpzjrd01.dll
    2008-06-13 11:05 272,128 ------w C:\WINDOWS\system32\dllcache\bthport.sys
    2008-05-30 11:19 507,400 ----a-w C:\WINDOWS\system32\XAudio2_1.dll
    2008-05-30 11:18 238,088 ----a-w C:\WINDOWS\system32\xactengine3_1.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 03:12 15360]
    "CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 11:03 868352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-06 07:56 64512]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 19:04 52736]
    "HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 09:35 49152]
    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 23:14 237568]
    "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44 61440]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe" [2008-04-01 13:21 61440]
    "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 11:12 90112]
    "OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152]
    "MediaLifeService"="C:\Program Files\Logitech\MediaLife\MediaLifeService.exe" [2005-05-12 21:23 110739]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-07-18 04:54 116072]
    "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048]
    "CTCheck"="C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 11:08 397312]
    "a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-07-31 14:46 2131600]
    "ftutil2"="ftutil2.dll" [2004-06-08 08:05 106496 C:\WINDOWS\system32\ftutil2.dll]
    "AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 10:19 77312 C:\WINDOWS\arpwrmsg.exe]
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 14:46 28160 C:\WINDOWS\KHALMNPR.Exe]

    C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\
    LimeWire SpeedUp Pro.lnk - C:\Program Files\LimeWire SpeedUp Pro\LimeWire SpeedUp Pro.exe [2008-07-23 09:24:42 393216]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 07:23:26 282624]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoResolveSearch"= 1 (0x1)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 22:19 304128]

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
    backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
    backup=C:\WINDOWS\pss\Windows Search.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator.YOUR-55E5F9E3D2^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    path=C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator.YOUR-55E5F9E3D2^Start Menu^Programs^Startup^LimeWire SpeedUp Pro.lnk]
    path=C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Start Menu\Programs\Startup\LimeWire SpeedUp Pro.lnk
    backup=C:\WINDOWS\pss\LimeWire SpeedUp Pro.lnkStartup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
    --a------ 2008-07-03 02:23 116040 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    --a------ 2008-07-30 10:47 289064 C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartRAM]
    --a------ 2007-10-29 16:43 662016 C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "DisableNotifications"= 1 (0x1)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
    "C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
    "C:\\Program Files\\World of Warcraft\\Wow.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "22601:TCP"= 22601:TCP:BitComet 22601 TCP
    "22601:UDP"= 22601:UDP:BitComet 22601 UDP
    "9900:TCP"= 9900:TCP:BitComet 9900 TCP
    "9900:UDP"= 9900:UDP:BitComet 9900 UDP
    "6621:TCP"= 6621:TCP:limewire pro

    R0 dontgo;Promise Removable Disk Control Driver;C:\WINDOWS\system32\DRIVERS\DontGo.sys [2004-06-30 07:25]
    R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-01-26 10:42]
    S2 Automattinen LiveUpdate-ajastustoiminto;Automattinen LiveUpdate-ajastustoiminto;C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 18:27]
    S2 RPCH;Remote Procedure Call (HPM);C:\Program Files\NetMeeting\Intell.exe [2005-06-16 12:37]
    S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 17:42]
    S3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 20:44]
    S3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;C:\WINDOWS\system32\DRIVERS\wn5401.sys [2005-01-07 03:08]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan

    *Newly Created Service* - CATCHME
    *Newly Created Service* - COMHOST
    .
    Contents of the 'Scheduled Tasks' folder

    2008-08-16 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

    2008-08-17 C:\WINDOWS\Tasks\Scheduled scanning task.job
    - C:\PROGRA~1\F-Secure Internet Security\Anti-Virus\fsav.exe []

    2008-08-23 C:\WINDOWS\Tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]

    2008-08-21 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
    - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []

    2008-07-13 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
    - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
    .
    .
    ------- Supplementary Scan -------
    .
    FireFox -: Profile - C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Mozilla\Firefox\Profiles\5vsj0e49.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://irc-galleria.net/index.php
    FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
    FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-23 12:12:08
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-08-23 12:14:07
    ComboFix-quarantined-files.txt 2008-08-23 09:14:01

    Pre-Run: 105,544,290,304 bytes free
    Post-Run: 105,612,517,376 tavua vapaana

    333 --- E O F --- 2008-08-19 04:32:10


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:32:28, on 23.8.2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\arservice.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\a-squared Anti-Malware\a2guard.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1213715790651
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1213715949948
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15105/CTPID.cab
    O18 - Protocol: bw+0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 23324 bytes
     
  7. Hujo

    Hujo Guest

    Avaa Muistio ja kopioi/liitä quoteboxin sisältö sinne:

    Tallenna se nimellä CFScript.txt

    Sitten raahaa CFScript ComboFix.exeen kuten alla.

    [​IMG]

    Käynnistä tietokone uudelleen pyydettäessä ja lähetä combofix.txt-tiedoston sisältö tänne.
     
  8. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    ComboFix 08-08-21.02 - HP_Administrator 2008-08-23 14:03:45.14 - NTFSx86
    Running from: C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Desktop\ComboFix.exe
    Command switches used :: C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\My Documents\CFScript.txt
    * Created a new restore point
    .

    ((((((((((((((((((((((((( Files Created from 2008-07-23 to 2008-08-23 )))))))))))))))))))))))))))))))
    .

    2008-08-23 13:18 . 2008-08-23 13:18 <KANSIO> d-------- C:\Program Files\Ares Destiny
    2008-08-23 13:16 . 2008-08-23 13:16 47,368 --ah----- C:\WINDOWS\system32\mlfcache.dat
    2008-08-22 16:56 . 2008-08-22 16:56 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-08-22 16:56 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-08-22 16:56 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-08-22 16:30 . 2008-08-23 13:24 <KANSIO> d-------- C:\Program Files\a-squared Anti-Malware
    2008-08-18 16:12 . 2008-08-18 16:12 <KANSIO> d-------- C:\Program Files\Kaspersky Lab
    2008-08-18 16:11 . 2008-08-18 16:11 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2008-08-17 17:24 . 2008-07-30 17:42 23,888 --a------ C:\WINDOWS\system32\drivers\COH_Mon.sys
    2008-08-17 17:24 . 2008-07-30 17:28 10,537 --a------ C:\WINDOWS\system32\drivers\COH_Mon.cat
    2008-08-17 17:24 . 2008-07-30 17:28 706 --a------ C:\WINDOWS\system32\drivers\COH_Mon.inf
    2008-08-17 13:08 . 2008-08-18 17:02 <KANSIO> d-------- C:\Program Files\Norton 360
    2008-08-17 13:07 . 2008-08-17 14:47 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2008-08-17 13:07 . 2008-08-17 14:47 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
    2008-08-17 13:06 . 2008-08-17 14:47 <KANSIO> d-------- C:\Program Files\Symantec
    2008-08-15 15:07 . 2008-07-22 17:45 1,214,526 --------- C:\WINDOWS\system32\dllcache\sysmain.sdb
    2008-08-15 15:07 . 2008-07-22 17:45 790,846 --------- C:\WINDOWS\system32\dllcache\apph_sp.sdb
    2008-08-15 15:07 . 2008-07-22 17:45 9,696 --------- C:\WINDOWS\system32\dllcache\drvmain.sdb
    2008-08-13 20:02 . 2008-04-11 22:04 691,712 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll
    2008-08-13 20:01 . 2008-05-01 17:33 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
    2008-08-12 19:59 . 2008-08-12 19:59 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\ZoomBrowser EX
    2008-08-12 19:57 . 2008-04-14 03:12 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
    2008-08-12 19:57 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
    2008-08-12 19:53 . 2008-08-12 19:53 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Canon
    2008-08-12 18:44 . 2008-08-12 18:44 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
    2008-08-12 18:36 . 2008-08-12 18:36 <KANSIO> d-------- C:\Program Files\Common Files\Canon
    2008-08-05 16:55 . 2008-08-05 16:55 <KANSIO> d-------- C:\Program Files\Yahoo!
    2008-08-05 00:09 . 2008-08-16 14:01 <KANSIO> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-08-05 00:09 . 2008-08-16 14:01 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-08-02 15:10 . 2008-08-02 15:12 <KANSIO> d-------- C:\Program Files\Safari
    2008-08-01 15:44 . 2008-08-01 15:44 578,560 --a------ C:\WINDOWS\system32\dllcache\user32.dll
    2008-07-29 03:58 . 2008-07-29 03:58 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\F-Secure
    2008-07-29 03:49 . 2008-08-17 20:50 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\F-Secure
    2008-07-29 03:48 . 2008-08-23 13:06 <KANSIO> d-------- C:\Program Files\F-Secure Internet Security
    2008-07-29 03:48 . 2008-07-29 03:48 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\fssg
    2008-07-29 03:23 . 2008-07-29 03:23 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\WinBatch
    2008-07-28 13:29 . 2008-07-28 13:29 1,024 --a------ C:\WINDOWS\system32\ej1qrio.tgz
    2008-07-28 13:28 . 2008-07-28 13:28 <KANSIO> d-------- C:\Program Files\Vertus Fluid Mask 3
    2008-07-28 13:28 . 2008-07-28 13:28 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\VertusTech
    2008-07-26 21:59 . 2008-07-26 21:59 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Windows Search
    2008-07-25 16:20 . 2008-07-25 16:20 <KANSIO> d-------- C:\Program Files\Lavasoft
    2008-07-25 16:20 . 2008-07-25 17:25 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-07-25 11:36 . 2008-07-25 11:36 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
    2008-07-25 11:36 . 2008-07-25 11:36 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
    2008-07-24 23:18 . 2008-07-24 23:18 <KANSIO> d-------- C:\WINDOWS\system32\GroupPolicy
    2008-07-24 23:18 . 2008-07-24 23:18 <KANSIO> d-------- C:\Program Files\Windows Desktop Search
    2008-07-24 23:18 . 2008-07-24 23:18 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Windows Desktop Search
    2008-07-24 23:16 . 2008-03-07 20:02 192,000 --------- C:\WINDOWS\system32\dllcache\offfilt.dll
    2008-07-24 23:16 . 2008-03-07 20:02 98,304 --------- C:\WINDOWS\system32\dllcache\nlhtml.dll
    2008-07-24 23:16 . 2008-03-07 20:02 29,696 --------- C:\WINDOWS\system32\dllcache\mimefilt.dll
    2008-07-23 19:50 . 2008-07-23 19:50 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
    2008-07-23 19:48 . 2008-07-23 19:48 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
    2008-07-23 19:48 . 2008-07-23 19:48 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
    2008-07-23 19:47 . 2008-07-23 19:47 634,880 --a------ C:\WINDOWS\system32\divxdec.ax
    2008-07-23 19:47 . 2008-07-23 19:47 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax
    2008-07-23 19:47 . 2008-07-23 19:47 416 --a------ C:\WINDOWS\system32\dtu100.dll.manifest
    2008-07-23 19:47 . 2008-07-23 19:47 416 --a------ C:\WINDOWS\system32\dpl100.dll.manifest
    2008-07-23 19:46 . 2008-07-23 19:46 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-08-23 10:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-08-23 10:19 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-08-22 17:06 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\LimeWire
    2008-08-19 18:44 --------- d--h--w C:\Program Files\Creative Installation Information
    2008-08-19 18:43 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Creative
    2008-08-19 18:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Creative
    2008-08-19 04:32 --------- d-----w C:\Program Files\Microsoft Silverlight
    2008-08-18 13:11 --------- d-----w C:\Program Files\Common Files\Download Manager
    2008-08-17 14:10 --------- d-----w C:\Program Files\DivX
    2008-08-17 11:47 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2008-08-17 11:47 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2008-08-12 15:55 --------- d-----w C:\Program Files\Canon
    2008-08-09 12:21 --------- d-----w C:\Program Files\Apple Software Update
    2008-08-09 08:01 --------- d-----w C:\Program Files\Windows Live Safety Center
    2008-08-08 16:21 --------- d-----w C:\Program Files\Subdownloader
    2008-08-04 20:55 --------- d-----w C:\Program Files\Uniblue
    2008-08-04 20:55 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Uniblue
    2008-08-04 20:54 --------- d-----w C:\Program Files\MUSICMATCH
    2008-08-03 22:07 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Apple Computer
    2008-08-02 13:04 --------- d-----w C:\Program Files\iTunes
    2008-08-02 13:02 --------- d-----w C:\Program Files\iPod
    2008-07-26 19:52 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2008-07-23 16:50 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
    2008-07-23 16:50 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2008-07-23 16:50 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2008-07-20 16:04 --------- d-----w C:\Program Files\LG PC Suite 2
    2008-07-20 16:00 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\InstallShield
    2008-07-18 11:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\LGMOBILEAX
    2008-07-17 13:39 --------- d-----w C:\Program Files\World of Warcraft
    2008-07-15 22:45 --------- d-----w C:\Program Files\Undisker
    2008-07-13 16:02 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\IObit
    2008-07-13 15:53 --------- d-----w C:\Program Files\IObit
    2008-07-13 15:32 --------- d-----w C:\Program Files\WinPcap
    2008-07-13 15:32 --------- d-----w C:\Program Files\ADSL Router Utility
    2008-07-10 17:48 --------- d-----w C:\Program Files\Bonjour
    2008-07-08 18:06 4,224 ----a-w C:\WINDOWS\system32\drivers\beep.sys
    2008-07-08 18:06 4,224 ----a-w C:\WINDOWS\system32\dllcache\beep.sys
    2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
    2008-07-07 20:26 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
    2008-07-07 11:48 --------- d-----w C:\Program Files\Nik Software
    2008-07-04 20:08 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment
    2008-07-02 23:12 32,000 ----a-w C:\WINDOWS\system32\drivers\usbaapl.sys
    2008-06-30 22:32 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\uTorrent
    2008-06-30 21:57 0 ----a-w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\wklnhst.dat
    2008-06-28 20:04 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Sonic
    2008-06-28 19:09 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Leadertech
    2008-06-28 17:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\MediaLife
    2008-06-28 17:53 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\MediaLife
    2008-06-28 16:36 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Logitech
    2008-06-28 16:27 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-06-28 16:25 --------- d-----w C:\Program Files\Logitech
    2008-06-28 16:25 --------- d-----w C:\Program Files\CyberLink
    2008-06-28 16:24 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
    2008-06-28 16:23 --------- d-----w C:\Program Files\Common Files\Logitech
    2008-06-27 22:52 --------- d-----w C:\Program Files\Windows Live
    2008-06-27 22:38 1,776 ----a-w C:\WINDOWS\system32\ealregsnapshot1.reg
    2008-06-27 16:57 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
    2008-06-27 16:57 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\DAEMON Tools
    2008-06-26 18:49 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Malwarebytes
    2008-06-26 18:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-06-26 18:09 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\Uniblue
    2008-06-26 12:19 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
    2008-06-26 12:19 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\ScanSoft
    2008-06-26 12:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanWizard
    2008-06-26 12:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
    2008-06-26 12:18 --------- d-----w C:\Program Files\ScanSoft
    2008-06-26 10:44 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\HP
    2008-06-26 10:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Last.fm
    2008-06-26 09:57 --------- d-----w C:\Program Files\PC-Clean
    2008-06-25 21:35 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Symantec
    2008-06-25 21:02 --------- d-----w C:\Program Files\Windows Sidebar
    2008-06-25 19:17 --------- d-----w C:\Program Files\Nobilis
    2008-06-25 16:20 --------- d-----w C:\Program Files\Last.fm
    2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
    2008-06-24 16:01 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\DivX
    2008-06-23 19:34 --------- d-----w C:\Program Files\Google
    2008-06-23 11:22 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\InterVideo
    2008-06-23 09:20 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2008-06-23 09:20 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
    2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-06-21 05:23 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
    2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
    2008-06-20 17:46 245,248 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
    2008-06-20 17:46 147,968 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
    2008-06-20 11:51 361,600 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
    2008-06-20 11:40 138,496 ------w C:\WINDOWS\system32\dllcache\afd.sys
    2008-06-20 11:08 225,856 ------w C:\WINDOWS\system32\dllcache\tcpip6.sys
    2008-06-17 21:18 61,440 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll
    2008-06-17 21:18 45,056 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
    2008-06-17 21:18 44,032 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
    2008-06-17 21:18 40,960 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll
    2008-06-17 21:18 341,048 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll
    2008-06-17 21:18 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll
    2008-06-17 21:18 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll
    2008-06-17 21:18 163,840 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll
    2008-06-17 15:16 139,264 ----a-w C:\WINDOWS\system32\hpzjrd01.dll
    2008-06-13 11:05 272,128 ------w C:\WINDOWS\system32\dllcache\bthport.sys
    2008-05-30 11:19 507,400 ----a-w C:\WINDOWS\system32\XAudio2_1.dll
    2008-05-30 11:18 238,088 ----a-w C:\WINDOWS\system32\xactengine3_1.dll
    2008-05-30 11:17 65,032 ----a-w C:\WINDOWS\system32\XAPOFX1_0.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2008-08-23_12.13.00.62 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-08-23 11:04:39 60,224,778 ----a-w C:\WINDOWS\temp\a2cache_08597E12.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 03:12 15360]
    "CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 11:03 868352]
    "ares destiny"="C:\Program Files\Ares Destiny\Ares.exe" [2007-08-27 17:02 2973184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-06 07:56 64512]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 19:04 52736]
    "HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 09:35 49152]
    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 23:14 237568]
    "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44 61440]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe" [2008-04-01 13:21 61440]
    "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 11:12 90112]
    "OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152]
    "MediaLifeService"="C:\Program Files\Logitech\MediaLife\MediaLifeService.exe" [2005-05-12 21:23 110739]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-07-18 04:54 116072]
    "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048]
    "CTCheck"="C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 11:08 397312]
    "a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-07-31 14:46 2131600]
    "ftutil2"="ftutil2.dll" [2004-06-08 08:05 106496 C:\WINDOWS\system32\ftutil2.dll]
    "AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 10:19 77312 C:\WINDOWS\arpwrmsg.exe]
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 14:46 28160 C:\WINDOWS\KHALMNPR.Exe]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 07:23:26 282624]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoResolveSearch"= 1 (0x1)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 22:19 304128]

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
    backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
    backup=C:\WINDOWS\pss\Windows Search.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator.YOUR-55E5F9E3D2^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    path=C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator.YOUR-55E5F9E3D2^Start Menu^Programs^Startup^LimeWire SpeedUp Pro.lnk]
    path=C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Start Menu\Programs\Startup\LimeWire SpeedUp Pro.lnk
    backup=C:\WINDOWS\pss\LimeWire SpeedUp Pro.lnkStartup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
    --a------ 2008-07-03 02:23 116040 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    --a------ 2008-07-30 10:47 289064 C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartRAM]
    --a------ 2007-10-29 16:43 662016 C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "DisableNotifications"= 1 (0x1)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
    "C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
    "C:\\Program Files\\World of Warcraft\\Wow.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "22601:TCP"= 22601:TCP:BitComet 22601 TCP
    "22601:UDP"= 22601:UDP:BitComet 22601 UDP
    "9900:TCP"= 9900:TCP:BitComet 9900 TCP
    "9900:UDP"= 9900:UDP:BitComet 9900 UDP
    "6621:TCP"= 6621:TCP:limewire pro

    R0 dontgo;Promise Removable Disk Control Driver;C:\WINDOWS\system32\DRIVERS\DontGo.sys [2004-06-30 07:25]
    R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-01-26 10:42]
    S2 Automattinen LiveUpdate-ajastustoiminto;Automattinen LiveUpdate-ajastustoiminto;C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 18:27]
    S2 RPCH;Remote Procedure Call (HPM);C:\Program Files\NetMeeting\Intell.exe [2005-06-16 12:37]
    S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 17:42]
    S3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 20:44]
    S3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;C:\WINDOWS\system32\DRIVERS\wn5401.sys [2005-01-07 03:08]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan

    *Newly Created Service* - COMHOST
    .
    Contents of the 'Scheduled Tasks' folder

    2008-08-16 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

    2008-08-17 C:\WINDOWS\Tasks\Scheduled scanning task.job
    - C:\PROGRA~1\F-Secure Internet Security\Anti-Virus\fsav.exe []

    2008-08-23 C:\WINDOWS\Tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]

    2008-08-21 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
    - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []

    2008-07-13 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
    - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-23 14:08:40
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    PROCESS: C:\WINDOWS\explorer.exe
    -> C:\Program Files\NetMeeting\Down(0).dat
    .
    Completion time: 2008-08-23 14:10:58
    ComboFix-quarantined-files.txt 2008-08-23 11:10:30
    ComboFix2.txt 2008-08-23 09:14:10

    Pre-Run: 109,830,692,864 bytes free
    Post-Run: 109,817,286,656 tavua vapaana

    320 --- E O F --- 2008-08-19 04:32:10

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:14:45, on 23.8.2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\arservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\HP\KBD\KBD.EXE
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\a-squared Anti-Malware\a2guard.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Last.fm\LastFM.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\Ares Destiny\Ares.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\a-squared Anti-Malware\a2scan.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\SearchFilterHost.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - HKCU\..\Run: [ares destiny] "C:\Program Files\Ares Destiny\Ares.exe" -h
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1213715790651
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1213715949948
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15105/CTPID.cab
    O18 - Protocol: bw+0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares Destiny\chatServer.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 24048 bytes
     
  9. Hujo

    Hujo Guest

    Lataa OTMoveIt
    OTMoveIt ja tallenna se työpöydällesi.

    Tuplaklikkaa OTMoveIt.exe.
    Klikkaa CleanUp!.
    Valitse Yes kun kysytään "Begin cleanup Process?".
    Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.

    HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.
     
  10. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:29:10, on 23.8.2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\arservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
    C:\Program Files\a-squared Anti-Malware\a2guard.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Ares Destiny\Ares.exe
    C:\WINDOWS\system32\SearchFilterHost.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Last.fm\LastFM.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1213715790651
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1213715949948
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15105/CTPID.cab
    O18 - Protocol: bw+0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares Destiny\chatServer.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 24128 bytes
     
  11. Hujo

    Hujo Guest

    Lataa Malwarebytes' Anti-Malware työpöydällesi.

    1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
    2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
    Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
    3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
    4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
    5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
    6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
    7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
    löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
    Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
    8. Lähetä lokin sisältö seuraavassa viestissäsi.
     
  12. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    Malwarebytes' Anti-Malware 1.25
    Tietokantaversio: 1077
    Windows 5.1.2600 Service Pack 3

    17:22:59 23.8.2008
    mbam-log-08-23-2008 (17-22-59).txt

    Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
    Tarkistetut kohteet: 198033
    Kulunut aika: 1 hour(s), 22 minute(s), 44 second(s)

    Saastuneita muistiprosesseja: 0
    Saastuneita muistimoduuleja: 0
    Saastuneita rekisteriavaimia: 0
    Saastuneita rekisteriarvoja: 0
    Saastuneita rekisterikohteita: 0
    Saastuneita hakemistoja: 0
    Saastuneita tiedostoja: 0

    Saastuneita muistiprosesseja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita muistimoduuleja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriavaimia:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriarvoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisterikohteita:
    (Haitallisia kohteita ei löydetty)

    Saastuneita hakemistoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita tiedostoja:
    (Haitallisia kohteita ei löydetty)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:24:08, on 23.8.2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\arservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
    C:\Program Files\a-squared Anti-Malware\a2guard.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Ares Destiny\Ares.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Last.fm\LastFM.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\SearchFilterHost.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1213715790651
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1213715949948
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15105/CTPID.cab
    O18 - Protocol: bw+0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares Destiny\chatServer.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 24147 bytes
     
  13. Hujo

    Hujo Guest

    Luo poistolista:
    • Avaa HiJackThis
    • Klikkaa "Configure" valintaa oikealla alhaalla
    • Klikkaa "Misc Tools"
    • Klikkaa boxia joka sanoo "Uninstall Manager"
    • Klikkaa valintaa "Save list"
    • Kopioi ja liitä kyseinen lista muistiosta postiisi
     
  14. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:16, on 2008-09-05
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\arservice.exe
    C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\IoctlSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\HP\KBD\KBD.EXE
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
    C:\Program Files\a-squared Anti-Malware\a2guard.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Ares Destiny\Ares.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ircdown.com/fi/index.php?rvs=hompag&d=79919172
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [ares destiny] "C:\Program Files\Ares Destiny\Ares.exe" -h
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1213715790651
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1213715949948
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15105/CTPID.cab
    O18 - Protocol: bw+0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {C1D6B944-B23D-49CE-BFB2-1FA3D4940A1B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares Destiny\chatServer.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Automattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 24532 bytes
     
  15. Hujo

    Hujo Guest

    niin laita tuo poisto lista
     
  16. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    Adobe Flash Player ActiveX
    Adobe Flash Player Plugin
    Adobe Photoshop CS3
    Adobe Photoshop Lightroom 2
    Adobe Reader 7.1.0 - Suomi
    Adobe Setup
    ADSL Router Utility
    Apple Mobile Device Support
    Apple Software Update
    Ares Destiny 3.0
    a-squared Anti-Malware 3.5
    ATI Catalyst Control Center
    ATI Display Driver
    Autodesk 3ds Max 2009 32-bit
    Autodesk Backburner 2008.1
    Automaattiset valikot (Windows Live Toolbar)
    Bonjour
    Canon Camera Access Library
    Canon Camera Support Core Library
    CANON iMAGE GATEWAY Task for ZoomBrowser EX
    Canon Internet Library for ZoomBrowser EX
    Canon MP Navigator 2.0
    Canon MP450
    Canon RAW Image Task for ZoomBrowser EX
    Canon Utilities CameraWindow
    Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
    Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
    Canon Utilities Digital Photo Professional 3.3
    Canon Utilities EOS Utility
    Canon Utilities MyCamera
    Canon Utilities Original Data Security Tools
    Canon Utilities PhotoStitch
    Canon Utilities Picture Style Editor
    Canon Utilities RemoteCapture Task for ZoomBrowser EX
    Canon Utilities ZoomBrowser EX
    Canon ZoomBrowser EX Memory Card Utility
    CCleaner (remove only)
    Creative Software AutoUpdate
    Creative System Information
    Creative ZEN
    DivX Codec
    DivX Converter
    DivX Player
    DivX Web Player
    Easy-WebPrint
    Enhanced Multimedia Keyboard Solution
    FBX Plugin 2009.0 for Max 2009
    FinalBurner Free v2.2.0.132
    GemMaster Mystic
    HijackThis 2.0.2
    Hotfix for Windows Internet Explorer 7 (KB947864)
    HP Deskjet Printer Preload
    HP DigitalMedia Archive
    HP Image Zone for Media Center PC
    HP Software Update
    InterVideo WinDVD Player
    iTunes
    J2SE Runtime Environment 5.0 Update 5
    Java(TM) 6 Update 6
    Korostuksen katselu (Windows Live Toolbar)
    Last.fm 1.5.1.30182
    LG PC Suite
    LG USB Modem driver
    LiveUpdate 3.2 (Symantec Corporation)
    LiveUpdate Notice (Symantec Corporation)
    Localization Pack for Microsoft Windows XP Media Center Edition
    Logitech Desktop Messenger
    Logitech SetPoint
    MainConcept for Software Encoder
    Malwarebytes' Anti-Malware
    MediaLife
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Finnish Language Pack
    Microsoft .NET Framework 1.1 Hotfix (KB928366)
    Microsoft .NET Framework 2.0 Service Pack 1
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Works
    Mozilla Firefox (3.0.1)
    MSXML 4.0 SP2 (KB936181)
    MSXML 6.0 Parser
    Nero 8 Trial
    neroxml
    OmniPage SE 2.0
    OpenOffice.org Installer 1.0
    Otto
    PS2
    Python 2.2 pywin32 extensions (build 203)
    Python 2.2.3
    QuickTime
    Safari
    Security Update for CAPICOM (KB931906)
    Security Update for CAPICOM (KB931906)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Sonic Express Labeler
    Sonic MyDVD Plus
    Sonic RecordNow Audio
    Sonic RecordNow Copy
    Sonic RecordNow Data
    Sonic Update Manager
    SubDownloader
    TypingMaster Pro
    VCRedistSetup
    Vertus Fluid Mask 3 3.0.8
    Windows Defender
    Windows Imaging Component
    Windows Internet Explorer 7 Multilingual User Interface (MUI)
    Windows Live installer
    Windows Live Messenger
    Windows Live OneCare safety scanner
    Windows Live Toolbar
    Windows Live Toolbar
    Windows Live Toolbarin laajennus (Windows Live Toolbar)
    Windows Live Writer
    Windows Liven sähköposti
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player Firefox Plugin
    Windows XP Service Pack 3
    WinPcap 3.1 beta3
    WinRAR archiver
    Viveza
    World of Warcraft
    ZEN Media Explorer
    ZENcast Organizer
    Zune Desktop Theme

     
  17. Hujo

    Hujo Guest

    Poista lisää poista sovelutuksesta

    Logitech Desktop Messenger
    J2SE Runtime Environment 5.0 Update 5
    a-squared Anti-Malware 3.5

    ===============

    Poista kansiot vikasiedossa

    C:\Program Files\a-squared Anti-Malware


    ===============

    scannaa hjt:llä merkkaa paina Fix checked


    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ircdown.com/fi/index.php?rvs=hompag&d=79919172
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll

    ================

    päivitä Malwarebytes' Anti-Malware ja aja täysiscannaus
     
  18. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    Logitech Desktop Messenger
    ei voitu poistaa virheen vuoksi
     
  19. Hujo

    Hujo Guest

    ajas combofix
     
  20. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26
    Malwarebytes' Anti-Malware 1.26
    Tietokantaversio: 1103
    Windows 5.1.2600 Service Pack 3

    2008-09-05 20:02:50
    mbam-log-2008-09-05 (20-02-50).txt

    Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
    Tarkistetut kohteet: 206144
    Kulunut aika: 2 hour(s), 2 minute(s), 15 second(s)

    Saastuneita muistiprosesseja: 0
    Saastuneita muistimoduuleja: 0
    Saastuneita rekisteriavaimia: 0
    Saastuneita rekisteriarvoja: 0
    Saastuneita rekisterikohteita: 0
    Saastuneita hakemistoja: 0
    Saastuneita tiedostoja: 0

    Saastuneita muistiprosesseja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita muistimoduuleja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriavaimia:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriarvoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisterikohteita:
    (Haitallisia kohteita ei löydetty)

    Saastuneita hakemistoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita tiedostoja:
    (Haitallisia kohteita ei löydetty)
     
  21. toope92

    toope92 Regular member

    Liittynyt:
    08.11.2006
    Viestejä:
    140
    Kiitokset:
    0
    Pisteet:
    26

    ComboFix 08-09-04.09 - HP_Administrator 2008-09-05 20:18:13.15 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.437 [GMT 3:00]
    Running from: C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Desktop\ComboFix.exe
    * Created a new restore point
    .

    ((((((((((((((((((((((((( Files Created from 2008-08-05 to 2008-09-05 )))))))))))))))))))))))))))))))
    .

    2008-09-05 15:27 . 2008-09-05 15:27 <KANSIO> d-------- C:\WINDOWS\LastGood
    2008-09-02 16:25 . 2008-09-02 16:25 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Autodesk
    2008-09-02 16:17 . 2008-09-02 16:20 <KANSIO> d-------- C:\Program Files\Common Files\Autodesk Shared
    2008-09-02 16:17 . 2008-09-02 16:25 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Autodesk
    2008-09-02 16:16 . 2008-09-02 16:20 <KANSIO> d-------- C:\Program Files\Autodesk
    2008-09-02 15:50 . 2008-09-02 15:50 <KANSIO> d-------- C:\Autodesk
    2008-09-02 14:12 . 2008-09-02 14:30 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Download Manager
    2008-08-31 20:43 . 2008-08-31 20:43 <KANSIO> d-------- C:\Program Files\Windows Defender
    2008-08-27 19:12 . 2008-08-27 19:13 <KANSIO> d-------- C:\Program Files\FinalBurner
    2008-08-27 18:16 . 2008-08-31 14:46 69 --a------ C:\WINDOWS\NeroDigital.ini
    2008-08-27 17:50 . 2008-08-27 17:50 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Template
    2008-08-27 17:35 . 2008-08-27 17:35 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Nero
    2008-08-27 17:29 . 2008-08-27 17:29 <KANSIO> d-------- C:\Program Files\Nero
    2008-08-27 17:29 . 2008-09-05 19:19 <KANSIO> d-------- C:\Program Files\Common Files\Nero
    2008-08-27 17:29 . 2008-08-27 17:29 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Nero
    2008-08-24 16:53 . 2005-01-02 15:20 <KANSIO> d-------- C:\Documents and Settings\Guest\WINDOWS
    2008-08-24 16:53 . 2008-08-24 16:53 <KANSIO> d-------- C:\Documents and Settings\Guest
    2008-08-24 16:17 . 2008-08-28 15:16 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\eboostr
    2008-08-24 14:46 . 2008-08-24 15:56 <KANSIO> d-------- C:\temp
    2008-08-24 14:46 . 2008-08-24 14:46 32 -r-hs---- C:\temp\HPCD.sys
    2008-08-23 18:35 . 2008-09-05 13:20 <KANSIO> d-------- C:\SDFix
    2008-08-23 14:59 . 2008-08-23 14:59 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\TypingMaster7
    2008-08-23 14:58 . 2008-08-23 14:59 <KANSIO> dr------- C:\Program Files\TypingMaster
    2008-08-23 13:18 . 2008-08-23 13:18 <KANSIO> d-------- C:\Program Files\Ares Destiny
    2008-08-23 13:16 . 2008-08-23 13:16 47,368 --ah----- C:\WINDOWS\system32\mlfcache.dat
    2008-08-22 16:56 . 2008-09-05 17:38 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-08-22 16:56 . 2008-09-02 00:16 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-08-22 16:56 . 2008-09-02 00:16 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-08-22 16:30 . 2008-09-05 17:31 <KANSIO> d-------- C:\Program Files\a-squared Anti-Malware
    2008-08-18 16:12 . 2008-08-18 16:12 <KANSIO> d-------- C:\Program Files\Kaspersky Lab
    2008-08-18 16:11 . 2008-09-01 17:53 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2008-08-17 13:06 . 2008-09-01 16:17 <KANSIO> d-------- C:\Program Files\Symantec
    2008-08-15 15:07 . 2008-07-22 17:45 1,214,526 --------- C:\WINDOWS\system32\dllcache\sysmain.sdb
    2008-08-15 15:07 . 2008-07-22 17:45 790,846 --------- C:\WINDOWS\system32\dllcache\apph_sp.sdb
    2008-08-15 15:07 . 2008-07-22 17:45 9,696 --------- C:\WINDOWS\system32\dllcache\drvmain.sdb
    2008-08-13 20:02 . 2008-04-11 22:04 691,712 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll
    2008-08-13 20:01 . 2008-05-01 17:33 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
    2008-08-12 19:59 . 2008-08-12 19:59 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\ZoomBrowser EX
    2008-08-12 19:57 . 2008-04-14 03:12 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
    2008-08-12 19:57 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
    2008-08-12 19:53 . 2008-08-12 19:53 <KANSIO> d-------- C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Canon
    2008-08-12 18:44 . 2008-08-12 18:44 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
    2008-08-12 18:36 . 2008-08-12 18:36 <KANSIO> d-------- C:\Program Files\Common Files\Canon
    2008-08-05 00:09 . 2008-08-16 14:01 <KANSIO> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-08-05 00:09 . 2008-08-16 14:01 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-09-05 14:38 --------- d-----w C:\Program Files\Java
    2008-09-05 13:04 --------- d-----w C:\Program Files\Windows Live Safety Center
    2008-09-01 15:49 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-09-01 15:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-08-29 17:48 --------- d-----w C:\Program Files\DivX
    2008-08-27 14:51 226 ----a-w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\wklnhst.dat
    2008-08-23 10:06 --------- d-----w C:\Program Files\F-Secure Internet Security
    2008-08-22 17:06 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\LimeWire
    2008-08-19 18:44 --------- d--h--w C:\Program Files\Creative Installation Information
    2008-08-19 18:43 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Creative
    2008-08-19 18:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Creative
    2008-08-19 04:32 --------- d-----w C:\Program Files\Microsoft Silverlight
    2008-08-18 13:11 --------- d-----w C:\Program Files\Common Files\Download Manager
    2008-08-17 17:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\F-Secure
    2008-08-12 15:55 --------- d-----w C:\Program Files\Canon
    2008-08-09 12:21 --------- d-----w C:\Program Files\Apple Software Update
    2008-08-08 16:21 --------- d-----w C:\Program Files\Subdownloader
    2008-08-04 20:55 --------- d-----w C:\Program Files\Uniblue
    2008-08-04 20:55 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Uniblue
    2008-08-04 20:54 --------- d-----w C:\Program Files\MUSICMATCH
    2008-08-03 22:07 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Apple Computer
    2008-08-02 13:04 --------- d-----w C:\Program Files\iTunes
    2008-08-02 13:02 --------- d-----w C:\Program Files\iPod
    2008-08-02 12:12 --------- d-----w C:\Program Files\Safari
    2008-08-01 12:44 578,560 ----a-w C:\WINDOWS\system32\dllcache\user32.dll
    2008-07-29 00:58 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\F-Secure
    2008-07-29 00:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\fssg
    2008-07-29 00:23 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\WinBatch
    2008-07-28 10:28 --------- d-----w C:\Program Files\Vertus Fluid Mask 3
    2008-07-28 10:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\VertusTech
    2008-07-26 19:52 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2008-07-26 18:59 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Windows Search
    2008-07-25 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-07-25 13:20 --------- d-----w C:\Program Files\Lavasoft
    2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2008-07-24 20:18 --------- d-----w C:\Program Files\Windows Desktop Search
    2008-07-24 20:18 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Windows Desktop Search
    2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2008-07-20 16:04 --------- d-----w C:\Program Files\LG PC Suite 2
    2008-07-20 16:00 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\InstallShield
    2008-07-18 11:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\LGMOBILEAX
    2008-07-17 13:39 --------- d-----w C:\Program Files\World of Warcraft
    2008-07-15 22:45 --------- d-----w C:\Program Files\Undisker
    2008-07-13 16:02 --------- d-----w C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\IObit
    2008-07-13 15:53 --------- d-----w C:\Program Files\IObit
    2008-07-13 15:32 --------- d-----w C:\Program Files\WinPcap
    2008-07-13 15:32 --------- d-----w C:\Program Files\ADSL Router Utility
    2008-07-10 17:48 --------- d-----w C:\Program Files\Bonjour
    2008-07-09 02:05 43,872 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
    2008-07-09 02:05 129,520 ------w C:\WINDOWS\system32\pxafs.dll
    2008-07-09 02:05 120,568 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2008-07-09 02:05 118,256 ------w C:\WINDOWS\system32\pxinsi64.exe
    2008-07-08 18:06 4,224 ----a-w C:\WINDOWS\system32\drivers\beep.sys
    2008-07-08 18:06 4,224 ----a-w C:\WINDOWS\system32\dllcache\beep.sys
    2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
    2008-07-07 20:26 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
    2008-07-07 11:48 --------- d-----w C:\Program Files\Nik Software
    2008-06-28 16:24 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
    2008-06-27 22:38 1,776 ----a-w C:\WINDOWS\system32\ealregsnapshot1.reg
    2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
    2008-06-24 13:06 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
    2008-06-23 09:20 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2008-06-23 09:20 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
    2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-06-21 05:23 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
    2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
    2008-06-20 17:46 245,248 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
    2008-06-20 17:46 147,968 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
    2008-06-20 11:51 361,600 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
    2008-06-20 11:40 138,496 ------w C:\WINDOWS\system32\dllcache\afd.sys
    2008-06-20 11:08 225,856 ------w C:\WINDOWS\system32\dllcache\tcpip6.sys
    2008-06-17 21:18 61,440 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll
    2008-06-17 21:18 45,056 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
    2008-06-17 21:18 44,032 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
    2008-06-17 21:18 40,960 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll
    2008-06-17 21:18 341,048 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll
    2008-06-17 21:18 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll
    2008-06-17 21:18 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll
    2008-06-17 21:18 163,840 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll
    2008-06-17 15:16 139,264 ----a-w C:\WINDOWS\system32\hpzjrd01.dll
    2008-06-13 11:05 272,128 ------w C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-06 11:54 972,072 ----a-w C:\WINDOWS\UNRecode.exe
    2008-06-06 11:54 95,600 ----a-w C:\WINDOWS\system32\NeroCo.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
    "CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
    "ares destiny"="C:\Program Files\Ares Destiny\Ares.exe" [2007-08-27 2973184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-06 64512]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
    "HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 237568]
    "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 61440]
    "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
    "OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
    "MediaLifeService"="C:\Program Files\Logitech\MediaLife\MediaLifeService.exe" [2005-05-12 110739]
    "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
    "CTCheck"="C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "ftutil2"="ftutil2.dll" [2004-06-08 C:\WINDOWS\system32\ftutil2.dll]
    "AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 C:\WINDOWS\arpwrmsg.exe]
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 C:\WINDOWS\KHALMNPR.Exe]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoResolveSearch"= 1 (0x1)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
    backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
    backup=C:\WINDOWS\pss\Windows Search.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator.YOUR-55E5F9E3D2^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    path=C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator.YOUR-55E5F9E3D2^Start Menu^Programs^Startup^LimeWire SpeedUp Pro.lnk]
    path=C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Start Menu\Programs\Startup\LimeWire SpeedUp Pro.lnk
    backup=C:\WINDOWS\pss\LimeWire SpeedUp Pro.lnkStartup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
    --a------ 2008-07-03 02:23 116040 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    --a------ 2008-07-30 10:47 289064 C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartRAM]
    --a------ 2007-10-29 16:43 662016 C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "DisableNotifications"= 1 (0x1)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
    "C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
    "C:\\Program Files\\World of Warcraft\\Wow.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
    "C:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
    "C:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
    "C:\\Program Files\\Autodesk\\Backburner\\server.exe"=
    "C:\\Program Files\\Autodesk\\3ds Max 2009\\3dsmax.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "22601:TCP"= 22601:TCP:BitComet 22601 TCP
    "22601:UDP"= 22601:UDP:BitComet 22601 UDP
    "9900:TCP"= 9900:TCP:BitComet 9900 TCP
    "9900:UDP"= 9900:UDP:BitComet 9900 UDP
    "6621:TCP"= 6621:TCP:limewire pro

    R0 dontgo;Promise Removable Disk Control Driver;C:\WINDOWS\system32\DRIVERS\DontGo.sys [2004-06-30 7680]
    R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
    R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-01-26 2831232]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2008-09-02 38528]
    S2 Automattinen LiveUpdate-ajastustoiminto;Automattinen LiveUpdate-ajastustoiminto;C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352]
    S2 RPCH;Remote Procedure Call (HPM);C:\Program Files\NetMeeting\Intell.exe [2005-06-16 397824]
    S3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 468768]
    S3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;C:\WINDOWS\system32\DRIVERS\wn5401.sys [2005-01-07 449920]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan
    .
    Contents of the 'Scheduled Tasks' folder
    .
    .
    ------- Supplementary Scan -------
    .
    FireFox -: Profile - C:\Documents and Settings\HP_Administrator.YOUR-55E5F9E3D2\Application Data\Mozilla\Firefox\Profiles\5vsj0e49.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://irc-galleria.net/
    FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
    FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-05 20:21:50
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-09-05 20:23:08
    ComboFix-quarantined-files.txt 2008-09-05 17:22:50

    Pre-Run: 139,373,608,960 bytes free
    Post-Run: 139,443,683,328 tavua vapaana

    292 --- E O F --- 2008-09-05 08:37:23
     

Jaa tämä sivu