[02/19/2008, 21:40:13] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Marko\Työpöytä\VirtumundoBeGone.exe" ) [02/19/2008, 21:40:17] - Detected System Information: [02/19/2008, 21:40:17] - Windows Version: 5.1.2600, Service Pack 2 [02/19/2008, 21:40:17] - Current Username: Marko (Admin) [02/19/2008, 21:40:17] - Windows is in NORMAL mode. [02/19/2008, 21:40:17] - Searching for Browser Helper Objects: [02/19/2008, 21:40:17] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader -linkkiavustaja) [02/19/2008, 21:40:17] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection) [02/19/2008, 21:40:17] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [02/19/2008, 21:40:17] - BHO 4: {7EB09E70-DCFE-4B1B-8BB3-62D2EC462A5D} () [02/19/2008, 21:40:17] - WARNING: BHO has no default name. Checking for Winlogon reference. [02/19/2008, 21:40:17] - Checking for HKLM\...\Winlogon\Notify\ssqpp [02/19/2008, 21:40:17] - Key not found: HKLM\...\Winlogon\Notify\ssqpp, continuing. [02/19/2008, 21:40:17] - Finished Searching Browser Helper Objects [02/19/2008, 21:40:17] - Finishing up... [02/19/2008, 21:40:17] - Nothing found! Exiting... [02/19/2008, 21:43:25] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Marko\Työpöytä\VirtumundoBeGone.exe" ) [02/19/2008, 21:43:33] - User choose NOT to continue. Exiting... [02/19/2008, 21:45:24] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Marko\Työpöytä\VirtumundoBeGone.exe" ) [02/19/2008, 21:45:24] - Detected System Information: [02/19/2008, 21:45:24] - Windows Version: 5.1.2600, Service Pack 2 [02/19/2008, 21:45:24] - Current Username: Marko (Admin) [02/19/2008, 21:45:24] - Windows is in SAFE mode with Networking. [02/19/2008, 21:45:24] - Searching for Browser Helper Objects: [02/19/2008, 21:45:24] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader -linkkiavustaja) [02/19/2008, 21:45:24] - BHO 2: {0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E} () [02/19/2008, 21:45:24] - WARNING: BHO has no default name. Checking for Winlogon reference. [02/19/2008, 21:45:24] - Checking for HKLM\...\Winlogon\Notify\rqrqpom [02/19/2008, 21:45:24] - Found: HKLM\...\Winlogon\Notify\rqrqpom - This is probably Virtumundo. [02/19/2008, 21:45:24] - Assigning {0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E} MSEvents Object [02/19/2008, 21:45:24] - BHO list has been changed! Starting over... [02/19/2008, 21:45:24] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader -linkkiavustaja) [02/19/2008, 21:45:24] - BHO 2: {0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E} (MSEvents Object) [02/19/2008, 21:45:24] - ALERT: Found MSEvents Object! [02/19/2008, 21:45:24] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection) [02/19/2008, 21:45:25] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [02/19/2008, 21:45:25] - BHO 5: {79536116-94D4-4983-BF50-835A2E4192FE} () [02/19/2008, 21:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference. [02/19/2008, 21:45:25] - Checking for HKLM\...\Winlogon\Notify\ssqpp [02/19/2008, 21:45:25] - Key not found: HKLM\...\Winlogon\Notify\ssqpp, continuing. [02/19/2008, 21:45:25] - Finished Searching Browser Helper Objects [02/19/2008, 21:45:25] - *** Detected MSEvents Object [02/19/2008, 21:45:25] - Trying to remove MSEvents Object... [02/19/2008, 21:45:26] - Terminating Process: IEXPLORE.EXE [02/19/2008, 21:45:26] - Terminating Process: RUNDLL32.EXE [02/19/2008, 21:45:26] - Disabling Automatic Shell Restart [02/19/2008, 21:45:26] - Terminating Process: EXPLORER.EXE [02/19/2008, 21:45:26] - Suspending the NT Session Manager System Service [02/19/2008, 21:45:26] - Terminating Windows NT Logon/Logoff Manager [02/19/2008, 21:51:39] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Marko\Työpöytä\VirtumundoBeGone.exe" ) [02/19/2008, 21:51:41] - Detected System Information: [02/19/2008, 21:51:41] - Windows Version: 5.1.2600, Service Pack 2 [02/19/2008, 21:51:41] - Current Username: Marko (Admin) [02/19/2008, 21:51:41] - Windows is in NORMAL mode. [02/19/2008, 21:51:41] - Searching for Browser Helper Objects: [02/19/2008, 21:51:41] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader -linkkiavustaja) [02/19/2008, 21:51:41] - BHO 2: {0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E} (MSEvents Object) [02/19/2008, 21:51:41] - ALERT: Found MSEvents Object! [02/19/2008, 21:51:41] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection) [02/19/2008, 21:51:41] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [02/19/2008, 21:51:41] - BHO 5: {76C79A0A-7DA9-4A7F-8B3A-4A87E4831954} () [02/19/2008, 21:51:41] - WARNING: BHO has no default name. Checking for Winlogon reference. [02/19/2008, 21:51:41] - Checking for HKLM\...\Winlogon\Notify\ssqpp [02/19/2008, 21:51:41] - Key not found: HKLM\...\Winlogon\Notify\ssqpp, continuing. [02/19/2008, 21:51:41] - Finished Searching Browser Helper Objects [02/19/2008, 21:51:41] - *** Detected MSEvents Object [02/19/2008, 21:51:41] - Trying to remove MSEvents Object... [02/19/2008, 21:51:42] - Terminating Process: IEXPLORE.EXE [02/19/2008, 21:51:42] - Terminating Process: RUNDLL32.EXE [02/19/2008, 21:51:43] - Disabling Automatic Shell Restart [02/19/2008, 21:51:43] - Terminating Process: EXPLORER.EXE [02/19/2008, 21:51:43] - Suspending the NT Session Manager System Service [02/19/2008, 21:51:43] - Terminating Windows NT Logon/Logoff Manager [02/19/2008, 21:57:12] - Re-enabling Automatic Shell Restart [02/19/2008, 21:57:12] - File to disable: C:\WINDOWS\system32\rqrqpom.dll [02/19/2008, 21:57:12] - Renaming C:\WINDOWS\system32\rqrqpom.dll -> C:\WINDOWS\system32\rqrqpom.dll.vir [02/19/2008, 21:57:13] - ! File rename was unsucessful. [02/19/2008, 21:57:13] - Attempting to Deny Access to C:\WINDOWS\system32\rqrqpom.dll [02/19/2008, 21:57:22] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work. [02/19/2008, 21:57:22] - ERROR: Ei kartoitusta tilinimien ja suojaustunnusten välillä. [02/19/2008, 21:57:22] - *** IMPORTANT: The file is disabled and will need to be deleted by the user. [02/19/2008, 21:57:22] - Removing HKLM\...\Browser Helper Objects\{0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E} [02/19/2008, 21:57:22] - Removing HKCR\CLSID\{0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E} [02/19/2008, 21:57:22] - Adding Kill Bit for ActiveX for GUID: {0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E} [02/19/2008, 21:57:22] - Deleting ATLEvents/MSEvents Registry entries [02/19/2008, 21:57:22] - Removing HKLM\...\Winlogon\Notify\rqrqpom [02/19/2008, 21:57:22] - Searching for Browser Helper Objects: [02/19/2008, 21:57:22] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader -linkkiavustaja) [02/19/2008, 21:57:22] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection) [02/19/2008, 21:57:22] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [02/19/2008, 21:57:22] - BHO 4: {76C79A0A-7DA9-4A7F-8B3A-4A87E4831954} () [02/19/2008, 21:57:22] - WARNING: BHO has no default name. Checking for Winlogon reference. [02/19/2008, 21:57:22] - Checking for HKLM\...\Winlogon\Notify\ssqpp [02/19/2008, 21:57:22] - Key not found: HKLM\...\Winlogon\Notify\ssqpp, continuing. [02/19/2008, 21:57:22] - Finished Searching Browser Helper Objects [02/19/2008, 21:57:22] - Finishing up... [02/19/2008, 21:57:22] - A restart is needed. [02/19/2008, 22:08:10] - Attempting to Restart via STOP error (Blue Screen!) [02/20/2008, 12:37:52] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Marko\Työpöytä\VirtumundoBeGone.exe" ) [02/20/2008, 12:37:54] - Detected System Information: [02/20/2008, 12:37:54] - Windows Version: 5.1.2600, Service Pack 2 [02/20/2008, 12:37:54] - Current Username: Marko (Admin) [02/20/2008, 12:37:54] - Windows is in NORMAL mode. [02/20/2008, 12:37:54] - Searching for Browser Helper Objects: [02/20/2008, 12:37:54] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader -linkkiavustaja) [02/20/2008, 12:37:54] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection) [02/20/2008, 12:37:54] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [02/20/2008, 12:37:54] - BHO 4: {7BF36460-1EBF-406B-921D-FD11FE06016D} () [02/20/2008, 12:37:54] - WARNING: BHO has no default name. Checking for Winlogon reference. [02/20/2008, 12:37:54] - Checking for HKLM\...\Winlogon\Notify\ssqpp [02/20/2008, 12:37:54] - Key not found: HKLM\...\Winlogon\Notify\ssqpp, continuing. [02/20/2008, 12:37:54] - Finished Searching Browser Helper Objects [02/20/2008, 12:37:54] - Finishing up... [02/20/2008, 12:37:54] - Nothing found! Exiting... ja HjT logi Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:05:27, on 20.2.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Logitech\G-series Software\LGDCore.exe C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\progra~1\steam\steam.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE C:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe C:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\F-Secure Internet Security\Common\FCH32.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\fsqh.exe C:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe C:\Program Files\F-Secure Internet Security\FSAUA\program\fsus.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\fsav32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\explorer.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {FFB23963-2807-45AF-BC73-DE608EB07F45} - C:\WINDOWS\system32\ssqpp.dll O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\Run: [Steam] "c:\progra~1\steam\steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe -- End of file - 5796 bytes ja vielä SDfix tulokset SDFix: Version 1.144 Run by Marko on ke 20.02.2008 at 13:26 Microsoft Windows XP [versio 5.1.2600] Running From: C:\SDFix Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Checking Files: No Trojan Files Found Removing Temp Files... ADS Check: Final Check: catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-20 13:32:27 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s0"=dword:234dd1c2 "s1"=dword:7c1fd574 "s2"=dword:545d88a7 scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x90\x2022\x20ac|\xff\xff\xff\xff"\x2022\x20ac|\xfe\xbb\xd3w\2] "b049C053C7D38EE4AB9A00CB3B5D2472"="C?\Program Files\Common Files\Microsoft Shared\Web Folders\PUBPLACE.HTT" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 1 Remaining Services: Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"="C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe:*:Enabled:Battlefield 2" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files: Files with Hidden Attributes: Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe" Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" Fri 5 Oct 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Tue 9 Oct 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Finished! näkyykö näissä mitään?
Escan Ohjeet tuolla sivulla. http://koti.mbnet.fi/pattaya1/escanmwav.htm lataa tuosta http://www.spywareinfo.dk/download/mwav.exe päivitä tuosta http://koti.mbnet.fi/pattaya1/lataus/Mwav.bat laita täpit merkkauksien mukaan http://koti.mbnet.fi/pattaya1/eScan6.jpg scannaa jos ala luukkuun tulee jotain niin kopioi se näin: Käytä komentoa Ctrl+A. Kopioi rivit komennolla Ctrl+C. Liitä rivit komennolla Ctrl+V. Laita virus log tänne.
