auttakaa hjt- login kans

eli tämmöisen antoi kun scannasin.

Logfile of HijackThis v1.99.1
Scan saved at 22:02:54, on 2.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Sygate\SPF\smc.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\iVideoCodec\isamonitor.exe
E:\Program Files\iVideoCodec\pmsngr.exe
E:\Program Files\D-Tools\daemon.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
E:\Program Files\QuickTime\qttask.exe
E:\WINDOWS\system32\CTHELPER.EXE
F:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
E:\Program Files\Microsoft IntelliPoint\point32.exe
E:\Program Files\MessengerPlus! 3\MsgPlus.exe
E:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\iVideoCodec\pmmon.exe
E:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
E:\Program Files\Messenger\msmsgs.exe
E:\Program Files\MSN Messenger\msnmsgr.exe
E:\Program Files\Internet Explorer\iexplore.exe
e:\progra~1\intern~1\iexplore.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
E:\Program Files\Xfire\Xfire.exe
E:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
E:\WINDOWS\System32\svchost.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\WINDOWS\system32\svchost.exe
F:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
E:\Program Files\No-IP\DUC20.exe
F:\hubi\hubi\metsastyshub\YnHub.exe
F:\Program Files\strongDC\StrongDC.exe
E:\PROGRA~1\MOZILL~1\FIREFOX.EXE
E:\Program Files\Internet Explorer\iexplore.exe
E:\hjt\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.xyqshteffivzett.com/oRIsW2zBpdvhDb8qb14pSkZdfQIxO2BLZUGyfsazNHuLX66g7F4bH1wZRZVsYXWI.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nypjalrzpttatkkmytnurl.com/oRIsW2zBpdv4Ljv9qsTZBeZ__N8ZCrznb1CAA6EWIko.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3EB4055F-1EB5-224A-7AB0-5DCC23334F46} - E:\DOCUME~1\mika\APPLIC~1\DRAWGL~1\army save.exe
O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - E:\Program Files\iVideoCodec\isaddon.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - E:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - f:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: Protection Bar - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - E:\Program Files\iVideoCodec\iesplugin.dll
O4 - HKLM\..\Run: [ATIPTA] "E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [NVMixerTray] "E:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] E:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [UpdReg] E:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "f:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [RemoteControl] "f:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SmcService] E:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [AQ3HelperStartUp] E:\PROGRA~1\AQUATI~1\AQ3HEL~1.EXE /partner AQ3
O4 - HKLM\..\Run: [IntelliPoint] "E:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "E:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "E:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mmtask] "E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [scrmailclosepoke] E:\Documents and Settings\All Users\Application Data\clock bash scr mail\Face Dent.exe
O4 - HKCU\..\Run: [MessengerPlus3] "E:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [StoreBend] E:\DOCUME~1\mika\APPLIC~1\LOVELI~1\CITY FRAG.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Xfire.lnk = E:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNfox000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://F:\PROGRA~1\office\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://angelpiippo.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {85A3DA41-6BA0-4084-A17A-EB479219FCEE} (soPicOrder2Lib.soPicOrder2) - http://kuvapalvelu.luukku.com/399/MTV3_Kuvapalvelu.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {96EB39C1-EE09-4720-99F3-4DD1C703D0BD} (soXmasPicOrd.soPicOrder2) - http://citymarket.softers.net/ax/522/Eiri_korttikone.CAB
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D344C749-3B8F-4627-B827-1436945209FF}: NameServer = 212.50.211.242 212.50.192.226
O18 - Protocol: bw+0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: NavLogon - E:\WINDOWS\system32\NavLogon.dll
O21 - SSODL: ferrateen - {27321538-5739-4aa1-b84c-7d18e4383f1f} - E:\WINDOWS\system32\rrtcany.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: DefWatch - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - E:\Program Files\Sygate\SPF\smc.exe

miten toimin tästä eteenpäin?

 

Moro nasa78. Olet asentanut mese plussan sponsori tuella
Poistamme mese plussan, jotta koneesi puhdistuu ja jos haluat asentaa mese plussan turvallisesti niin -> http://aaxxeell.googlepages.com/messengerplus!opasturvalliseenasentamiseen.

Poista Lisää/Poista sovelluksesta:
MessengerPlus3
AQ3HelperStartUp

Lataa NoLop työpöydällesi yhdestä seuraavista linkeistä...
Linkki 1
Linkki 2
Linkki 3
Sulje kaikki ohjelmat, koska tämä vaihe vaatii uudelleenkäynnistyksen
Tuplaklikkaa NoLop.exe ajaaksesi sen
Kirjoita tai kopioi/liitä huolellisesti seuraava merkkisarja tekstialueeseen, jossa lukee Insert CLSID Here.

{3EB4055F-1EB5-224A-7AB0-5DCC23334F46}

Klikkaa nappulaa "Search and Destroy"
<<Tietokoneesi skannataan saastuneiden tiedostojen osalta>>
Kun skannaus on valmis, sinua pyydetään käynnistämään kone uudestaan, jos infektio löytyy. Klikkaa OK
Klikkaa "REBOOT"-painiketta.
NoLopin pitäisi antaa viesti. Jos ei, tuplaklikkaa ohjelmaa ja se valmistuu. Lähetä C:\NoLop.log-tiedoston sisältö uuden HijackThis-lokin kera.

Jos saat seuraavan virheen, "mscomctl.ocx or one of its dependencies are not correctly registered," lataa mscomctl.ocx ja tallenna se system32-hakemistoosi (yleensä c:\Windows\system32). Tämän jälkeen aja ohjelma uudestaan.

Lataa SmitfraudFix (c) S!Ri
Pura sisältö (kansio nimeltä SmitfraudFix) työpöydällesi:

Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita tämän tekstitiedoston sisältö viestiketjuusi.

1. Lataa combofix.exe tiedosto työpöydällesi.
2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

Fixaa HjT:llä (Do a system scan only, merkkaa ja paina fix checked)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.xyqshteffivzett.com/oRIsW2zBp...1wZRZVsYXWI.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nypjalrzpttatkkmytnurl.com/oRIsW2...1CAA6EWIko.html
O2 - BHO: (no name) - {3EB4055F-1EB5-224A-7AB0-5DCC23334F46} - E:\DOCUME~1\mika\APPLIC~1\DRAWGL~1\army save.exe
O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - E:\Program Files\iVideoCodec\isaddon.dll
O3 - Toolbar: Protection Bar - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - E:\Program Files\iVideoCodec\iesplugin.dll
O4 - HKLM\..\Run: [AQ3HelperStartUp] E:\PROGRA~1\AQUATI~1\AQ3HEL~1.EXE /partner AQ3
O4 - HKLM\..\Run: [MessengerPlus3] "E:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [scrmailclosepoke] E:\Documents and Settings\All Users\Application Data\clock bash scr mail\Face Dent.exe
O4 - HKCU\..\Run: [MessengerPlus3] "E:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [StoreBend] E:\DOCUME~1\mika\APPLIC~1\LOVELI~1\CITY FRAG.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNfox000
O21 - SSODL: ferrateen - {27321538-5739-4aa1-b84c-7d18e4383f1f} - E:\WINDOWS\system32\rrtcany.dll

Laita piilotiedostot näkyviin -> Ohje!
Käynnistä kone vikasietotilaan -> Ohje!

Poista seuraavat kansiot:
E:\DOCUME~1\mika\APPLIC~1\DRAWGL~1
E:\PROGRA~1\AQUATI~1
E:\Program Files\MessengerPlus! 3
E:\Documents and Settings\All Users\Application Data\clock bash scr mail
E:\DOCUME~1\mika\APPLIC~1\LOVELI~1

Käynnistä kone normaalitilaan!

Laita piilotiedostot takaisin piiloon.

Hae AVG Anti-Spyware -> http://aaxxeell.googlepages.com/ewido4
Päivitä, Scannaa, Poista löydöt ja tallenna raportti.

Lähetä uusi HjT-loki, C:\NoLop.log, Smitfraud-loki, C:\Combofix.txt ja AVG:n raportti.

 

NoLop! Log by Skate_Punk_21

Please Note: any existing old logs will have now been renamed to NoLop!OLD.log

Fix running from: E:\Documents and Settings\mika\Työpöytä
[4.11.2006]
[2:59:54]

---Infection Files Found/Removed---
E:\Documents and Settings\mika\Application Data\DrawGlobal\army save.exe
E:\Documents and Settings\All Users\Application Data\clock bash scr mail\Boobmapi.exe
E:\Documents and Settings\All Users\Application Data\clock bash scr mail\City Browse.exe
E:\Documents and Settings\All Users\Application Data\clock bash scr mail\Face Dent.exe
E:\Documents and Settings\All Users\Application Data\clock bash scr mail\free does.exe
E:\Documents and Settings\All Users\Application Data\clock bash scr mail\GRID MAIL.exe
E:\Documents and Settings\All Users\Application Data\clock bash scr mail\Manager boob.exe
E:\Documents and Settings\All Users\Application Data\clock bash scr mail\Mode Draw.exe
E:\Documents and Settings\All Users\Application Data\clock bash scr mail\okay bib.exe
E:\Documents and Settings\All Users\Application Data\clock bash scr mail\PingFrag.exe
E:\Documents and Settings\All Users\Application Data\clock bash scr mail\TransReal.exe
E:\WINDOWS\tasks\AE5BECA591849D51.job

Beginning Removal...
Rebooting...

Beginning Removal...
Rebooting...

Beginning Removal...
Rebooting...

Beginning Removal...
Rebooting...

Beginning Removal...
Rebooting...

Beginning Removal...
Rebooting...
Removing Lop's Leftover Files/Folders...
Editing Registry...
**Fix Complete!**

---Listing AppData sub directories---

E:\Documents and Settings\All Users\Application Data\Adobe
E:\Documents and Settings\All Users\Application Data\Clock Bash Scr Mail
E:\Documents and Settings\All Users\Application Data\Cyberlink
E:\Documents and Settings\All Users\Application Data\Genimap
E:\Documents and Settings\All Users\Application Data\Messenger Plus!
E:\Documents and Settings\All Users\Application Data\Microsoft
E:\Documents and Settings\All Users\Application Data\Msn6
E:\Documents and Settings\All Users\Application Data\Quicktime
E:\Documents and Settings\All Users\Application Data\Skype -- EMPTY Directory
E:\Documents and Settings\All Users\Application Data\Symantec
E:\Documents and Settings\All Users\Application Data\Trymedia
E:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
E:\Documents and Settings\Default User\Application Data\Microsoft
E:\Documents and Settings\Localservice\Application Data\Help -- EMPTY Directory
E:\Documents and Settings\Localservice\Application Data\Microsoft
E:\Documents and Settings\Mika\Application Data\Adobe
E:\Documents and Settings\Mika\Application Data\Adobeum
E:\Documents and Settings\Mika\Application Data\Ahead
E:\Documents and Settings\Mika\Application Data\Ati
E:\Documents and Settings\Mika\Application Data\Cyberlink
E:\Documents and Settings\Mika\Application Data\Drawglobal
E:\Documents and Settings\Mika\Application Data\Eiri Korttikone
E:\Documents and Settings\Mika\Application Data\Fotowire
E:\Documents and Settings\Mika\Application Data\Google
E:\Documents and Settings\Mika\Application Data\Help -- EMPTY Directory
E:\Documents and Settings\Mika\Application Data\Identities
E:\Documents and Settings\Mika\Application Data\Leadertech
E:\Documents and Settings\Mika\Application Data\Locktime
E:\Documents and Settings\Mika\Application Data\Logitech
E:\Documents and Settings\Mika\Application Data\Macromedia
E:\Documents and Settings\Mika\Application Data\Microsoft
E:\Documents and Settings\Mika\Application Data\Mozilla
E:\Documents and Settings\Mika\Application Data\Msn6
E:\Documents and Settings\Mika\Application Data\Musicmatch
E:\Documents and Settings\Mika\Application Data\Real
E:\Documents and Settings\Mika\Application Data\Skype
E:\Documents and Settings\Mika\Application Data\Softers Kuvatilaus
E:\Documents and Settings\Mika\Application Data\Sun
E:\Documents and Settings\Mika\Application Data\Talkback
E:\Documents and Settings\Mika\Application Data\Teamspeak2
E:\Documents and Settings\Mika\Application Data\Xfire
E:\Documents and Settings\Networkservice\Application Data\Microsoft

Logfile of HijackThis v1.99.1
Scan saved at 3:10:34, on 4.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Sygate\SPF\smc.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
F:\hubi\hubi\metsastyshub\YnHub.exe
F:\Program Files\strongDC\StrongDC.exe
E:\PROGRA~1\MOZILL~1\FIREFOX.EXE
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Documents and Settings\mika\Työpöytä\NoLop.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\WINDOWS\system32\NOTEPAD.EXE
E:\hjt\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3EB4055F-1EB5-224A-7AB0-5DCC23334F46} - (no file)
O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - E:\Program Files\iVideoCodec\isaddon.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - E:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - f:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: Protection Bar - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - E:\Program Files\iVideoCodec\iesplugin.dll
O4 - HKLM\..\Run: [ATIPTA] "E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [NVMixerTray] "E:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] E:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [UpdReg] E:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "f:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [RemoteControl] "f:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SmcService] E:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [AQ3HelperStartUp] E:\PROGRA~1\AQUATI~1\AQ3HEL~1.EXE /partner AQ3
O4 - HKLM\..\Run: [IntelliPoint] "E:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "E:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mmtask] "E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [scrmailclosepoke] E:\Documents and Settings\All Users\Application Data\clock bash scr mail\Face Dent.exe
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] E:\WINDOWS\system32\cmd.exe /C "E:\DOCUME~1\mika\LOCALS~1\Temp\MsgPlusUninst.bat"
O4 - HKLM\..\RunOnce: [NoLop] E:\Documents and Settings\mika\Työpöytä\NoLop.exe
O4 - HKCU\..\Run: [StoreBend] E:\DOCUME~1\mika\APPLIC~1\LOVELI~1\CITY FRAG.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Startup: Xfire.lnk = E:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNfox000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://F:\PROGRA~1\office\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://angelpiippo.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {85A3DA41-6BA0-4084-A17A-EB479219FCEE} (soPicOrder2Lib.soPicOrder2) - http://kuvapalvelu.luukku.com/399/MTV3_Kuvapalvelu.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {96EB39C1-EE09-4720-99F3-4DD1C703D0BD} (soXmasPicOrd.soPicOrder2) - http://citymarket.softers.net/ax/522/Eiri_korttikone.CAB
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D344C749-3B8F-4627-B827-1436945209FF}: NameServer = 212.50.211.242 212.50.192.226
O18 - Protocol: bw+0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: NavLogon - E:\WINDOWS\system32\NavLogon.dll
O21 - SSODL: ferrateen - {27321538-5739-4aa1-b84c-7d18e4383f1f} - E:\WINDOWS\system32\rrtcany.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: DefWatch - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - E:\Program Files\Sygate\SPF\smc.exe

teinköhän mä ny kaikki oikeeee? oon ihan pihalla auttakee äkkiä...

 

SmitFraudFix v2.119

Scan done at 3:17:03,82, la 04.11.2006
Run from E:\smith\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» E:\


»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system32

E:\WINDOWS\system32\rrtcany.dll FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» E:\Documents and Settings\mika


»»»»»»»»»»»»»»»»»»»»»»»» E:\Documents and Settings\mika\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

E:\DOCUME~1\mika\KYNNIS~1\Ohjelmat\VirusBursters FOUND !
E:\DOCUME~1\ALLUSE~1\KYNNIS~1\Online Security Guide.url FOUND !
E:\DOCUME~1\ALLUSE~1\KYNNIS~1\Security Troubleshooting.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» E:\DOCUME~1\mika\Suosikit


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» E:\Program Files

E:\Program Files\iVideoCodec\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{27321538-5739-4aa1-b84c-7d18e4383f1f}"="ferrateen"

[HKEY_CLASSES_ROOT\CLSID\{27321538-5739-4aa1-b84c-7d18e4383f1f}\InProcServer32]
@="E:\WINDOWS\system32\rrtcany.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{27321538-5739-4aa1-b84c-7d18e4383f1f}\InProcServer32]
@="E:\WINDOWS\system32\rrtcany.dll"



»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

ja tässä olis tämä....

 

mika - 06-11-04 3:19:18,20 Service Pack 2
ComboFix 06.10.19 - Running from: "E:\Documents and Settings\mika"

((((((((((((((((((((((((((((((( Files Created from 2006-10-04 to 2006-11-04 ))))))))))))))))))))))))))))))))))


2006-11-04 03:17 4,202 --a------ E:\WINDOWS\system32\tmp.reg
2006-11-04 03:16 53,248 --a------ E:\WINDOWS\system32\Process.exe
2006-11-04 03:16 40,960 --a------ E:\WINDOWS\system32\swsc.exe
2006-11-04 03:16 288,417 --a------ E:\WINDOWS\system32\SrchSTS.exe
2006-11-04 03:16 135,168 --a------ E:\WINDOWS\system32\swreg.exe
2006-11-02 18:49 106,496 --a------ E:\WINDOWS\system32\rrtcany.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-11-04 02:52 -------- d-------- E:\Documents and Settings\mika\Application Data\Xfire
2006-11-03 21:28 -------- d-------- E:\Program Files\Mozilla Firefox
2006-11-03 07:27 -------- d---s---- E:\Program Files\Xfire
2006-11-02 20:34 -------- d-------- E:\Program Files\iVideoCodec
2006-11-02 18:24 -------- d-------- E:\Program Files\GameShadow
2006-11-02 18:11 -------- d--h----- E:\Program Files\InstallShield Installation Information
2006-11-02 14:26 -------- d---s---- E:\Documents and Settings\mika\Application Data\Microsoft
2006-11-01 17:01 -------- d-------- E:\Program Files\mIRC
2006-09-13 07:03 1084416 --a------ E:\WINDOWS\system32\msxml3.dll
2006-09-06 19:05 -------- d-------- E:\Program Files\MSN Messenger
2006-08-26 10:50 863 --a------ E:\Documents and Settings\mika\Application Data\AdobeDLM.log
2006-08-26 10:50 0 --a------ E:\Documents and Settings\mika\Application Data\dm.ini
2006-08-25 17:49 617472 --a------ E:\WINDOWS\system32\comctl32.dll
2006-08-21 14:44 338 --a------ E:\Documents and Settings\mika\Application Data\AutoGK.ini
2006-08-21 14:26 16896 --a------ E:\WINDOWS\system32\fltlib.dll
2006-08-21 14:06 43668 --a------ E:\WINDOWS\system32\xvid-uninstall.exe
2006-08-21 11:14 23040 --a------ E:\WINDOWS\system32\fltmc.exe
2006-08-16 13:58 100352 --a------ E:\WINDOWS\system32\6to4svc.dll
2006-08-16 11:00 6144 --a------ E:\WINDOWS\system32\ff_vfw.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"PowerBar"=""
"StoreBend"="E:\\DOCUME~1\\mika\\APPLIC~1\\LOVELI~1\\CITY FRAG.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"E:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\""
"LDM"="E:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ATIPTA"="\"E:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"DAEMON Tools-1033"="\"E:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"
"vptray"="E:\\PROGRA~1\\SYMANT~1\\SYMANT~1\\vptray.exe"
"NVMixerTray"="\"E:\\Program Files\\NVIDIA Corporation\\NvMixer\\NVMixerTray.exe\""
"Easy-PrintToolBox"="E:\\Program Files\\Canon\\Easy-PrintToolBox\\BJPSMAIN.EXE /logon"
"QuickTime Task"="\"E:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"UpdReg"="E:\\WINDOWS\\UpdReg.EXE"
"Jet Detection"="\"f:\\Program Files\\Creative\\SBLive\\PROGRAM\\ADGJDet.exe\""
"WINDVDPatch"="CTHELPER.EXE"
"RemoteControl"="\"f:\\Program Files\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\""
"SmcService"="E:\\PROGRA~1\\Sygate\\SPF\\smc.exe -startgui"
"AQ3HelperStartUp"="E:\\PROGRA~1\\AQUATI~1\\AQ3HEL~1.EXE /partner AQ3"
"IntelliPoint"="\"E:\\Program Files\\Microsoft IntelliPoint\\point32.exe\""
"SunJavaUpdateSched"="E:\\Program Files\\Java\\jre1.5.0_04\\bin\\jusched.exe"
"NeroFilterCheck"="E:\\WINDOWS\\system32\\NeroCheck.exe"
"TkBellExe"="\"E:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"MMTray"="\"E:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mm_tray.exe\""
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"mmtask"="\"E:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mmtask.exe\""
"ATICCC"="\"E:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"scrmailclosepoke"="E:\\Documents and Settings\\All Users\\Application Data\\clock bash scr mail\\Face Dent.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"MessengerPlusUninstall"="E:\\WINDOWS\\system32\\cmd.exe /C \"E:\\DOCUME~1\\mika\\LOCALS~1\\Temp\\MsgPlusUninst.bat\""
"NoLop"="E:\\Documents and Settings\\mika\\Työpöytä\\NoLop.exe"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,20,01,00,00,00,00,00,00,80,04,00,00,48,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="E:\\WINDOWS\\System32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="E:\\WINDOWS\\System32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{27321538-5739-4aa1-b84c-7d18e4383f1f}"="ferrateen"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"isamonitor.exe"="E:\\Program Files\\iVideoCodec\\isamonitor.exe"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"ferrateen"="{27321538-5739-4aa1-b84c-7d18e4383f1f}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
E:\WINDOWS\tasks\AE5BECA591849D51.job

Completion time: 06-11-04 3:19:46.48
E:\ComboFix.txt ... 06-11-04 03:19

 

nyt olen kaikki suorittanut ja tässä kaikki logit:

Logfile of HijackThis v1.99.1
Scan saved at 5:23:42, on 4.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Sygate\SPF\smc.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
E:\WINDOWS\system32\CTHELPER.EXE
F:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
E:\Program Files\Microsoft IntelliPoint\point32.exe
E:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
E:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
F:\hubi\hubi\metsastyshub\YnHub.exe
E:\Program Files\No-IP\DUC20.exe
F:\Program Files\strongDC\StrongDC.exe
E:\hjt\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - E:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - f:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] "E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [NVMixerTray] "E:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] E:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [UpdReg] E:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "f:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [RemoteControl] "f:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SmcService] E:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [IntelliPoint] "E:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "E:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mmtask] "E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Startup: Xfire.lnk = E:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://F:\PROGRA~1\office\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://angelpiippo.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {85A3DA41-6BA0-4084-A17A-EB479219FCEE} (soPicOrder2Lib.soPicOrder2) - http://kuvapalvelu.luukku.com/399/MTV3_Kuvapalvelu.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {96EB39C1-EE09-4720-99F3-4DD1C703D0BD} (soXmasPicOrd.soPicOrder2) - http://citymarket.softers.net/ax/522/Eiri_korttikone.CAB
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D344C749-3B8F-4627-B827-1436945209FF}: NameServer = 212.50.211.242 212.50.192.226
O18 - Protocol: bw+0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: NavLogon - E:\WINDOWS\system32\NavLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - E:\Program Files\Sygate\SPF\smc.exe

NoLop! Log by Skate_Punk_21

Fix running from: E:\Documents and Settings\mika\Työpöytä
[4.11.2006]
[5:27:26]

---Infection Files Found/Removed---
NO INFECTION FILES FOUND - Cleaning Aborted.

---Listing AppData sub directories---

E:\Documents and Settings\All Users\Application Data\Adobe
E:\Documents and Settings\All Users\Application Data\Cyberlink
E:\Documents and Settings\All Users\Application Data\Genimap
E:\Documents and Settings\All Users\Application Data\Messenger Plus!
E:\Documents and Settings\All Users\Application Data\Microsoft
E:\Documents and Settings\All Users\Application Data\Msn6
E:\Documents and Settings\All Users\Application Data\Quicktime
E:\Documents and Settings\All Users\Application Data\Skype -- EMPTY Directory
E:\Documents and Settings\All Users\Application Data\Symantec
E:\Documents and Settings\All Users\Application Data\Trymedia
E:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
E:\Documents and Settings\Default User\Application Data\Microsoft
E:\Documents and Settings\Localservice\Application Data\Help -- EMPTY Directory
E:\Documents and Settings\Localservice\Application Data\Microsoft
E:\Documents and Settings\Mika\Application Data\Adobe
E:\Documents and Settings\Mika\Application Data\Adobeum
E:\Documents and Settings\Mika\Application Data\Ahead
E:\Documents and Settings\Mika\Application Data\Ati
E:\Documents and Settings\Mika\Application Data\Cyberlink
E:\Documents and Settings\Mika\Application Data\Eiri Korttikone
E:\Documents and Settings\Mika\Application Data\Fotowire
E:\Documents and Settings\Mika\Application Data\Google
E:\Documents and Settings\Mika\Application Data\Help -- EMPTY Directory
E:\Documents and Settings\Mika\Application Data\Identities
E:\Documents and Settings\Mika\Application Data\Leadertech
E:\Documents and Settings\Mika\Application Data\Locktime
E:\Documents and Settings\Mika\Application Data\Logitech
E:\Documents and Settings\Mika\Application Data\Macromedia
E:\Documents and Settings\Mika\Application Data\Microsoft
E:\Documents and Settings\Mika\Application Data\Mozilla
E:\Documents and Settings\Mika\Application Data\Msn6
E:\Documents and Settings\Mika\Application Data\Musicmatch
E:\Documents and Settings\Mika\Application Data\Real
E:\Documents and Settings\Mika\Application Data\Skype
E:\Documents and Settings\Mika\Application Data\Softers Kuvatilaus
E:\Documents and Settings\Mika\Application Data\Sun
E:\Documents and Settings\Mika\Application Data\Talkback
E:\Documents and Settings\Mika\Application Data\Teamspeak2
E:\Documents and Settings\Mika\Application Data\Xfire
E:\Documents and Settings\Networkservice\Application Data\Microsoft


SmitFraudFix v2.119

Scan done at 5:29:38,96, la 04.11.2006
Run from E:\smith\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» E:\


»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system32

E:\WINDOWS\system32\rrtcany.dll FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» E:\Documents and Settings\mika


»»»»»»»»»»»»»»»»»»»»»»»» E:\Documents and Settings\mika\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

E:\DOCUME~1\mika\KYNNIS~1\Ohjelmat\VirusBursters FOUND !
E:\DOCUME~1\ALLUSE~1\KYNNIS~1\Online Security Guide.url FOUND !
E:\DOCUME~1\ALLUSE~1\KYNNIS~1\Security Troubleshooting.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» E:\DOCUME~1\mika\Suosikit


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» E:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{27321538-5739-4aa1-b84c-7d18e4383f1f}"="ferrateen"



»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End


mika - 06-11-04 5:30:54,75 Service Pack 2
ComboFix 06.10.19 - Running from: "E:\Documents and Settings\mika\Ty”p”yt„"

((((((((((((((((((((((((((((((( Files Created from 2006-10-04 to 2006-11-04 ))))))))))))))))))))))))))))))))))


2006-11-04 05:27 106 --a------ E:\delete.bat
2006-11-04 04:18 3,968 --a------ E:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-04 03:17 4,026 --a------ E:\WINDOWS\system32\tmp.reg
2006-11-04 03:16 53,248 --a------ E:\WINDOWS\system32\Process.exe
2006-11-04 03:16 40,960 --a------ E:\WINDOWS\system32\swsc.exe
2006-11-04 03:16 288,417 --a------ E:\WINDOWS\system32\SrchSTS.exe
2006-11-04 03:16 135,168 --a------ E:\WINDOWS\system32\swreg.exe
2006-11-02 18:49 106,496 --a------ E:\WINDOWS\system32\rrtcany.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-11-04 04:38 -------- d-------- E:\Documents and Settings\mika\Application Data\Xfire
2006-11-04 04:18 -------- d-------- E:\Program Files\Grisoft
2006-11-04 04:02 -------- d-------- E:\Program Files\Mozilla Firefox
2006-11-04 03:43 -------- d---s---- E:\Program Files\Xfire
2006-11-02 18:24 -------- d-------- E:\Program Files\GameShadow
2006-11-02 18:11 -------- d--h----- E:\Program Files\InstallShield Installation Information
2006-11-02 14:26 -------- d---s---- E:\Documents and Settings\mika\Application Data\Microsoft
2006-11-01 17:01 -------- d-------- E:\Program Files\mIRC
2006-09-13 07:03 1084416 --a------ E:\WINDOWS\system32\msxml3.dll
2006-09-06 19:05 -------- d-------- E:\Program Files\MSN Messenger
2006-08-26 10:50 863 --a------ E:\Documents and Settings\mika\Application Data\AdobeDLM.log
2006-08-26 10:50 0 --a------ E:\Documents and Settings\mika\Application Data\dm.ini
2006-08-25 17:49 617472 --a------ E:\WINDOWS\system32\comctl32.dll
2006-08-21 14:44 338 --a------ E:\Documents and Settings\mika\Application Data\AutoGK.ini
2006-08-21 14:26 16896 --a------ E:\WINDOWS\system32\fltlib.dll
2006-08-21 14:06 43668 --a------ E:\WINDOWS\system32\xvid-uninstall.exe
2006-08-21 11:14 23040 --a------ E:\WINDOWS\system32\fltmc.exe
2006-08-16 13:58 100352 --a------ E:\WINDOWS\system32\6to4svc.dll
2006-08-16 11:00 6144 --a------ E:\WINDOWS\system32\ff_vfw.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"PowerBar"=""
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"E:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\""
"LDM"="E:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ATIPTA"="\"E:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"DAEMON Tools-1033"="\"E:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"
"vptray"="E:\\PROGRA~1\\SYMANT~1\\SYMANT~1\\vptray.exe"
"NVMixerTray"="\"E:\\Program Files\\NVIDIA Corporation\\NvMixer\\NVMixerTray.exe\""
"Easy-PrintToolBox"="E:\\Program Files\\Canon\\Easy-PrintToolBox\\BJPSMAIN.EXE /logon"
"QuickTime Task"="\"E:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"UpdReg"="E:\\WINDOWS\\UpdReg.EXE"
"Jet Detection"="\"f:\\Program Files\\Creative\\SBLive\\PROGRAM\\ADGJDet.exe\""
"WINDVDPatch"="CTHELPER.EXE"
"RemoteControl"="\"f:\\Program Files\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\""
"SmcService"="E:\\PROGRA~1\\Sygate\\SPF\\smc.exe -startgui"
"IntelliPoint"="\"E:\\Program Files\\Microsoft IntelliPoint\\point32.exe\""
"SunJavaUpdateSched"="E:\\Program Files\\Java\\jre1.5.0_04\\bin\\jusched.exe"
"NeroFilterCheck"="E:\\WINDOWS\\system32\\NeroCheck.exe"
"TkBellExe"="\"E:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"MMTray"="\"E:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mm_tray.exe\""
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"mmtask"="\"E:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mmtask.exe\""
"ATICCC"="\"E:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"!AVG Anti-Spyware"="\"E:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,20,01,00,00,00,00,00,00,80,04,00,00,48,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="E:\\WINDOWS\\System32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="E:\\WINDOWS\\System32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{27321538-5739-4aa1-b84c-7d18e4383f1f}"="ferrateen"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"isamonitor.exe"="E:\\Program Files\\iVideoCodec\\isamonitor.exe"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"



~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20061104-033458-345
O21 - SSODL: ferrateen - {27321538-5739-4aa1-b84c-7d18e4383f1f} - E:\WINDOWS\system32\rrtcany.dll
backup-20061104-033458-285
O3 - Toolbar: Protection Bar - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - E:\Program Files\iVideoCodec\iesplugin.dll
backup-20061104-033458-217
O4 - HKLM\..\Run: [scrmailclosepoke] E:\Documents and Settings\All Users\Application Data\clock bash scr mail\Face Dent.exe
backup-20061104-033458-352
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNfox000
backup-20061104-033458-395
O4 - HKLM\..\Run: [AQ3HelperStartUp] E:\PROGRA~1\AQUATI~1\AQ3HEL~1.EXE /partner AQ3
backup-20061104-033458-484
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] E:\WINDOWS\system32\cmd.exe /C "E:\DOCUME~1\mika\LOCALS~1\Temp\MsgPlusUninst.bat"
backup-20061104-033458-683
O4 - HKCU\..\Run: [StoreBend] E:\DOCUME~1\mika\APPLIC~1\LOVELI~1\CITY FRAG.exe
backup-20061104-033458-686
O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - E:\Program Files\iVideoCodec\isaddon.dll
backup-20061104-033458-990
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
backup-20061104-033458-907
O2 - BHO: (no name) - {3EB4055F-1EB5-224A-7AB0-5DCC23334F46} - (no file)
Completion time: 06-11-04 5:31:27.01
E:\ComboFix.txt ... 06-11-04 05:31

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:21:30 4.11.2006

+ Scan result:



HKLM\SOFTWARE\Gator.com -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\CMEII -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\CMEII\GSNUninstalled -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\GInternet -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\GInternet\Proxy -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gi -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_trickle -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_ts -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Security Add-On -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-484763869-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-484763869-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8BF5B8FC-11CB-409F-8C91-4D4CA04A1B6D} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Security Plugin 2006 -> Adware.IntCodec : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03 -> Adware.IntCodec : Cleaned with backup (quarantined).
HKU\S-1-5-21-484763869-1960408961-725345543-1003\Software\Internet Security -> Adware.IntCodec : Cleaned with backup (quarantined).
E:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : Cleaned with backup (quarantined).
E:\RECYCLER\S-1-5-21-484763869-1960408961-725345543-1003\De4\pmsngr.exe -> Downloader.Zlob.auc : Cleaned with backup (quarantined).
E:\RECYCLER\S-1-5-21-484763869-1960408961-725345543-1003\De4\isaddon.dll -> Downloader.Zlob.aue : Cleaned with backup (quarantined).
E:\RECYCLER\S-1-5-21-484763869-1960408961-725345543-1003\De4\isamonitor.exe -> Downloader.Zlob.aue : Cleaned with backup (quarantined).
E:\System Volume Information\_restore{99667912-AB11-49B4-86A2-A5E851B40D75}\RP567\A0127922.dll -> Downloader.Zlob.aue : Cleaned with backup (quarantined).
E:\System Volume Information\_restore{99667912-AB11-49B4-86A2-A5E851B40D75}\RP567\A0128040.dll -> Downloader.Zlob.aue : Cleaned with backup (quarantined).
E:\hjt\backups\backup-20061104-033458-686.dll -> Downloader.Zlob.aue : Cleaned with backup (quarantined).
E:\Documents and Settings\mika\Local Settings\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\Cache\B23E4567d01 -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned with backup (quarantined).
:mozilla.664:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.665:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.222:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.223:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.224:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.225:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.226:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.227:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.231:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.256:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.440:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.553:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
E:\Documents and Settings\mika\Cookies\mika@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.161:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.162:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.372:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.373:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.374:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
E:\Documents and Settings\NetworkService\Cookies\mika@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.13:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.17:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.49:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.50:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.159:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.160:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.162:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.80:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.81:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.82:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.83:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.84:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.85:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.86:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.296:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.39:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
E:\Documents and Settings\mika\Cookies\mika@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.394:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
E:\Documents and Settings\NetworkService\Cookies\mika@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.314:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.315:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.618:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.619:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.244:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.245:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.562:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.112:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.416:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.533:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.151:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.315:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.18:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.70:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
E:\Documents and Settings\NetworkService\Cookies\mika@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
E:\Documents and Settings\mika\Cookies\mika@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.299:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Etracker : Cleaned.
:mozilla.772:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.207:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.208:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.337:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
E:\Documents and Settings\NetworkService\Cookies\mika@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.755:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Gamershell : Cleaned.
:mozilla.756:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Gamershell : Cleaned.
:mozilla.674:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.675:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.114:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.121:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.196:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.255:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.335:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.116:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.117:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.118:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.233:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.234:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.240:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.241:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.288:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.289:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.291:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.413:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.421:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.472:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.473:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.488:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.489:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.490:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.491:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.807:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.146:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
E:\Documents and Settings\mika\Cookies\mika@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.166:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.167:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.168:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.709:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.313:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned.
:mozilla.395:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.396:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.397:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.398:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.252:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.253:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.145:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.146:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.123:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.124:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.125:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.126:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.127:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.128:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.129:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.131:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
E:\Documents and Settings\mika\Cookies\mika@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.235:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.375:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.339:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.340:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.341:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.342:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.343:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.364:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.351:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.352:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.660:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.661:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.735:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.736:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.737:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.574:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.44:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.45:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.46:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.47:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.48:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.49:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.50:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.51:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.52:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.53:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.54:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.55:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.56:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.57:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.58:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.59:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.60:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.61:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.77:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.78:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.79:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.80:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.311:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.313:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.758:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.759:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.792:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.10:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.11:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.12:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.137:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.139:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.140:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.141:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.8:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.9:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.622:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.623:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.312:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.650:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.322:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.442:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.767:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
E:\Documents and Settings\NetworkService\Cookies\mika@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.316:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.317:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.318:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.319:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.320:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.321:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.210:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.388:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.84:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.85:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.147:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.148:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.246:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.248:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.249:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.250:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.251:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.252:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.253:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
E:\Documents and Settings\mika\Cookies\mika@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.251:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.361:F:\Program Files\firefox kansio\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.62:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.63:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.64:E:\Documents and Settings\mika\Application Data\Mozilla\Firefox\Profiles\6665krwu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
E:\Documents and Settings\mika\Cookies\mika@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.


::Report end

 

en ole ihan varma et onko tämä nyt tällä selvä ja onnistunut homma, mut näyttäs ainaki tällähetkellä et toi ärsyttävä mainosohjelma katos koneelta...
kiitos näistä neuvoista jo tässä vaiheessa, kertokaa jos täytyy vielä jotain tehdä

 

Moro, hommat jatkuu

Printtaa ohjeet ulos.

Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi.

Kun vikasietotilassa, avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #2 - Clean kirjoittamalla 2 ja painamalla "Enter" poistaaksesi tarttuneet tiedostot.

Sinulta kysytään: "Registry cleaning - Do you want to clean the registry ?"; vastaa "Yes" kirjoittamalla Y ja paina "Enter" poistaaksesi työpöydän taustakuvan ja puhdistaaksesi tarttuneet rekisteriavaimet.

Työkalu tarkistaa jos wininet.dll on tarttunut. Sinua saatetaan pyytää korvaamaan tarttunut .dll (jos löytyy); vastaa "Yes" kirjoittamalla Y ja painamalla "Enter".

Työkalun saattaa tarvita käynnistää kone uudelleen; jos ei tee niin, käynnistä normaaliin Windowsiin.
Tekstitiedosto ilmestyy, puhdistusprosessin jäljiltä; kopioi & liitä tämän raportin tulokset vastaukseesi.
Raportti löytyy paikalliselta levyltäsi, useimmiten C:\rapport.txt.

Varoitus : Ajamalla optio 2:n EI-tarttuneessa tietokoneessa, poistaa sinun työpöytäsi taustakuvan.

Käynnistä kone normaalitilaan!

Lataa Ccleaner täältä!
Putsaa Ccleanerilla: Väliaikasitiedostot/turhat tiedostot ja korjaa rekisteri virheet. Ccleaner opas!

Lähetä uusi HjT-loki ja C:\rapport.txt.

 

SmitFraudFix v2.119

Scan done at 10:38:31,85, la 04.11.2006
Run from E:\smith\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{27321538-5739-4aa1-b84c-7d18e4383f1f}"="ferrateen"


»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

E:\WINDOWS\system32\rrtcany.dll Deleted
E:\DOCUME~1\mika\KYNNIS~1\Ohjelmat\VirusBursters Deleted
E:\DOCUME~1\ALLUSE~1\KYNNIS~1\Online Security Guide.url Deleted
E:\DOCUME~1\ALLUSE~1\KYNNIS~1\Security Troubleshooting.url Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End

Logfile of HijackThis v1.99.1
Scan saved at 11:17:48, on 4.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Sygate\SPF\smc.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\D-Tools\daemon.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
E:\Program Files\QuickTime\qttask.exe
E:\WINDOWS\system32\CTHELPER.EXE
F:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
E:\Program Files\Microsoft IntelliPoint\point32.exe
E:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
E:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
E:\Program Files\MSN Messenger\msnmsgr.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
E:\Program Files\Xfire\Xfire.exe
E:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\No-IP\DUC20.exe
F:\hubi\hubi\metsastyshub\YnHub.exe
F:\Program Files\strongDC\StrongDC.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\WINDOWS\system32\NOTEPAD.EXE
E:\hjt\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - E:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - f:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] "E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [NVMixerTray] "E:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] E:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [UpdReg] E:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "f:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [RemoteControl] "f:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SmcService] E:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [IntelliPoint] "E:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] "E:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mmtask] "E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Xfire.lnk = E:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://f:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://F:\PROGRA~1\office\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{D344C749-3B8F-4627-B827-1436945209FF}: NameServer = 212.50.211.242 212.50.192.226
O18 - Protocol: bw+0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {9BD882E2-70E6-4B76-9EA4-AD6A831C1B24} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: NavLogon - E:\WINDOWS\system32\NavLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - E:\Program Files\Sygate\SPF\smc.exe

tässä oli nämä viimoiset reportit, jokos nyt olis kone vihdoin siivottu

 

HjT-loki on puhdas, mutta päivitä java:
Uusin java on: Java Runtime Environment Version 5.0 Update 9

Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
Niissä pitäisi olla seuraava kuva vieressä:
Valitse kaikki entiset Java versiosi ja valitse Poista.
Asenna uusin Java päivitys seuraavasta linkistä..
Käynnistä kone uudelleen asennuksen jälkeen:

http://java.sun.com/javase/downloads/index.jsp

Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).
Temporary Internet Files -osion alla, klikkaa Delete Files nappia.
Varmista että kaikki kolme valintaa ovat rastitettuja:

Downloaded Applets
Downloaded Applications
Other Files

Klikkaa OK "Delete Temporary Internet Files" -ikkunassasi.
Huomaa: Tämä poistaa kaikki ladatut sovellukset ja appletit VÄLIMUISTISTA.
Klikkaa OK jättääksesi Java asetusikkunasi.