Tässä olisi hjt loki, jos joku viitsisi sen tarkistaa. T:KK Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\csrss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\WINNT\System32\svchost.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Common\FSMB32.EXE C:\WINNT\system32\hidserv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\WINNT\system32\nvsvc32.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\WINNT\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\WINNT\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINNT\system32\ElkCtrl.exe C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\F-Secure\FSGUI\fsguiexe.exe C:\Documents and Settings\Kari\Työpöytä\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.Google.fi R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O1 - Hosts: localhost 127.0.0.1 O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [LVCOMSX] C:\WINNT\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINNT\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [Picasa Media Detector] D:\HEMULI ja R\picasa\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136645605595 O17 - HKLM\System\CCS\Services\Tcpip\..\{07320B19-E6ED-40EE-B43E-0D5ADA20156C}: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 ,207.68.160.190 194.25.2.129 208.67.222.222 O17 - HKLM\System\CS1\Services\Tcpip\..\{07320B19-E6ED-40EE-B43E-0D5ADA20156C}: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 ,207.68.160.190 194.25.2.129 208.67.222.222 O17 - HKLM\System\CS2\Services\Tcpip\..\{07320B19-E6ED-40EE-B43E-0D5ADA20156C}: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 ,207.68.160.190 194.25.2.129 208.67.222.222 O18 - Protocol: bw+0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter: application/hta - {D962EF38-5FB0-4761-8638-C86F085E25E6} - (no file) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
Puhtaalta näyttää, mutta javan voisi päivittää Javan päivitys ja välimuistin tyhjennys Klikkaa Käynnistä > Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... ) Niissä pitäisi olla seuraava kuva vieressä: Valitse kaikki entiset Java versiosi ja valitse Poista. Asenna uusin Java päivitys seuraavasta linkistä.. http://java.sun.com/javase/downloads/index.jsp Rullaa alas kohteeseen Java Runtime Environment (JRE) 6u1 ja asenna se Käynnistä tietokoneesi uudelleen Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi). Temporary Internet Files -osion alla, klikkaa Delete Files nappia. Varmista että kaikki kolme valintaa ovat rastitettuja: Downloaded Applets Downloaded Applications Other Files Klikkaa OK "Delete Temporary Internet Files" -ikkunassasi. Huomaa: Tämä poistaa kaikki ladatut sovellukset ja appletit VÄLIMUISTISTA. Klikkaa OK jättääksesi Java asetusikkunasi.
Kiitoksia neuvoista. Ongelmana on, että googlen antamien hakutulosten klikkaus vie epämääräisille sivuille ( casino, sestat jne..). Olen ajanut koneella ad-awarwet, awg:t, spybotit mtta ongelma ei poistu. Laitan tänne uusimman hjt lokin, jos joku voisi tsekata. Kiitos. Logfile of HijackThis v1.99.1 Scan saved at 10:28:43, on 22.6.2007 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\csrss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\WINNT\System32\svchost.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\Common\FSMB32.EXE C:\WINNT\system32\hidserv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\WINNT\system32\nvsvc32.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\WINNT\Explorer.EXE C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\WINNT\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINNT\system32\ElkCtrl.exe C:\Program Files\F-Secure\FSGUI\fsguiexe.exe D:\HEMULI ja R\picasa\Picasa2\PicasaMediaDetector.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Kari\Työpöytä\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.Google.fi R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O1 - Hosts: localhost 127.0.0.1 O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [LVCOMSX] C:\WINNT\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINNT\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [Picasa Media Detector] D:\HEMULI ja R\picasa\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136645605595 O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.virustorjunta.net/modules/Online_Scanner/fscax.cab O18 - Protocol: bw+0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter: application/hta - {D962EF38-5FB0-4761-8638-C86F085E25E6} - (no file) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
Tutkitaanpa konetta sitten tarkemmin 1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä: combofix.exe combofix.exe 2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia. 3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi. Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
Sori, että vastaus tulee hiukan myöhässä. En ollut koneen äärellä pariin päivään. Mutta tässä olisi tämä combo -loki ComboFix 07-06-18.2 - C:\Documents and Settings\Kari\Ty”p”yt„\ComboFix.exe "Kari" - 25.06.2007 16:53:38 - Service Pack 4 NTFS ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINNT\system32\kdlhm.exe C:\WINNT\system32\msxml3a.dll ((((((((((((((((((((((((( Files Created from 2007-05-25 to 2007-06-25 ))))))))))))))))))))))))))))))) 2007-06-25 16:52 49,152 --a------ C:\WINNT\nircmd.exe 2007-06-21 07:32 <KANSIO> d-------- C:\WINNT\system32\SoftwareDistribution 2007-06-19 18:09 <KANSIO> d-a------ C:\WINNT\system32\appmgmt 2007-06-18 23:26 10,872 --a------ C:\WINNT\system32\drivers\AvgAsCln.sys 2007-06-17 20:13 <KANSIO> d-------- C:\Program Files\SopCast 2007-06-17 20:13 <KANSIO> d-------- C:\DOCUME~1\Kari\APPLIC~1\SopCast 2007-06-17 17:53 <KANSIO> d-------- C:\Program Files\EMCO Malware Destroyer 2007-06-17 16:38 <KANSIO> d-------- C:\Program Files\Lavasoft 2007-06-17 16:37 <KANSIO> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-06-17 15:58 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft 2007-06-12 18:00 <KANSIO> d-------- C:\Program Files\ToniArts 2007-06-11 19:43 <KANSIO> d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP 2007-06-11 19:38 <KANSIO> d--h----- C:\WINNT\PIF 2007-06-04 15:18 9,344 --a------ C:\WINNT\system32\drivers\NSDriver.sys 2007-06-04 15:17 7,808 --a------ C:\WINNT\system32\drivers\AWRTRD.sys 2007-06-04 15:14 5,376 --a------ C:\WINNT\system32\drivers\AWRTPD.sys 2007-05-30 23:47 63,488 --a------ C:\WINNT\xobglu16.dll 2007-05-30 23:47 23,552 --a------ C:\WINNT\xobglu32.dll 2007-05-29 17:25 <KANSIO> d-------- C:\Program Files\TryMedia (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-25 13:24:37 -------- d-----w C:\DOCUME~1\Kari\APPLIC~1\Skype 2007-06-17 12:58:34 -------- d-----w C:\DOCUME~1\Kari\APPLIC~1\Lavasoft 2007-05-30 22:04:27 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-05-20 15:12:05 -------- d-----w C:\Program Files\Google 2007-04-29 12:28:18 -------- d-----w C:\Program Files\Yahoo! 2007-04-25 07:52:16 147,216 ----a-w C:\WINNT\system32\SCHANNEL.DLL 2007-04-16 19:47:36 33,624 ----a-w C:\WINNT\system32\wups.dll 2007-04-16 19:45:54 1,710,936 ----a-w C:\WINNT\system32\wuaueng.dll 2007-04-16 19:45:48 549,720 ----a-w C:\WINNT\system32\wuapi.dll 2007-04-16 19:45:42 325,976 ----a-w C:\WINNT\system32\wucltui.dll 2007-04-16 19:45:36 203,096 ----a-w C:\WINNT\system32\wuweb.dll 2007-04-16 19:45:28 92,504 ----a-w C:\WINNT\system32\cdm.dll 2007-04-16 19:45:20 53,080 ----a-w C:\WINNT\system32\wuauclt.exe 2007-04-16 19:45:20 43,352 ----a-w C:\WINNT\system32\wups2.dll 2007-04-16 12:44:18 54,032 ----a-w C:\WINNT\system32\mpr.dll 2007-04-13 12:19:52 7,680 ----a-w C:\WINNT\system32\lsdelete.exe 2007-04-05 07:17:51 2,854,400 ----a-w C:\WINNT\system32\msi.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {53707962-6F74-2D53-2644-206D7942484F}=C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [05-05-31 01:04 ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [07-03-14 03:43 ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Synchronization Manager"="mobsync.exe" [03-06-19 13:05 C:\WINNT\system32\mobsync.exe] "F-Secure Manager"="C:\Program Files\F-Secure\Common\FSM32.exe" [04-09-09 12:03 ] "F-Secure TNB"="C:\Program Files\F-Secure\TNB\TNBUtil.exe" [04-05-27 11:57 ] "LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [05-12-07 10:26 ] "LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [05-12-07 10:33 ] "Picasa Media Detector"="D:\HEMULI ja R\picasa\Picasa2\PicasaMediaDetector.exe" [07-05-02 09:08 ] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [07-06-11 12:25 ] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [07-03-14 03:43 ] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [04-11-07 15:49 ] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [06-08-29 20:25 ] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [06-08-21 17:37 ] [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [07-05-30 15:29 ] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs WmdmPmSN *Newly Created Service* - IPNAT *Newly Created Service* - RASAUTO *Newly Created Service* - SHAREDACCESS ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-25 16:57:27 Windows 5.0.2195 Service Pack 4 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-25 16:59:33 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 07-06-25 16:59 --- E O F ---
Joo, kyllä siellä jotain on: Avaa HiJackThis Klikkaa "Configure" valintaa oikealla alhaalla Klikkaa "Misc Tools" Klikkaa boxia joka sanoo "Uninstall Manager" Klikkaa valintaa "Save list" Kopioi ja liitä kyseinen lista muistiosta postiisi
jep...tässä olisi tämä lista. Ad-Aware 2007 Adobe Acrobat 5.0 Adobe Flash Player ActiveX Adobe Reader 6.0.1 AVG Anti-Spyware 7.5 Call of Duty Canon Camera Support Core Library Canon Camera TWAIN Driver 6.6 Canon Camera Window DC_DV 5 for ZoomBrowser EX Canon Camera Window DC_DV 6 for ZoomBrowser EX Canon Camera Window MC 6 for ZoomBrowser EX Canon G.726 WMP-Decoder CANON iMAGE GATEWAY Task Canon Internet Library for ZoomBrowser EX Canon MovieEdit Task for ZoomBrowser EX Canon RAW Image Task for ZoomBrowser EX Canon RemoteCapture Task for ZoomBrowser EX Canon Utilities EOS Utility Canon Utilities PhotoStitch Canon Utilities ZoomBrowser EX CCleaner (remove only) Creative PCI Audio Drivers DAEMON Tools Delta Force - Black Hawk Down Doom 3 DVD EasyCleaner EMCO Malware Destroyer Flashpoint uninstall F-Secure Anti-Virus Client Security - Automatic Update Agent F-Secure Anti-Virus Client Security - Internet-suojaus F-Secure Anti-Virus Client Security - Sähköpostitarkistus F-Secure Anti-Virus Client Security - Virustentorjunta Google Earth HijackThis 1.99.1 Hotfix for MDAC 2.53 (KB911562) Hotfix for MDAC 2.53 (KB927779) Internet Explorer Q903235 IrfanView (remove only) Java(TM) SE Runtime Environment 6 Update 1 Kazaa Lite K++ v2.4.3 K-Lite Codec Pack 2.36 Full Koottu päivitys 1 Windows 2000 SP 4:lle Logitech Desktop Messenger Logitech QuickCam Software Logitech® Camera -ohjain Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Finnish Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft Office 2000 SR-1 Professional Microsoft Windows Journal Viewer MSN Messenger 7.0 MSXML 4.0 SP2 (KB927978) Nero - Burning Rom NVIDIA Drivers Picasa 2 PowerQuest PartitionMagic 8.0 QuickTime 3.0 Return to Castle Wolfenstein Serious Sam: The Second Encounter Silent Hill Skype 2.5 SopCast 1.1.2 Sound Blaster PCI Compact Drivers Online Help SPSS 12.0.1 for Windows Spybot - Search & Destroy 1.4 Suojauspäivitys ohjelmistolle Windows 2000 (KB904706) Suojauspäivitys ohjelmistolle Windows 2000 (KB923689) Suojauspäivitys Windows Media Player 6.4:lle (KB925398) Suojauspäivitys Windows Media Player 9:lle (KB911565) Suojauspäivitys Windows Media Player 9:lle (KB917734) Suojauspäivitys Windows Media Playerille (KB911564) Tappio-kirjanpito The Kreed Tiny Disk 2.95 Winamp3 (remove only) Windows 2000 Hotfix - KB842773 Windows 2000 Hotfix - KB867282 Windows 2000 Hotfix - KB883939 Windows 2000 Hotfix - KB890046 Windows 2000 Hotfix - KB893756 Windows 2000 Hotfix - KB894320 Windows 2000 Hotfix - KB896358 Windows 2000 Hotfix - KB896422 Windows 2000 Hotfix - KB896423 Windows 2000 Hotfix - KB896424 Windows 2000 Hotfix - KB897715 Windows 2000 Hotfix - KB899587 Windows 2000 Hotfix - KB899589 Windows 2000 Hotfix - KB900725 Windows 2000 Hotfix - KB901017 Windows 2000 Hotfix - KB901214 Windows 2000 Hotfix - KB902400 Windows 2000 Hotfix - KB904368 Windows 2000 Hotfix - KB905414 Windows 2000 Hotfix - KB905495 Windows 2000 Hotfix - KB905749 Windows 2000 Hotfix - KB905915 Windows 2000 Hotfix - KB908519 Windows 2000 Hotfix - KB908523 Windows 2000 Hotfix - KB908531 Windows 2000 Hotfix - KB911280 Windows 2000 Hotfix - KB911567 Windows 2000 Hotfix - KB912812 Windows 2000 Hotfix - KB912919 Windows 2000 Hotfix - KB913580 Windows 2000 Hotfix - KB914388 Windows 2000 Hotfix - KB914389 Windows 2000 Hotfix - KB917008 Windows 2000 Hotfix - KB917159 Windows 2000 Hotfix - KB917422 Windows 2000 Hotfix - KB917736 Windows 2000 Hotfix - KB917953 Windows 2000 Hotfix - KB918118 Windows 2000 Hotfix - KB918899 Windows 2000 Hotfix - KB920213 Windows 2000 Hotfix - KB920670 Windows 2000 Hotfix - KB920683 Windows 2000 Hotfix - KB920685 Windows 2000 Hotfix - KB920958 Windows 2000 Hotfix - KB921398 Windows 2000 Hotfix - KB921883 Windows 2000 Hotfix - KB922582 Windows 2000 Hotfix - KB922616 Windows 2000 Hotfix - KB922760 Windows 2000 Hotfix - KB923191 Windows 2000 Hotfix - KB923414 Windows 2000 Hotfix - KB923694 Windows 2000 Hotfix - KB923980 Windows 2000 Hotfix - KB924191 Windows 2000 Hotfix - KB924270 Windows 2000 Hotfix - KB924667 Windows 2000 Hotfix - KB925486 Windows 2000 Hotfix - KB925902 Windows 2000 Hotfix - KB926436 Windows 2000 Hotfix - KB927891 Windows 2000 Hotfix - KB928090 Windows 2000 Hotfix - KB928843 Windows 2000 Hotfix - KB929969 Windows 2000 Hotfix - KB930178 Windows 2000 Hotfix - KB931768 Windows 2000 Hotfix - KB931784 Windows 2000 Hotfix - KB932168 Windows 2000 Hotfix - KB933566 Windows 2000 Hotfix - KB935839 Windows 2000 Hotfix - KB935840 Windows 2000 Hotfix (SP5) Q818043 Windows 2000 Hotfix KB834707 Windows Genuine Advantage v1.3.0254.0 Windows Installer 3.1 (KB893803) Windows Media Player 9:n Hotfix-korjauspäivitys [lisätietoja on artikkelissa KB885492] Windows Media Player Hotfix -päivitys [lisätietoja on artikkelissa KB837272] Windows Media Player Hotfix -päivitys [lisätietoja on artikkelissa wm828026] Windows Media Player -järjestelmäpäivitys (9 Series) WinRAR archiver WinZip
Skannataas vielä tällä Lataa Deckard's System Scanner Työpöydällesi. http://www.techsupportforum.com/sectools/Deckard/dss.exe Huomioi: Sinulla tulee olla Järjestelmänvalvojan oikeudet ajaaksesi ohjelman. Sulje kaikki avoimet ikkunat ja ohjelmat. Tupla Klikkaa Dss.exe tiedostoa ajaaksesi ohjelman, seuraa ohjeita. Kun Scannaus on valmis 2 textitiedostoa pitäisi avautua, Main.txt ja extra.txt Näppäile Kopioi ( CTRL+A -> CTRL + C ) ja liitä ( CTRL + V ) kopioi ja liitä extra.txt ja Main.txt sisältö ,Pandan skannausraportin ja uusi hjt-loki seuraavaan vastaukseesi.
Okei tässä nyt olisi tämä main-, extra- ja hjt lokit Deckard's System Scanner v20070611.50 Run by Kari on 2007-06-28 at 13:18:19 Computer is in Normal Mode. -------------------------------------------------------------------------------- Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Kari.exe) ------------------------------------------------ Logfile of HijackThis v1.99.1 Scan saved at 13:18:47, on 28.6.2007 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\WINNT\System32\svchost.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\Common\FSMB32.EXE C:\WINNT\system32\hidserv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\WINNT\system32\nvsvc32.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\WINNT\Explorer.EXE C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\Program Files\Logitech\Video\CameraAssistant.exe C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe C:\Program Files\F-Secure\FSGUI\fsguiexe.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINNT\system32\lvcomsx.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Documents and Settings\Kari\Työpöytä\dss.exe C:\DOCUME~1\Kari\TYPYT~1\Kari.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.Google.fi R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [Picasa Media Detector] D:\HEMULI ja R\picasa\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136645605595 O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.virustorjunta.net/modules/Online_Scanner/fscax.cab O18 - Protocol: bw+0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter: application/hta - {D962EF38-5FB0-4761-8638-C86F085E25E6} - (no file) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe -- HijackThis Fixed Entries (C:\DOCUME~1\Kari\TYPYT~1\backups\) ---------------- backup-20070615-160402-289 O16 - DPF: {0F2F3121-75E2-4C60-9977-C1ADC3D5F3DC} (IFIUploader Control) - http://web1.ifi.fi/WebUpload/ActiveX/IfiUploader.cab backup-20070615-160402-716 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) backup-20070615-165151-980 O17 - HKLM\System\CCS\Services\Tcpip\..\{755D19D5-4BED-476F-A610-49F758AFD837}: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 ,207.68.160.190 194.25.2.129 208.67.222.222 backup-20070620-182605-205 O17 - HKLM\System\CCS\Services\Tcpip\..\{07320B19-E6ED-40EE-B43E-0D5ADA20156C}: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 ,207.68.160.190 194.25.2.129 208.67.222.222 backup-20070620-182605-698 O17 - HKLM\System\CS2\Services\Tcpip\..\{07320B19-E6ED-40EE-B43E-0D5ADA20156C}: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 ,207.68.160.190 194.25.2.129 208.67.222.222 backup-20070620-182605-919 O17 - HKLM\System\CS1\Services\Tcpip\..\{07320B19-E6ED-40EE-B43E-0D5ADA20156C}: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 ,207.68.160.190 194.25.2.129 208.67.222.222 backup-20070620-182654-309 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = -- File Associations ----------------------------------------------------------- .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 FSFW (F-Secure Firewall Driver) - c:\winnt\system32\drivers\fsdfw.sys <Not Verified; F-Secure Corporation; F-Secure Anti-Virus Internet Shield> R1 PQNTDrv - c:\winnt\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product> R2 F-Secure Filter (F-Secure File System Filter) - c:\program files\f-secure\anti-virus\win2k\fsfilter.sys R2 F-Secure Gatekeeper - c:\program files\f-secure\anti-virus\win2k\fsgk.sys R2 F-Secure Recognizer (F-Secure File System Recognizer) - c:\program files\f-secure\anti-virus\win2k\fsrec.sys R3 LVPrcMon (Logitech LVPrcMon Driver) - c:\winnt\system32\drivers\lvprcmon.sys S3 krdpdre - c:\docume~1\kari\locals~1\temp\krdpdre.sys (file missing) S3 USTOR (Tiny Disk) - c:\winnt\system32\drivers\ustork.sys <Not Verified; USB Mass Storage.; USB Mass Storage Device> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" <Not Verified; Lavasoft AB; Ad-Aware 2007 Service> R2 BackWeb Plug-in - 7681197 (F-Secure Automatic Update) - c:\progra~1\f-secure\backweb\7681197\program\servic~1.exe R2 fsbwsys - "c:\program files\f-secure\backweb\7681197\program\fsbwsys.exe" <Not Verified; F-Secure Corp.; F-Secure BackWeb> R2 F-Secure Gatekeeper Handler Starter - "c:\program files\f-secure\anti-virus\fsgk32st.exe" <Not Verified; F-Secure Corp.; F-Secure Corp. Startup service> R2 FSMA (F-Secure Management Agent) - "c:\program files\f-secure\common\fsma32.exe" <Not Verified; F-Secure Corporation; F-Secure Management Agent> R3 FSDFWD (F-Secure Anti-Virus Firewall Daemon) - "c:\program files\f-secure\fwes\program\fsdfwd.exe" <Not Verified; F-Secure Corporation; F-Secure Anti-Virus Internet Shield> R3 F-Secure Network Request Broker - "c:\program files\f-secure\common\fnrb32.exe" <Not Verified; F-Secure Corporation; F-Secure Management Agent> -- Files created between 2007-05-28 and 2007-06-28 ----------------------------- 2007-06-28 11:28:58 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_4ec.dat 2007-06-21 07:32:55 0 d-------- C:\WINNT\system32\SoftwareDistribution 2007-06-19 19:10:06 0 d-------- C:\Program Files\Java 2007-06-19 19:10:04 0 d-------- C:\Program Files\Common Files\Java 2007-06-19 18:09:51 0 d-a------ C:\WINNT\system32\appmgmt 2007-06-18 23:26:20 0 d-------- C:\Documents and Settings\Kari\Application Data\Grisoft 2007-06-18 23:26:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-06-17 20:13:34 0 d-------- C:\Documents and Settings\Kari\Application Data\SopCast 2007-06-17 20:13:30 0 d-------- C:\Program Files\SopCast 2007-06-17 17:53:24 0 d-------- C:\Program Files\EMCO Malware Destroyer 2007-06-17 16:38:12 0 d-------- C:\Program Files\Lavasoft 2007-06-17 16:37:44 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-06-17 15:58:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-06-12 18:00:12 0 d-------- C:\Program Files\ToniArts 2007-06-11 19:43:13 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2007-06-11 19:38:28 0 d--h----- C:\WINNT\PIF 2007-06-04 15:18:48 9344 --a------ C:\WINNT\system32\drivers\NSDriver.sys <Not Verified; Lavasoft AB; Ad-Watch Connections> 2007-06-04 15:17:02 7808 --a------ C:\WINNT\system32\drivers\AWRTRD.sys <Not Verified; Lavasoft AB; Ad-Watch Registry Protection> 2007-06-04 15:14:56 5376 --a------ C:\WINNT\system32\drivers\AWRTPD.sys <Not Verified; Lavasoft AB; Ad-Watch Beta> 2007-05-30 23:47:33 23552 --a------ C:\WINNT\xobglu32.dll 2007-05-30 23:47:33 63488 --a------ C:\WINNT\xobglu16.dll 2007-05-29 17:25:13 0 d-------- C:\Program Files\TryMedia -- Find3M Report --------------------------------------------------------------- 2007-06-28 11:31:43 0 d-------- C:\Documents and Settings\Kari\Application Data\Skype 2007-06-19 18:55:35 0 d-------- C:\Documents and Settings\Kari\Application Data\Sun 2007-06-17 15:58:34 0 d-------- C:\Documents and Settings\Kari\Application Data\Lavasoft 2007-05-31 01:04:27 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-05-30 16:38:42 1201440 ---h----- C:\WINNT\ShellIconCache 2007-05-20 18:12:05 0 d-------- C:\Program Files\Google 2007-04-29 15:28:18 0 d-------- C:\Program Files\Yahoo! 2007-04-13 15:19:52 7680 --a------ C:\WINNT\system32\lsdelete.exe -- Registry Dump --------------------------------------------------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {53707962-6F74-2D53-2644-206D7942484F} C:\Program Files\Spybot - Search & Destroy\SDHelper.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "Synchronization Manager"="mobsync.exe /logon" "F-Secure Manager"="\"C:\\Program Files\\F-Secure\\Common\\FSM32.EXE\" /splash" "F-Secure TNB"="\"C:\\Program Files\\F-Secure\\TNB\\TNBUtil.exe\" /CHECKALL /WAITFORSW" "LogitechCameraAssistant"="C:\\Program Files\\Logitech\\Video\\CameraAssistant.exe" "LogitechVideo[inspector]"="C:\\Program Files\\Logitech\\Video\\InstallHelper.exe /inspect" "Picasa Media Detector"="D:\\HEMULI ja R\\picasa\\Picasa2\\PicasaMediaDetector.exe" "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\"" "NvCplDaemon"="RUNDLL32.EXE C:\\WINNT\\system32\\NvCpl.dll,NvStartup" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe" "Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "^SetupICWDesktop"="C:\\Program Files\\Internet Explorer\\Connection Wizard\\icwconn1.exe /desktop" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0\0 Notification Packages REG_MULTI_SZ scecli\0\0 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] rpcss REG_MULTI_SZ RpcSs\0\0 wugroup REG_MULTI_SZ wuauserv\0\0 BITSgroup REG_MULTI_SZ BITS\0\0 -- End of Deckard's System Scanner: finished at 2007-06-28 at 13:19:46 --------- ja sitten extra Deckard's System Scanner v20070611.50 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows 2000 Professional (build 2195) SP 4.0 Architecture: X86; Language: Other (040B) - see http://preview.tinyurl.com/mhhp6 CPU 0: AMD Athlon(tm) processor Percentage of Memory in Use: 52% Physical Memory (total/avail): 511.48 MiB / 244.81 MiB Pagefile Memory (total/avail): 2014.66 MiB / 1674.74 MiB Virtual Memory (total/avail): 2047.88 MiB / 1991.61 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 9.99 GiB total, 4.23 GiB free. D: is Fixed (NTFS) - 66.34 GiB total, 31.47 GiB free. E: is CDROM (No Media) F: is CDROM (CDFS) G: is CDROM (No Media) H: is CDROM (No Media) -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Kari\Application Data CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=HOT-6F67D8A43D0 ComSpec=C:\WINNT\system32\cmd.exe HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Kari LOGONSERVER=\\HOT-6F67D8A43D0 NUMBER_OF_PROCESSORS=1 OS=Windows_NT Os2LibPath=C:\WINNT\system32\os2\dll; Path=C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 4 Stepping 2, AuthenticAMD PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0402 ProgramFiles=C:\Program Files PROMPT=$P$G SystemDrive=C: SystemRoot=C:\WINNT TEMP=C:\DOCUME~1\Kari\LOCALS~1\Temp TMP=C:\DOCUME~1\Kari\LOCALS~1\Temp USERDOMAIN=HOT-6F67D8A43D0 USERNAME=Kari USERPROFILE=C:\Documents and Settings\Kari windir=C:\WINNT -- User Profiles --------------------------------------------------------------- Kari (admin) -- Add/Remove Programs --------------------------------------------------------- --> "C:\Program Files\F-Secure\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer" --> "C:\Program Files\F-Secure\fsuninst.exe" /UninstRegKey:"F-Secure DAAS" --> "C:\Program Files\F-Secure\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics" --> "C:\Program Files\F-Secure\fsuninst.exe" /UninstRegKey:"F-Secure FWES" --> "C:\Program Files\F-Secure\fsuninst.exe" /UninstRegKey:"F-Secure GUI" --> "C:\Program Files\F-Secure\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent" --> "C:\Program Files\F-Secure\fsuninst.exe" /UninstRegKey:"F-Secure Policy Manager Support" --> "C:\Program Files\F-Secure\fsuninst.exe" /UninstRegKey:"F-Secure TNB" --> C:\WINNT\$NtServicePackUninstall$\spuninst\spuninst.exe --> C:\WINNT\BWUnin-6.3.2.62-7681197L.exe -AppId 7681197 Ad-Aware 2007 --> MsiExec.exe /X{0E6AB9FC-76C2-431B-9C06-6C1CFFFEA8EB} Adobe Acrobat 5.0 --> C:\WINNT\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe Flash Player ActiveX --> C:\WINNT\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001} AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe Call of Duty --> E:\Pelit\CALLOF~1\Uninstall\Unwise.exe /u E:\Pelit\CALLOF~1\Uninstall\Install.log Canon Camera Support Core Library --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini" Canon Camera TWAIN Driver 6.6 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3519A06E-33A4-4910-BB14-7BCE133BF46F} /l1033 Canon Camera Window DC_DV 5 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini" Canon Camera Window DC_DV 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini" Canon Camera Window MC 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini" Canon G.726 WMP-Decoder --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini" CANON iMAGE GATEWAY Task --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini" Canon Internet Library for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini" Canon MovieEdit Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini" Canon RAW Image Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini" Canon RemoteCapture Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini" Canon Utilities EOS Utility --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini" Canon Utilities PhotoStitch --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini" Canon Utilities ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini" CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" Creative PCI Audio Drivers --> C:\PROGRA~1\Creative\Audio\CTSetup\ctsetup.exe -u -3 DAEMON Tools --> MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0} Delta Force - Black Hawk Down --> C:\WINNT\IsUninst.exe -f"e:\pelit\Delta Force\Uninst.isu" Doom 3 DVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{986A457F-8230-4042-BC9F-5241BAAEC393}\setup.exe" -l0x9 -removeonly EasyCleaner --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly EMCO Malware Destroyer --> "C:\Program Files\EMCO Malware Destroyer\unins000.exe" F-Secure Anti-Virus Client Security - Automatic Update Agent --> "C:\Program Files\F-Secure\fsuninst.exe" /UninstRegKey:"F-Secure Backweb" F-Secure Anti-Virus Client Security - Internet-suojaus --> "C:\Program Files\F-Secure\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield" F-Secure Anti-Virus Client Security - Sähköpostitarkistus --> "C:\Program Files\F-Secure\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning" F-Secure Anti-Virus Client Security - Virustentorjunta --> "C:\Program Files\F-Secure\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus" Flashpoint uninstall --> C:\Program Files\Codemasters\UnInstall.exe Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly HijackThis 1.99.1 --> C:\Documents and Settings\Kari\Työpöytä\HijackThis.exe /uninstall Internet Explorer Q903235 --> C:\WINNT\ieuninst.exe C:\WINNT\INF\Q903235.inf IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} K-Lite Codec Pack 2.36 Full --> "D:\johanna\K-Lite Codec Pack\unins000.exe" Kazaa Lite K++ v2.4.3 --> "C:\Program Files\Kazaa Lite K++\unins000.exe" Koottu päivitys 1 Windows 2000 SP 4:lle --> "C:\WINNT\$NtUpdateRollupPackUninstall$\spuninst\spuninst.exe" Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x9 UNINSTALL Logitech QuickCam Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C191BE7C-8542-4A61-973A-714EF76C5995}\setup.exe" -l0x9 Logitech® Camera -ohjain --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1 Finnish Language Pack --> MsiExec.exe /X{4538A1AF-6894-4F10-ABDA-6CB9E6ACF8B6} Microsoft .NET Framework 1.1 Hotfix (KB886903) --> "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp" Microsoft Office 2000 SR-1 Professional --> MsiExec.exe /I{0001040B-78E1-11D2-B60F-006097C998E7} Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7} MSN Messenger 7.0 --> MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600425} MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} Nero - Burning Rom --> MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0} NVIDIA Drivers --> C:\WINNT\system32\nvudisp.exe UninstallGUI Picasa 2 --> "D:\HEMULI ja R\picasa\Picasa2\Uninstall.exe" PowerQuest PartitionMagic 8.0 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804} QuickTime 3.0 --> C:\WINNT\uninst.exe -f"C:\Program Files\QuickTime\DeIsL1.isu" -c"C:\WINNT\system32\QTUninst.dll Return to Castle Wolfenstein --> E:\Pelit\RETURN~1\Uninstall\Unwise.exe /u E:\Pelit\RETURN~1\Uninstall\Install.log Serious Sam: The Second Encounter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BDAA2F7-8E48-4AFF-AA92-B559D0CDF1AD}\Setup.exe" -l0x9 Silent Hill --> C:\WINNT\iun6002ev.exe "E:\silenth1\Silent Hill\irunin.ini" Skype 2.5 --> "C:\Program Files\Skype\Phone\unins000.exe" SopCast 1.1.2 --> C:\Program Files\SopCast\uninst.exe Sound Blaster PCI Compact Drivers Online Help --> C:\WINNT\IsUninst.exe -f"C:\Program Files\CREATIVE\AUDIO\HELP\SBPCTDRV.isu" SPSS 12.0.1 for Windows --> MsiExec.exe /I{2446B8DB-2FFC-4301-8765-88734AF4DC04} Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" Suojauspäivitys ohjelmistolle Windows 2000 (KB904706) --> "C:\WINNT\$NtUninstallKB904706$\spuninst\spuninst.exe" Suojauspäivitys ohjelmistolle Windows 2000 (KB923689) --> "C:\WINNT\$NtUninstallKB923689$\spuninst\spuninst.exe" Suojauspäivitys Windows Media Player 6.4:lle (KB925398) --> "C:\WINNT\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Suojauspäivitys Windows Media Player 9:lle (KB911565) --> "C:\WINNT\$NtUninstallKB911565$\spuninst\spuninst.exe" Suojauspäivitys Windows Media Player 9:lle (KB917734) --> "C:\WINNT\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe" Suojauspäivitys Windows Media Playerille (KB911564) --> "C:\WINNT\$NtUninstallKB911564$\spuninst\spuninst.exe" Tappio-kirjanpito --> C:\Program Files\Tappio\uninst.exe The Kreed --> MsiExec.exe /I{773B1963-027D-4AEE-96FF-6173C96AE7B2} Tiny Disk 2.95 --> C:\Program Files\Tiny Disk Tools2.95\AdvDrvIns.exe -u "C:\Program Files\Tiny Disk Tools2.95" Winamp3 (remove only) --> C:\Program Files\Winamp3\uninst-wa3.EXE Windows Genuine Advantage v1.3.0254.0 --> MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} Windows Media Player -järjestelmäpäivitys (9 Series) --> C:\PROGRA~1\WINDOW~2\setup_wm.exe /Uninstall Windows Media Player 9:n Hotfix-korjauspäivitys [lisätietoja on artikkelissa KB885492] --> C:\WINNT\$NtUninstallKB885492$\spuninst\spuninst.exe WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall -- End of Deckard's System Scanner: finished at 2007-06-28 at 13:19:46 --------- sitten hjt loki Logfile of HijackThis v1.99.1 Scan saved at 13:30:03, on 28.6.2007 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\WINNT\System32\svchost.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\Common\FSMB32.EXE C:\WINNT\system32\hidserv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\WINNT\system32\nvsvc32.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\WINNT\Explorer.EXE C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\Program Files\Logitech\Video\CameraAssistant.exe C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe C:\Program Files\F-Secure\FSGUI\fsguiexe.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINNT\system32\lvcomsx.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINNT\notepad.exe C:\WINNT\notepad.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Kari\Työpöytä\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.Google.fi R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [Picasa Media Detector] D:\HEMULI ja R\picasa\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136645605595 O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.virustorjunta.net/modules/Online_Scanner/fscax.cab O18 - Protocol: bw+0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {433C29B3-69AB-4064-AEE2-F922B789AD49} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter: application/hta - {D962EF38-5FB0-4761-8638-C86F085E25E6} - (no file) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
