1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

ihme työkalupalkki...miten pois

Viestiketju Virukset ja haittaohjelmat -osiossa. Ketjun avasi terhi4100 15.09.2005.

  1. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Loki näyttää hyvältä, mutta jollet saanut noita tiedostoja edellä poistettua, niin täytyy varmaan ajaa eScan :( Se löytyy tuolta -> http://koti.mbnet.fi/pattaya1/escanmwav.htm Siellä on täydelliset ohjeet. Scanni voi kestää tunnista kahteen. Lähetä sen loki tänne scannin jälkeen, eli näin

    [​IMG]

    Maalaa ne kaikki rivit siitä Virus Log Information-kohdasta, sitten paina ctrl+c ja liitä tänne palstalle painamalla ctrl+v
     
  2.  
  3. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    File C:\Documents and Settings\All Users\Application Data\Army platform clock error\Bias Funk.exe tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\Documents and Settings\Reijo\Local Settings\Temp\tmgbfgmn.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\4CD949D7.dctmp infected by "P2P-Worm.Win32.Tibick.d" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\4D9D20FF.dctmp infected by "P2P-Worm.Win32.Tibick.d" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\4E090A88.dctmp infected by "P2P-Worm.Win32.Tibick.d" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\51E96644.dctmp infected by "P2P-Worm.Win32.Tibick.d" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\32A341BF.dctmp infected by "P2P-Worm.Win32.Tibick.d" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\32B73DAA.dctmp infected by "P2P-Worm.Win32.Tibick.d" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\6FF247E6 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\3B826AF7 tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\07AA1288 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\6FF571E2 tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\014A48F6 tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\2FF521DF tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\74A06B4E tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\411F3E0E tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\6FF91BDF tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\471226F6 infected by "Trojan-Downloader.Win32.Swizzor.dc" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\58403136 infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\00C95FDF infected by "Trojan-Downloader.Win32.Swizzor.dc" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\019E260A tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\6FFC45DB tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\0CDA04F5 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\008A408C infected by "Trojan-Downloader.Win32.Swizzor.dj" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\0CF15470 infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\421E0E06 infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\6FFF6FD7 infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\52A362F4 infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\28D54FE3 infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\191A4900 infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\029E7602 tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\06917261 infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\700219D4 infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\186B40F4 infected by "Trojan-Downloader.Win32.Swizzor.co" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\511F5F3A tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\25423D91 tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\431D5DFE tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\700643D0 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\5E331EF3 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\796A6E91 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\316B3222 infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\039D45FA infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\70096DCD tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\23FB7CF2 infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\21B47DE7 infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\3D9326B3 tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\441C2DF6 infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\700C17C9 tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\69C35AF2 tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\49FF0D3E tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\49BC1B43 tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\049C15F2 infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\700F41C5 infected by "Trojan-Downloader.Win32.Swizzor.dc" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\2F8C38F1 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\724A1C95 tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\55E40FD4 tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\451C7DEE tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\70136BC2 tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\755416F0 tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\1A942BEC tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\620C0465 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\059B65EA tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\701615BE tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\3B1C74F0 infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\42DF3B42 infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\6E3578F5 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\461B4DE5 infected by "Trojan-Downloader.Win32.Swizzor.co" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\70193FBB tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\00E452EF infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\6B294A99 infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\7A5D6D86 infected by "Trojan-Downloader.Win32.Swizzor.co" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\069A35E1 tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\01F273C2 tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\31404128 tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\701D69B7 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\46AC30EE infected by "Trojan-Downloader.Win32.Swizzor.co" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\137459F0 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\06866217 infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\702013B3 infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\0C740EEE tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\3BBE6946 infected by "Trojan-Downloader.Win32.Swizzor.co" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\12AE56A8 tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\079A05D9 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\00CA741A tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\70233DB0 tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\523D6CED infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP358\A0094759.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP358\A0094760.exe infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP358\A0094780.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095584.exe infected by "Trojan-Downloader.Win32.Swizzor.dc" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095585.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095586.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095587.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095588.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095589.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095590.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095591.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095592.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095593.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095594.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095595.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095712.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095713.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095714.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095715.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095716.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095717.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095718.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095719.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095720.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095721.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095722.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095723.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095724.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP360\A0095725.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095838.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095839.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095840.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095841.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095842.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095843.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095844.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095845.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095846.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095847.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095848.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095849.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095850.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095851.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP361\A0095852.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095886.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095932.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095933.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095934.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095935.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095936.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095937.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095938.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095939.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095940.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095941.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095942.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095943.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095944.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095945.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095946.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP363\A0095947.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095974.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095975.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095976.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095977.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095978.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095979.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095980.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095981.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095982.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095983.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095984.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095985.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095986.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095987.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095988.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095989.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP364\A0095990.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096016.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096017.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096018.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096019.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096020.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096021.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096022.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096023.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096024.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096025.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096026.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096027.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096028.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096029.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096030.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096031.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP365\A0096032.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP366\A0096078.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096171.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096172.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096173.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096174.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096175.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096176.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096177.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096178.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096179.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096180.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096181.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096182.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096183.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096184.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096185.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096186.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096187.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096188.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP369\A0096189.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096215.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096216.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096217.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096218.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096219.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096220.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096221.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096222.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096223.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096224.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096225.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096226.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096227.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096228.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096229.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096230.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096231.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096232.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096233.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096251.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096252.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096253.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096254.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096255.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096256.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096257.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096258.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096259.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096260.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096261.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096262.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096263.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096264.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096265.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096266.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096267.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096268.exe tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096269.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096270.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP370\A0096271.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097429.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097470.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097471.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097472.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097473.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097474.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097475.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097476.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097477.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097478.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097479.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097480.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097481.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097482.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097483.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097484.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097485.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097486.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097487.exe tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097488.exe tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097489.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097490.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP374\A0097491.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097615.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097616.exe tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097617.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097618.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097619.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097620.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097621.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097622.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097623.exe tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097624.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097625.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097626.exe tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097627.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097628.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097629.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097630.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097631.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097632.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097633.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097634.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097635.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097636.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097637.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097638.exe tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097639.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097640.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097641.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097642.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097643.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097644.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097645.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097646.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097647.exe tagged as not-a-virus:AdWare.Lop.ab. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097648.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097649.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097650.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097651.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097652.exe tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097653.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097654.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097655.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097656.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097657.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097658.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097659.exe tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097660.exe tagged as not-a-virus:AdWare.Lop.ad. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097661.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097662.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097663.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097664.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097665.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.
    File C:\System Volume Information\_restore{C1B5537B-66CB-42D5-8E63-7560B0192438}\RP377\A0097666.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
     
  4. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    siin ois ja onha noit iha mukava rivi:)
     
  5. ratnunter

    ratnunter Regular member

    Liittynyt:
    09.06.2005
    Viestejä:
    131
    Kiitokset:
    0
    Pisteet:
    26
    laitappa hijackthisistä startuplist loki
    ohje täällä:http://www.bleepingcomputer.com/forums/index.php?showtutorial=42#HTStartupList

    ennen lokin tekoa rastita:
    List also minor sections (full)
    List empty sections (complete)

    siite tallenna loki ja copy pastaa sisältö tänne
     
  6. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    tohon ei taito riitä..mul ei mee tollasee valikkoon hijack:)
     
  7. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    tai menee valikkoon mut jumaa siihen ohjeesee...
     
  8. ratnunter

    ratnunter Regular member

    Liittynyt:
    09.06.2005
    Viestejä:
    131
    Kiitokset:
    0
    Pisteet:
    26
    koitetaas ihan kädestä pitäen:

    avaa hijackthis
    klikkaa go to misc tools section
    sieltä pitäs löytyä kohta generate startuplist, laita rastit noihin ym kohtiin jotta tulee mahdollisimman paljon infoa lokiin
    sitte vaan klikkaa generate startuplist log
    tallenna se ja kopsaa sisältö tänne, se on aika iso loki joten jaa tarvittaessa vaikka kahtia
     
  9. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    mitäs toi lokin lähettäminen hyövyttäs..se ois kiva tietää.ku ei siit lokist voi poistaa mitään..
    mutta kerron sen että kone on nyt muuten selvästi parempi ja se kaivattu haittaohjelmakin lähti pois. KIITOS KEMISTILLE.
     
  10. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    tässä oli se startlist..löytyykö jotain outoo:) StartupList report, 17.9.2005, 10:45:31
    StartupList version: 1.52.2
    Started from : C:\HJT\HijackThis.EXE
    Detected: Windows XP SP2 (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    * Using default options
    * Including empty and uninteresting sections
    * Showing rarely important sections
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\Smc.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\dcfssvc.exe
    C:\Program Files\ewido\security suite\ewidoctrl.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
    C:\Kaspersky\mwavscan.com
    C:\Kaspersky\kavss.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\HJT\HijackThis.exe

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Startup:
    [C:\Documents and Settings\Reijo\Käynnistä-valikko\Ohjelmat\Käynnistys]
    *No files*

    Shell folders AltStartup:
    *Folder not found*

    User shell folders Startup:
    *Folder not found*

    User shell folders AltStartup:
    *Folder not found*

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys]
    WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
    Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    Shell folders Common AltStartup:
    *Folder not found*

    User shell folders Common Startup:
    *Folder not found*

    User shell folders Alternate Common Startup:
    *Folder not found*

    --------------------------------------------------

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*

    [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    *Registry value not found*

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    Cmaudio = RunDll32 cmicnfg.cpl,CMICtrlWnd
    SiSUSBRG = C:\WINDOWS\SiSUSBrg.exe
    zBrowser Launcher = C:\Program Files\Logitech\iTouch\iTouch.exe
    NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
    ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    (Default) =
    QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
    SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    LVCOMSX = C:\WINDOWS\system32\LVCOMSX.EXE
    LogitechVideoRepair = C:\Program Files\Logitech\Video\ISStart.exe
    LogitechVideoTray = C:\Program Files\Logitech\Video\LogiTray.exe
    TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    SmcService = C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui
    NaturalPoint =
    ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    Symantec NetDriver Monitor = C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe
    MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    LogitechSoftwareUpdate = "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    MSMSGS = "C:\Program Files\Messenger\MSMSGS.EXE" /background

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    [OptionalComponents]
    *No values found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*

    --------------------------------------------------

    File association entry for .EXE:
    HKEY_CLASSES_ROOT\exefile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .COM:
    HKEY_CLASSES_ROOT\comfile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .BAT:
    HKEY_CLASSES_ROOT\batfile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .PIF:
    HKEY_CLASSES_ROOT\piffile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .SCR:
    HKEY_CLASSES_ROOT\scrfile\shell\open\command

    (Default) = "%1" /S

    --------------------------------------------------

    File association entry for .HTA:
    HKEY_CLASSES_ROOT\htafile\shell\open\command

    (Default) = C:\WINDOWS\system32\mshta.exe "%1" %*

    --------------------------------------------------

    File association entry for .TXT:
    HKEY_CLASSES_ROOT\txtfile\shell\open\command

    (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

    --------------------------------------------------

    Enumerating Active Setup stub paths:
    HKLM\Software\Microsoft\Active Setup\Installed Components
    (* = disabled by HKCU twin)

    [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

    [>{26923b43-4d38-484f-9b9e-de460746276c}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

    [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
    StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
    StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

    [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

    [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

    [{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\msmsgs.inf,BLC.Install.PerUser

    [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub

    [{7790769C-0471-11d2-AF11-00C04FA35D02}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

    [{89820200-ECBD-11cf-8B85-00AA005B4340}] *
    StubPath = regsvr32.exe /s /n /i:U shell32.dll

    [{89820200-ECBD-11cf-8B85-00AA005B4383}] *
    StubPath = %SystemRoot%\system32\ie4uinit.exe

    --------------------------------------------------

    Enumerating ICQ Agent Autostart apps:
    HKCU\Software\Mirabilis\ICQ\Agent\Apps

    *Registry key not found*

    --------------------------------------------------

    Load/Run keys from C:\WINDOWS\WIN.INI:

    load=*INI section not found*
    run=*INI section not found*

    Load/Run keys from Registry:

    HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\Windows: load=
    HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

    --------------------------------------------------

    Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*

    Shell & screensaver key from Registry:

    Shell=Explorer.exe
    SCRNSAVE.EXE=*Registry value not found*
    drivers=*Registry value not found*

    Policies Shell key:

    HKCU\..\Policies: Shell=*Registry key not found*
    HKLM\..\Policies: Shell=*Registry value not found*

    --------------------------------------------------

    Checking for EXPLORER.EXE instances:

    C:\WINDOWS\Explorer.exe: PRESENT!

    C:\Explorer.exe: not present
    C:\WINDOWS\Explorer\Explorer.exe: not present
    C:\WINDOWS\System\Explorer.exe: not present
    C:\WINDOWS\System32\Explorer.exe: not present
    C:\WINDOWS\Command\Explorer.exe: not present
    C:\WINDOWS\Fonts\Explorer.exe: not present

    --------------------------------------------------

    Checking for superhidden extensions:

    .lnk: HIDDEN! (arrow overlay: yes)
    .pif: HIDDEN! (arrow overlay: yes)
    .exe: not hidden
    .com: not hidden
    .bat: not hidden
    .hta: not hidden
    .scr: not hidden
    .shs: HIDDEN!
    .shb: HIDDEN!
    .vbs: not hidden
    .vbe: not hidden
    .wsh: not hidden
    .scf: HIDDEN! (arrow overlay: NO!)
    .url: HIDDEN! (arrow overlay: yes)
    .js: not hidden
    .jse: not hidden

    --------------------------------------------------

    Verifying REGEDIT.EXE integrity:

    - Regedit.exe found in C:\WINDOWS
    - .reg open command is normal (regedit.exe %1)
    - Regedit.exe has no CompanyName property! It is either missing or named something else.
    - Regedit.exe has no OriginalFilename property! It is either missing or named something else.
    - Regedit.exe has no FileDescription property! It is either missing or named something else.

    Registry check failed!

    --------------------------------------------------

    Enumerating Browser Helper Objects:

    (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
    NAV Helper - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    Symantec NetDetect.job
    Norton AntiVirus - Tarkista tietokone.job
    AFB3E96191849AE1.job
    B2329EAC9099108C.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [Checkers Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
    CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

    [MessengerStatsClient Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
    CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab

    [Office Update Installation Engine]
    InProcServer32 = C:\WINDOWS\opuc.dll
    CODEBASE = http://office.microsoft.com/officeupdate/content/opuc.cab

    [Java Plug-in 1.5.0_02]
    InProcServer32 = C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab

    [MessengerStatsClient Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
    CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

    [MsnMessengerSetupDownloadControl Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx
    CODEBASE = http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

    [ZoneIntro Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\ZIntro.ocx
    CODEBASE = http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

    [CBreakshotControl Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\Banksht2.dll
    CODEBASE = http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab

    [Java Plug-in 1.4.2_06]
    InProcServer32 = C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
    CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

    [Java Plug-in 1.5.0_02]
    InProcServer32 = C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\system32\macromed\flash\Flash.ocx
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    [Solitaire Showdown Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\solitaireshowdown.dll
    CODEBASE = http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab

    --------------------------------------------------

    Enumerating Winsock LSP files:

    NameSpace #1: C:\WINDOWS\System32\mswsock.dll
    NameSpace #2: C:\WINDOWS\System32\winrnr.dll
    NameSpace #3: C:\WINDOWS\System32\mswsock.dll
    Protocol #1: C:\WINDOWS\system32\mswsock.dll
    Protocol #2: C:\WINDOWS\system32\mswsock.dll
    Protocol #3: C:\WINDOWS\system32\mswsock.dll
    Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
    Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
    Protocol #6: C:\WINDOWS\system32\mswsock.dll
    Protocol #7: C:\WINDOWS\system32\mswsock.dll
    Protocol #8: C:\WINDOWS\system32\mswsock.dll
    Protocol #9: C:\WINDOWS\system32\mswsock.dll
    Protocol #10: C:\WINDOWS\system32\mswsock.dll
    Protocol #11: C:\WINDOWS\system32\mswsock.dll
    Protocol #12: C:\WINDOWS\system32\mswsock.dll
    Protocol #13: C:\WINDOWS\system32\mswsock.dll

    --------------------------------------------------

    Enumerating Windows NT/2000/XP services

    Microsoft ACPI Driver: system32\DRIVERS\ACPI.sys (system)
    Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
    AFD: \SystemRoot\System32\drivers\afd.sys (system)
    Hälytys: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    Sovelluskerroksen yhdyskäytäväpalvelu: %SystemRoot%\System32\alg.exe (manual start)
    AMD K7 Processor Driver: system32\DRIVERS\amdk7.sys (system)
    Sovellusten hallinta: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start)
    Standardi IDE/ESDI-kiintolevyohjain: system32\DRIVERS\atapi.sys (system)
    Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)
    ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart)
    ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start)
    ATM ARP Client -protokolla: system32\DRIVERS\atmarpc.sys (manual start)
    Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Audio Stub Driver: system32\DRIVERS\audstub.sys (manual start)
    BITS-tausta-ajo (Background Intelligent Transfer Service): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Tietokoneiden selaus: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Closed Caption Decoder: system32\DRIVERS\CCDECODE.sys (manual start)
    Symantec Event Manager: "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" (autostart)
    Symantec Password Validation: "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe" (manual start)
    Symantec Settings Manager: "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" (autostart)
    CD-ROM-ohjain: system32\DRIVERS\cdrom.sys (system)
    Indeksointipalvelu: %SystemRoot%\system32\cisvc.exe (manual start)
    Leikekirja: %SystemRoot%\system32\clipsrv.exe (disabled)
    C-Media WDM Audio Interface: system32\drivers\cmuda.sys (manual start)
    COM+-järjestelmäsovellus: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
    Salauspalvelut: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Kodak Camera Proxy: system32\DRIVERS\DcCam.sys (system)
    DcFpoint: system32\DRIVERS\DcFpoint.sys (manual start)
    DCFS2K: system32\drivers\dcfs2k.sys (autostart)
    Dcfssvc: %SystemRoot%\system32\drivers\dcfssvc.exe (autostart)
    Legacy Polling Service: system32\DRIVERS\DcLps.sys (manual start)
    DCOM-palvelinprosessin käynnistys: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
    dcptp: system32\DRIVERS\DcPTP.sys (manual start)
    DHCP-asiakas: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Levyohjain: system32\DRIVERS\disk.sys (system)
    Loogisen levyn hallinnan valvontapalvelu: %SystemRoot%\System32\dmadmin.exe /com (manual start)
    dmboot: System32\drivers\dmboot.sys (disabled)
    Loogisen levyn hallinta -ohjain: System32\drivers\dmio.sys (system)
    dmload: System32\drivers\dmload.sys (system)
    Loogisen levyn hallinta: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
    DNS-asiakas: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
    Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
    Virheraportointipalvelut: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Tapahtumaloki: %SystemRoot%\system32\services.exe (autostart)
    COM+-tapahtumajärjestelmä: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start)
    ewido security suite control: C:\Program Files\ewido\security suite\ewidoctrl.exe (autostart)
    ewido security suite driver: \??\C:\Program Files\ewido\security suite\guard.sys (system)
    ewido security suite guard: C:\Program Files\ewido\security suite\ewidoguard.exe (disabled)
    Exportit: system32\DRIVERS\exportit.sys (system)
    Nopean käyttäjän vaihdon yhteensopivuus: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Levykeaseman ohjain: system32\DRIVERS\fdc.sys (manual start)
    Levykeasemaohjain: system32\DRIVERS\flpydisk.sys (manual start)
    FltMgr: system32\DRIVERS\fltMgr.sys (system)
    Volume Manager -ohjain: system32\DRIVERS\ftdisk.sys (system)
    Microsoft Generic AGPv3.0 -suodatin K8-suoritinympäristöjä varten: system32\DRIVERS\gagp30kx.sys (system)
    Game Port Enumerator: system32\DRIVERS\gameenum.sys (manual start)
    Yleinen paketinmääritys: system32\DRIVERS\msgpc.sys (manual start)
    Ohjeet ja tuotetuki: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    HID (Human Interface Device) -liittymä: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    HTTP: System32\Drivers\HTTP.sys (manual start)
    HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
    i8042-näppäimistö ja PS/2-hiiriohjain: system32\DRIVERS\i8042prt.sys (system)
    CD-Burning Filter Driver: system32\DRIVERS\imapi.sys (system)
    CD-levyjen kirjoittamisen IMAPI COM -palvelu: C:\WINDOWS\system32\imapi.exe (manual start)
    Windowsin IPv6-palomuurin ohjain: system32\DRIVERS\Ip6Fw.sys (manual start)
    IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start)
    IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start)
    IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start)
    IPSEC-ohjain: system32\DRIVERS\ipsec.sys (system)
    IR Enumerator Service: system32\DRIVERS\irenum.sys (manual start)
    PnP ISA/EISA -väyläohjain: system32\DRIVERS\isapnp.sys (system)
    iTouch Keyboard Filter: system32\DRIVERS\itchfltr.sys (manual start)
    Näppäimistön luokkaohjain: system32\DRIVERS\kbdclass.sys (system)
    Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
    Palvelin: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Työasema: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    Logitech USB Monitor Filter: system32\drivers\lvusbsta.sys (manual start)
    Machine Debug Manager: "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe" (autostart)
    Viestinvälitys: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
    NetMeeting etätyöpöydän jakaminen: C:\WINDOWS\system32\mnmsrvc.exe (manual start)
    Hiiren luokkaohjain: system32\DRIVERS\mouclass.sys (system)
    WebDav Client Redirector: system32\DRIVERS\mrxdav.sys (manual start)
    MRXSMB: system32\DRIVERS\mrxsmb.sys (system)
    Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start)
    Windows Installer -ohjelma: C:\WINDOWS\system32\msiexec.exe /V (manual start)
    Microsoft Streaming Service -välityspalvelin: system32\drivers\MSKSSRV.sys (manual start)
    Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
    Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
    Microsoft-järjestelmänhallinnan BIOS-ohjain: system32\DRIVERS\mssmbios.sys (manual start)
    Microsoft Streaming Tee/Sink-to-Sink -muunnin: system32\drivers\MSTEE.sys (manual start)
    NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
    Norton AntiVirus -ohjelman automaattinen suojaus: "C:\Program Files\Norton AntiVirus\navapsvc.exe" (autostart)
    NAVENG: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050916.020\NAVENG.Sys (manual start)
    NAVEX15: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050916.020\NavEx15.Sys (manual start)
    Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start)
    Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start)
    NDIS Usermode I/O -protokolla: system32\DRIVERS\ndisuio.sys (manual start)
    Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start)
    NetBIOS-käyttöliittymä: system32\DRIVERS\netbios.sys (system)
    NetBT: system32\DRIVERS\netbt.sys (system)
    Verkon DDE: %SystemRoot%\system32\netdde.exe (disabled)
    Verkon DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled)
    Verkkokirjautuminen: %SystemRoot%\system32\lsass.exe (manual start)
    Verkkoyhteydet: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    NLA-nimiavaruus (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    NT LM -suojaustuen toimittaja: %SystemRoot%\system32\lsass.exe (manual start)
    Siirrettävät tallennusvälineet: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start)
    IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start)
    Rinnakkaisporttiohjain: system32\DRIVERS\parport.sys (manual start)
    PCI Bus Driver: system32\DRIVERS\pci.sys (system)
    PCIIde: system32\DRIVERS\pciide.sys (system)
    Logitech QuickCam Express(PID_0920): system32\DRIVERS\LV532AV.SYS (manual start)
    Plug and Play: %SystemRoot%\system32\services.exe (autostart)
    IPSEC-palvelut: %SystemRoot%\system32\lsass.exe (autostart)
    WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start)
    StarForce Protection Environment Driver v6: \SystemRoot\System32\drivers\prodrv06.sys (system)
    StarForce Protection Helper Driver v2: System32\drivers\prohlp02.sys (system)
    StarForce Protection Synchronization Driver v1: System32\drivers\prosync1.sys (system)
    Suojattu tallennuspaikka: %SystemRoot%\system32\lsass.exe (autostart)
    QoS-paketinajoitus: system32\DRIVERS\psched.sys (manual start)
    Direct Parallel Link Driver: system32\DRIVERS\ptilink.sys (manual start)
    PxHelp20: system32\DRIVERS\PxHelp20.sys (system)
    Remote Access Auto Connection -ohjain: system32\DRIVERS\rasacd.sys (system)
    Remote Access Auto Connection -hallinta: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
    Etäkäytön (RAS) yhteyksienhallinta: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    Remote Access PPPOE Driver: system32\DRIVERS\raspppoe.sys (manual start)
    Suora rinnakkainen: system32\DRIVERS\raspti.sys (manual start)
    Rdbss: system32\DRIVERS\rdbss.sys (system)
    RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
    Terminal Server Device Redirector -ohjain: system32\DRIVERS\rdpdr.sys (manual start)
    Etätyöpöydän ohjeen istunnonhallinta: C:\WINDOWS\system32\sessmgr.exe (manual start)
    Digital CD Audio Playback Filter Driver: system32\DRIVERS\redbook.sys (system)
    Reititys ja etäkäyttö: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
    Etärekisteri: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    Etäproseduurikutsujen (RPC) paikannin: %SystemRoot%\system32\locator.exe (manual start)
    Etäproseduurikutsu (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
    QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start)
    Käyttöoikeustilien hallinta: %SystemRoot%\system32\lsass.exe (autostart)
    SAVRT: \??\C:\Program Files\Norton AntiVirus\SAVRT.SYS (system)
    SAVRTPEL: \??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS (system)
    SAVScan: "C:\Program Files\Norton AntiVirus\SAVScan.exe" (autostart)
    ScriptBlocking Service: C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (autostart)
    Älykortti: %SystemRoot%\System32\SCardSvr.exe (manual start)
    Tehtävien ajoitus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Secdrv: system32\DRIVERS\secdrv.sys (autostart)
    Toissijainen kirjautuminen: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Järjestelmätapahtuman ilmoitus: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Serenum Filter -ohjain: system32\DRIVERS\serenum.sys (manual start)
    Sarjaporttiohjain: system32\DRIVERS\serial.sys (system)
    StarForce Protection Helper Driver: System32\drivers\sfhlp01.sys (system)
    Windowsin palomuuri / Internet-yhteyden jakaminen (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Käyttöliittymän laitteistotunnistus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    SiS AGP Filter: system32\DRIVERS\SISAGPX.sys (system)
    SiS PCI Fast Ethernet Adapter Driver: system32\DRIVERS\sisnic.sys (manual start)
    BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
    Sygate Personal Firewall: C:\Program Files\Sygate\SPF\Smc.exe (autostart)
    Symantec Network Drivers Service: "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" (manual start)
    Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
    Taustatulostusohjain: %SystemRoot%\system32\spoolsv.exe (autostart)
    Järjestelmän palautussuodatin -ohjain: system32\DRIVERS\sr.sys (system)
    Järjestelmän palauttaminen -palvelu: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Srv: system32\DRIVERS\srv.sys (manual start)
    SSDP-palvelu (Simple Service Discovery Protocol): %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    WIA (Windows Image Acquisition): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
    BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
    Ohjelmistoväyläohjain: system32\DRIVERS\swenum.sys (manual start)
    Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
    MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{CB69AE3E-EDAE-4A9E-87BA-888F1345DA91} (manual start)
    SymEvent: \??\C:\Program Files\Symantec\SYMEVENT.SYS (manual start)
    SYMREDRV: \SystemRoot\System32\Drivers\SYMREDRV.SYS (manual start)
    SYMTDI: \SystemRoot\System32\Drivers\SYMTDI.SYS (system)
    SymWMI Service: "C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe" (autostart)
    Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
    Resurssilokit ja -hälytykset: %SystemRoot%\system32\smlogsvc.exe (manual start)
    Puhelin: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    TCP/IP-protokollaohjain: system32\DRIVERS\tcpip.sys (system)
    Teefer for NT: SYSTEM32\Drivers\Teefer.sys (system)
    Päätelaiteohjain: system32\DRIVERS\termdd.sys (system)
    Päätepalvelut: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
    Teemat: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Telnet: C:\WINDOWS\system32\tlntsvr.exe (disabled)
    Tiedostolinkkijäljityksen asiakas: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart)
    Microcode Update -ohjain: system32\DRIVERS\update.sys (manual start)
    Universal Plug & Play -laiteisäntä: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    UPS: %SystemRoot%\System32\ups.exe (manual start)
    Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
    USB2 Enabled Hub: system32\DRIVERS\usbhub.sys (manual start)
    Microsoft USB Open Host Controller Miniport Driver: system32\DRIVERS\usbohci.sys (manual start)
    USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start)
    USB-massamuistiohjain: system32\DRIVERS\USBSTOR.SYS (manual start)
    VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
    Aseman tilannevedos: %SystemRoot%\System32\vssvc.exe (manual start)
    Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start)
    Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
    WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    SyGate for NT, wg3n: \SystemRoot\SYSTEM32\Drivers\wg3n.sys (autostart)
    WMI-palvelu (Windows Management Instrumentation): %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Kannettavan mediasoittimen sarjanumeropalvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    WMI-palvelun ohjainlaajennukset: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    WMI resurssisovitin: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start)
    wpsdrvnt: \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (system)
    Tietoturvakeskus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start)
    Automaattiset päivitykset: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Verkon käyttöönottopalvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)


    --------------------------------------------------

    Enumerating Windows NT logon/logoff scripts:
    *No scripts set to run*

    Windows NT checkdisk command:
    BootExecute = autocheck autochk *

    Windows NT 'Wininit.ini':
    PendingFileRenameOperations: C:\DOCUME~1\Reijo\LOCALS~1\Temp\A~NSISu_.exe


    --------------------------------------------------

    Enumerating ShellServiceObjectDelayLoad items:

    PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
    CDBurn: C:\WINDOWS\system32\SHELL32.dll
    WebCheck: C:\WINDOWS\system32\webcheck.dll
    SysTray: C:\WINDOWS\system32\stobject.dll

    --------------------------------------------------
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

    *Registry key not found*

    --------------------------------------------------

    End of report, 36 872 bytes
    Report generated in 0,140 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
     
  11. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    kertokaa te vää paremmat tietäjät mitä tolle starhuplistalle pitää korjata tehä..mä en oikein älyä tost hijackista ku se on mulle uus ohjelma.:)
     
  12. ratnunter

    ratnunter Regular member

    Liittynyt:
    09.06.2005
    Viestejä:
    131
    Kiitokset:
    0
    Pisteet:
    26
    tosa on syy miks se tulee aina takas

    AFB3E96191849AE1.job
    B2329EAC9099108C.job


    noi scheduked tasksit

    pistän myöhemmin tänänn ohjeita miten noist pääsee eroon, ny o vähä kiire
     
  13. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    okei...hyvä ku autat.:)
     
  14. ratnunter

    ratnunter Regular member

    Liittynyt:
    09.06.2005
    Viestejä:
    131
    Kiitokset:
    0
    Pisteet:
    26
    kopsaa quote boksissa oleva teksti notepadiin, tallenna nimellä
    [bold]deljobs.bat[/bold]
    tallennustyppi [bold]kaikki tiedostot[/bold], muuten se ei toimi

    sitte tuplaklikkaa [bold]deljobs.bat[/bold]

    anna sen pyöriä ja käynnistä uudelleen

    Kysymys, onko koneela useita käyttäjätilejä ?
     
  15. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    2käyttäjää..
     
  16. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    voisitko selittää mahollisimman tarkasti mist löytyy notepadd ja toi mihin pitää talletaa, kun mulla ei nyt oikein toi äly riitä:)ja pitääkö ne kopsata tost startuplistasta:.:)
     
  17. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    nyt muuten tuli semmonen deljops.bat tiedosto ja sen ku avas tuli musta juttu ja se selas jotain...ollaanko vielä jäljillä, mitä neuvoit.
     
  18. ratnunter

    ratnunter Regular member

    Liittynyt:
    09.06.2005
    Viestejä:
    131
    Kiitokset:
    0
    Pisteet:
    26


    hmm laita hijackthis lokit molemmilta käyttäjiltä
    katotaan näkyykö LOPin jälkiä, tsekataan sit molemmilta käyttäjiltä onko lisää noita "jobeja"
     
  19. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    must tuntuu et täl toisel käyttäjä tilil on samat ongelmat mitä mul oli ennen...samat haittaohjelmat...voitteko tsekata pitääkö paikkansa. Logfile of HijackThis v1.99.1
    Scan saved at 11:57:27, on 18.9.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\Smc.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\dcfssvc.exe
    C:\Program Files\ewido\security suite\ewidoctrl.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\PROGRA~1\Sygate\SPF\Smc.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Logitech\Video\ManifestEngine.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\HJT\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ozuvvkbqhxfn.net/dvAU48v9ZBn7xLlukIIgaKV0oNnhYI2_YJT9o9oDh_skMApygqx4jGvc0CoL0JsX.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fhhhhorikgjhiq.com/dvAU48v9ZBnNwdDrls/bcQwztGcqioDCPkrJsih4lIA.cgi
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] \Program\
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Msn Configuration Loader] msngms.exe
    O4 - HKCU\..\Run: [Bore heck] C:\DOCUME~1\m\APPLIC~1\SIZELI~1\Bash4.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe (file missing)
    O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O18 - Protocol: bw+0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {BBDCC13C-3A48-4168-88E1-535DD933E598} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
    O23 - Service: Norton AntiVirus -ohjelman automaattinen suojaus (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

     
  20. terhi4100

    terhi4100 Regular member

    Liittynyt:
    15.09.2005
    Viestejä:
    225
    Kiitokset:
    0
    Pisteet:
    26
    ja outoo ku kone oli vasta nopeampi...mut yhtä äkkiä kone on taas hidaS ainakin käynistäessä....hrrrrrr...MÄ VIHAAN NÄITÄ TIETOKONEITA!!!!!
     
  21. ratnunter

    ratnunter Regular member

    Liittynyt:
    09.06.2005
    Viestejä:
    131
    Kiitokset:
    0
    Pisteet:
    26
    joo, ongelma on se et tooi lop asentaa noi scheduled tasksit, jotka asentaa infktion ain uudestaan vaikka se välillä fiksataankin :(


    fiksaa nämä:
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ozuvvkbqhxfn.net/dvAU48v9ZBn7xLlukIIgaKV0oNnhYI2_YJT9o9oDh...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fhhhhorikgjhiq.com/dvAU48v9ZBnNwdDrls/bcQwztGcqioDCPkr...

    O4 - HKCU\..\Run: [Msn Configuration Loader] msngms.exe
    O4 - HKCU\..\Run: [Bore heck] C:\DOCUME~1\m\APPLIC~1\SIZELI~1\Bash4.exe

    sitte buuttaa vikasietoon ja poista ;

    C:\DOCUME~1\m\APPLIC~1\SIZELI~1<<--tää kansio, sen nimi on pidempi mut se alkaa kirjaimilla SIZELI

    msngms.exe<< tää tiedosto, etsi käyttäen windowsin etsintää ja poista

    laita sit lokit molemmilta käyttäjiltä
     

Jaa tämä sivu