Kone takkuaa

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi Maastis 17.09.2006.

Viestiketjun tila:
Viestiketju on suljettu.
  1. Maastis

    Maastis Member

    Liittynyt:
    26.06.2005
    Viestejä:
    12
    Kiitokset:
    0
    Pisteet:
    11
    VundoFix V6.1.4

    Checking Java version...

    Java version is 1.4.2.5

    Java version is 1.5.0.6

    Scan started at 12:26:55 9.9.2006

    Listing files found while scanning....

    C:\WINDOWS\system32\sdwvavny.exe

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\sdwvavny.exe
    C:\WINDOWS\system32\sdwvavny.exe Has been deleted!

    Performing Repairs to the registry.
    Done!




    Logfile of HijackThis v1.99.1
    Scan saved at 12:51:22, on 9.9.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
    C:\Norman\bin\Zanda.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
    C:\Norman\bin\NJEEVES.EXE
    C:\NORMAN\Nvc\BIN\nipsvc.exe
    C:\NORMAN\Nvc\BIN\nvcoas.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Norman\bin\ZLH.EXE
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Norman\Nvc\BIN\NIP.EXE
    C:\Norman\Nvc\bin\cclaw.exe
    C:\Norman\Npf\BIN\npfmsg2.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Valve\Steam\Steam.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Logitech\SetPoint\KEM.exe
    C:\Program Files\Xfire\Xfire.exe
    C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Documents and Settings\Mixu\Työpöytä\HijackThis_v1.99.1.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.soneraplaza.fi
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja Sonera Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;*.*.fi;*.*.*.fi;<local>;localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O2 - BHO: (no name) - {D0D9C6BA-A6FA-493C-ACC0-18973087EE22} - C:\WINDOWS\system32\mljjh.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
    O4 - HKLM\..\Run: [AlcFDMonitor] C:\WINDOWS\ALCFDRTM.EXE
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [High Definition Audio -ominaisuussivun pikakuvake] HDAShCut.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi
    O15 - Trusted Zone: http://locator.cdn.imageservr.com
    O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://drivecleaner.com/.freeware/installdrivecleanerstart.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by121fd.bay121.hotmail.msn.com/resources/MsnPUpld.cab
    O18 - Protocol: bw+0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O20 - Winlogon Notify: mljjh - C:\WINDOWS\system32\mljjh.dll
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
    O23 - Service: Norman Type-R - Unknown owner - C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
    O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\Zanda.exe
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
     
    Maastis, 17.09.2006
    #1
  2.  
  3. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Vundo on vieläkin, ei vaan vundofix tunnistanu dll:ää-

    Lataa VundoFix.exe työpöydällesi.
    [*]Tupla-klikkaa VundoFix.exe ajaaksesi sen.
    [*]Klikkaa Scan for Vundo valintaa.
    [*]Kun skannaus on valmis, oikea-klikkaa kyseisen listaboksin sisällä (valkoinen laatikko jossa on löydetyt tiedostot listattu) ja valitse Add more files
    [*]Kopioi ja liitä seuraavat 2 riviä kahteen ylimmäiseen boksiin
    [*]C:\WINDOWS\system32\mljjh.dll
    [*]C:\WINDOWS\system32\hjjlm.*

    [*]Klikkaa Add Files ja sitten klikkaa Close Window.
    [*]Kun skannaus on valmis, klikkaa Remove Vundo valintaa.
    [*]Sinulta kysytään haluatko poistaa filut - klikkaa YES.
    [*]Kun olet klikannut yes, työpöytäsi tyhjenee kun se alkaa poistamaan Vundoa.
    [*]Kun se on valmis, fiksi ilmoittaa käynnistäväsi koneesi uudelleen, klikkaa OK.
    [*]Postita C:\vundofix.txt lokin sekä tuoreen HijackThis lokin sisältö.
     
    -kemisti-, 18.09.2006
    #2
  4. Maastis

    Maastis Member

    Liittynyt:
    26.06.2005
    Viestejä:
    12
    Kiitokset:
    0
    Pisteet:
    11
    Laitoin noi jutut niihin laatikoihin eikä tehnyt mitään :S
     
    Maastis, 19.09.2006
    #3
  5. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Joo, ei suuri yllätys. VundoFix ei ole aivan viime aikoina toiminut hyvin. Sitten muuta.

    1. Lataa combofix.exe tiedosto työpöydällesi.
    2. Käynnistä-valikko -> Suorita -> kopioi seuraava kenttään ja paina Enter:
    "%userprofile%\työpöytä\combofix.exe" /v mljjh

    3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
    4.Käynnistä tietokoneesi uudelleen
    5.Lähetä tuore HijackThis loki viestiketjuusi Combofix lokin kera.
    Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
     
    -kemisti-, 19.09.2006
    #4
  6. Maastis

    Maastis Member

    Liittynyt:
    26.06.2005
    Viestejä:
    12
    Kiitokset:
    0
    Pisteet:
    11
    Mixu - 06-09-19 21:17:42,20 Service Pack 2
    ComboFix 06.09.19 - Running from: C:\Documents and Settings\Mixu\ty”p”yt„

    (((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log )))))))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINDOWS\system32\mljjh.dll
    C:\WINDOWS\system32\hjjlm.bak1
    C:\WINDOWS\system32\hjjlm.bak2
    C:\WINDOWS\system32\hjjlm.ini
    C:\WINDOWS\system32\hjjlm.ini2
    C:\WINDOWS\system32\hjjlm.tmp


    * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



    ((((((((((((((((((((((((((((((( Files Created from 2006-08-19 to 2006-09-19 ))))))))))))))))))))))))))))))))))


    2006-09-17 13:57 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
    2006-09-17 13:55 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
    2006-09-13 19:51 106,516 --a------ C:\WINDOWS\system32\axpnvhcr.dll
    2006-09-12 17:24 106,516 --a------ C:\WINDOWS\system32\heakqrpe.dll
    2006-09-11 11:59 106,516 --a------ C:\WINDOWS\system32\psylgoju.dll
    2006-09-10 12:50 106,516 --a------ C:\WINDOWS\system32\rhcjdswf.dll
    2006-09-09 12:49 106,516 --a------ C:\WINDOWS\system32\btegeois.dll
    2006-09-08 16:53 106,516 --a------ C:\WINDOWS\system32\dybatwjf.dll
    2006-09-08 12:40 106,516 --a------ C:\WINDOWS\system32\agejotxd.dll
    2006-09-07 23:05 106,516 --a------ C:\WINDOWS\system32\cvqsdten.dll
    2006-09-07 20:02 106,516 --a------ C:\WINDOWS\system32\fdbnimmq.dll
    2006-09-07 18:21 106,516 --a------ C:\WINDOWS\system32\ushpkqhy.dll
    2006-09-07 18:09 106,516 --a------ C:\WINDOWS\system32\kbynaqsm.dll
    2006-09-07 15:56 106,516 --a------ C:\WINDOWS\system32\bbixbthk.dll
    2006-09-06 18:06 106,516 --a------ C:\WINDOWS\system32\txifjwey.dll
    2006-09-06 14:50 106,516 --a------ C:\WINDOWS\system32\cdclafqu.dll
    2006-09-06 11:24 106,516 --a------ C:\WINDOWS\system32\hjodpkhv.dll
    2006-09-06 11:17 106,516 --a------ C:\WINDOWS\system32\frhslter.dll
    2006-09-05 17:17 106,516 --a------ C:\WINDOWS\system32\jvcadyms.dll
    2006-09-05 01:12 106,516 --a------ C:\WINDOWS\system32\bqbiaimf.dll
    2006-09-01 18:51 8,704 --a------ C:\WINDOWS\system32\SpOrder.dll
    2006-09-01 18:51 1,060,864 --a------ C:\WINDOWS\system32\mfc71.dll


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2006-09-19 16:45 -------- d-------- C:\Program Files\Mozilla Firefox
    2006-09-19 16:35 -------- d-------- C:\Program Files\Common Files\Ahead
    2006-09-19 16:35 -------- d-------- C:\Program Files\Ahead
    2006-09-18 17:28 -------- d-------- C:\Program Files\Teamspeak2_RC2
    2006-09-17 23:54 -------- d-------- C:\Program Files\RevConnect
    2006-09-17 13:36 -------- d--h----- C:\Program Files\InstallShield Installation Information
    2006-09-17 13:36 -------- d-------- C:\Program Files\Empire Interactive
    2006-09-13 03:27 -------- d---s---- C:\Program Files\Xfire
    2006-09-08 23:19 -------- d-------- C:\Documents and Settings\Mixu\Application Data\Apple Computer
    2006-09-08 22:28 -------- d-a------ C:\Program Files\Common Files
    2006-09-08 12:58 -------- d-------- C:\Program Files\ToniArts
    2006-09-01 18:20 -------- d-------- C:\Program Files\Warcraft III
    2006-08-30 23:18 -------- d-------- C:\Documents and Settings\Mixu\Application Data\dvdcss
    2006-08-29 19:16 -------- d-------- C:\Program Files\Opera
    2006-08-29 19:16 -------- d-------- C:\Documents and Settings\Mixu\Application Data\Opera
    2006-08-23 21:26 -------- d-------- C:\Program Files\Winamp
    2006-08-23 21:26 -------- d-------- C:\Program Files\BitComet
    2006-08-21 15:26 16896 --a------ C:\WINDOWS\system32\fltlib.dll
    2006-08-21 12:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
    2006-08-21 12:14 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
    2006-08-09 05:36 -------- d-------- C:\Program Files\Internet Explorer
    2006-08-06 23:07 -------- d-------- C:\Program Files\QuickTime
    2006-08-06 23:05 -------- d-------- C:\Program Files\iTunes
    2006-08-06 23:05 -------- d-------- C:\Program Files\iPod
    2006-08-01 01:29 -------- d-------- C:\Program Files\EA Games
    2006-07-27 16:26 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
    2006-07-27 05:38 28352 --a------ C:\WINDOWS\system32\drivers\MxlW2k.sys
    2006-07-24 02:16 -------- d-------- C:\Program Files\Acoustica MP3 Audio Mixer
    2006-07-21 13:32 -------- d-------- C:\Documents and Settings\Mixu\Application Data\AdobeUM
    2006-07-21 11:28 72704 --a------ C:\WINDOWS\system32\hlink.dll
    2006-07-20 21:21 -------- d-------- C:\Documents and Settings\Mixu\Application Data\Adobe
    2006-07-20 01:34 -------- d-------- C:\Program Files\PeerGuardian2
    2006-07-06 20:53 118784 -r------- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
    2006-06-29 02:24 58952 --a------ C:\WINDOWS\system32\MsgPlusLoader.dll
    2006-06-25 03:17 81920 -r------- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
    2006-06-22 08:17 69120 --a------ C:\WINDOWS\system32\ciodm.dll
    2006-06-22 08:17 1438208 --a------ C:\WINDOWS\system32\query.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "Steam"="C:\\Program Files\\Valve\\Steam\\\\Steam.exe -silent"
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\""
    "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
    "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "NBJ"="\"C:\\Program Files\\Ahead\\Nero BackItUp\\NBJ.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
    "Norman ZANDA"="C:\\Norman\\bin\\ZLH.EXE /LOAD /SPLASH"
    "AlcFDMonitor"="C:\\WINDOWS\\ALCFDRTM.EXE"
    "ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"
    "ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /install"
    "High Definition Audio -ominaisuussivun pikakuvake"="HDAShCut.exe"
    "WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
    "Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd"
    "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
    "SsAAD.exe"="C:\\PROGRA~1\\Sony\\SONICS~1\\SsAAD.exe"
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
    "MMTray"="C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mm_tray.exe"
    "MessengerPlus3"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\""
    "mmtask"="C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mmtask.exe"
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000001

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Nykyinen kotisivu"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,de,03,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
    "CurrentState"=hex:04,00,00,40
    "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
    ff,ff,04,00,00,00
    "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
    00,00,01,00,00,00

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"


    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
    securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


    Completion time: Tue 19.09.2006 21:21:20.87
    ComboFix.txt




    Logfile of HijackThis v1.99.1
    Scan saved at 21:28:16, on 19.9.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
    C:\Norman\bin\Zanda.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
    C:\Norman\bin\NJEEVES.EXE
    C:\NORMAN\Nvc\BIN\nipsvc.exe
    C:\NORMAN\Nvc\BIN\nvcoas.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Norman\bin\ZLH.EXE
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Norman\Nvc\BIN\NIP.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\Norman\Nvc\bin\cclaw.exe
    C:\Norman\Npf\BIN\npfmsg2.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Logitech\SetPoint\KEM.exe
    C:\Program Files\Xfire\Xfire.exe
    C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\Mixu\Työpöytä\HijackThis_v1.99.1.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.soneraplaza.fi
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja Sonera Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;*.*.fi;*.*.*.fi;<local>;localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
    O4 - HKLM\..\Run: [AlcFDMonitor] C:\WINDOWS\ALCFDRTM.EXE
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [High Definition Audio -ominaisuussivun pikakuvake] HDAShCut.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi
    O15 - Trusted Zone: http://locator.cdn.imageservr.com
    O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://drivecleaner.com/.freeware/installdrivecleanerstart.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by121fd.bay121.hotmail.msn.com/resources/MsnPUpld.cab
    O18 - Protocol: bw+0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {EABB8DAB-BEEE-4084-B894-2FC70B9E4C70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
    O23 - Service: Norman Type-R - Unknown owner - C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
    O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\Zanda.exe
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe



    Onko vielä jotain? =)
     
    Maastis, 19.09.2006
    #5
  7. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Joo, on

    Poista nuo:

    C:\WINDOWS\system32\axpnvhcr.dll
    C:\WINDOWS\system32\heakqrpe.dll
    C:\WINDOWS\system32\psylgoju.dll
    C:\WINDOWS\system32\rhcjdswf.dll
    C:\WINDOWS\system32\btegeois.dll
    C:\WINDOWS\system32\dybatwjf.dll
    C:\WINDOWS\system32\agejotxd.dll
    C:\WINDOWS\system32\cvqsdten.dll
    C:\WINDOWS\system32\fdbnimmq.dll
    C:\WINDOWS\system32\ushpkqhy.dll
    C:\WINDOWS\system32\kbynaqsm.dll
    C:\WINDOWS\system32\bbixbthk.dll
    C:\WINDOWS\system32\txifjwey.dll
    C:\WINDOWS\system32\cdclafqu.dll
    C:\WINDOWS\system32\hjodpkhv.dll
    C:\WINDOWS\system32\frhslter.dll
    C:\WINDOWS\system32\jvcadyms.dll
    C:\WINDOWS\system32\bqbiaimf.dll

    Ja tyhjennä roskis.

    Jos et löydä niitä tai poisto ei onnistu, niin kerro.
     
    -kemisti-, 20.09.2006
    #6
  8. Maastis

    Maastis Member

    Liittynyt:
    26.06.2005
    Viestejä:
    12
    Kiitokset:
    0
    Pisteet:
    11
    Pitää nyt viel varmistaa, eli poistan vaan tuolta kansiosta nuo?
     
    Maastis, 20.09.2006
    #7
  9. Jupsu

    Jupsu Active member

    Liittynyt:
    30.12.2005
    Viestejä:
    1,459
    Kiitokset:
    2
    Pisteet:
    68
    siis poistat tuolta system32 kansiosta esim. tuon: axpnvhcr.dll tiedoston.. ja kaikki muutkin mitä käskettiin.. sit tyhjennät roskiksen
     
    Jupsu, 20.09.2006
    #8
  10. Maastis

    Maastis Member

    Liittynyt:
    26.06.2005
    Viestejä:
    12
    Kiitokset:
    0
    Pisteet:
    11
    Juu ok varmistin vaan. Nyt on poistettu vielä muuta?
     
    Maastis, 20.09.2006
    #9
  11. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Sitten vielä Javan päivitys, ei muuta :)
     
    -kemisti-, 20.09.2006
    #10
  12. Maastis

    Maastis Member

    Liittynyt:
    26.06.2005
    Viestejä:
    12
    Kiitokset:
    0
    Pisteet:
    11
    Suuret KIITOKSET avusta :)
     
    Maastis, 21.09.2006
    #11
  13. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Olepa hyvä :)
     
    -kemisti-, 22.09.2006
    #12
Viestiketjun tila:
Viestiketju on suljettu.

Jaa tämä sivu