|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
Voisko joku kattoo hjtlogin, on vissii joku virus
|
|
|
ade_84
Suspended due to non-functional email address
|
27. elokuuta 2008 @ 02:10 |
Linkki tähän viestiin
|
Tossa työpöydän oikeessa alakulmassa on kokoajan tommone punanen rasti ja siin lukee et you have a security problem! ja sit se availee jotain ihme netti ikkunoita itekseen.
tässä hjt logi:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:06:25, on 26.8.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
D:\Ohjelmat\Comodo\Firewall\cfp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\Atte\AppData\Local\Temp\43B.tmp.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Atte\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Atte\AppData\Local\Temp\c.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Acer\Acer VCM\VC.exe
C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
C:\Program Files\Windows Defender\MSASCui.exe
D:\Ohjelmat\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
D:\Ohjelmat\Comodo\Firewall\cfpconfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\WinRar\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "D:\Ohjelmat\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] C:\PROGRA~1\ALWILS~1\Avast4\ASWREG~1.EXE "C:\Program Files\Alwil Software\Avast4\AhAScr.dll"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [mpt] c:\WINDOWS\system32\mpt.exe
O4 - HKCU\..\Run: [kek] c:\WINDOWS\system32\kek.exe
O4 - HKCU\..\Run: [Somefox] C:\Users\Atte\AppData\Local\Temp\43B.tmp.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Ohjelmat\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Lähetä kuva &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Lähetä sivu &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll C:\Windows\system32\cssdll32.dll
O20 - Winlogon Notify: !SASWinLogon - D:\Ohjelmat\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - D:\Ohjelmat\Comodo\Firewall\cmdagent.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
--
End of file - 11814 bytes
|
|
ade_84
Suspended due to non-functional email address
|
27. elokuuta 2008 @ 02:14 |
Linkki tähän viestiin
|
menee kyl täysin hermo ton rastin kans.
just on uus läppäri ja täs oli McAfee joku internet suojaus homma ni vaihoin sen pois ku oli niin sekavan tuntunen.
Otin vähän asiasta selvää niin se on Antivirus 2008 ohjelma joka yrittää saada kokoajan et sen latais.
Sain kyllä poistettuu kyseisen ongelman malwarebytesillä mut vois ton hjt login tarkistaa.
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 27. elokuuta 2008 @ 12:04
|
|
Hujo
Suspended permanently
|
27. elokuuta 2008 @ 12:27 |
Linkki tähän viestiin
|
Poista lisää poista sovelutuksesta
Ask Toolbar BHO
SUPERAntiSpyware
Poista tuo
C:\Program Files\COMODO\SafeSurf
Poista kansiot vikasiedossa
D:\Ohjelmat\SUPERAntiSpyware
C:\Program Files\COMODO\SafeSurf
C:\Program Files\AskSBar
=============
scannaa hjt:llä merkkaa paina Fix checked
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
=============
1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2
2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
============
Lataa Malwarebytes' Anti-Malware työpöydällesi.
1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi.
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 27. elokuuta 2008 @ 12:30
|
|
ade_84
Suspended due to non-functional email address
|
27. elokuuta 2008 @ 18:40 |
Linkki tähän viestiin
|
täs on combofix logi
ComboFix 08-08-26.03 - Atte 2008-08-27 18:30:28.1 - NTFSx86
Microsoft® Windows Vista? Home Premium 6.0.6001.1.1252.1.1035.18.1905 [GMT 3:00]
Running from: C:\Users\Atte\Downloads\ComboFix.exe
* Created a new restore point
* Resident AV is active
.
((((( Tiedostot, jotka on luotu seuraavalla aikav?lill?: 2008-07-27 to 2008-08-27 )))))))))))))))))
.
2008-08-27 09:14 . 2008-08-26 20:54 262,144 --a------ C:\Program Files\Uninstall Ask Toolbar.dll
2008-08-27 08:27 . 2008-08-27 08:27 <KANSIO> d-------- C:\Users\Atte\AppData\Roaming\Malwarebytes
2008-08-27 08:27 . 2008-08-27 08:27 <KANSIO> d-------- C:\Users\All Users\Malwarebytes
2008-08-27 08:27 . 2008-08-27 08:27 <KANSIO> d-------- C:\ProgramData\Malwarebytes
2008-08-27 08:27 . 2008-08-27 08:27 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-27 08:27 . 2008-08-17 15:01 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-08-27 08:27 . 2008-08-17 15:01 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
2008-08-27 07:58 . 2008-08-27 07:58 <KANSIO> d-------- C:\Windows\BDOSCAN8
2008-08-27 07:42 . 2008-08-27 07:42 <KANSIO> d-------- C:\Program Files\Sun
2008-08-27 07:42 . 2008-08-27 07:42 <KANSIO> d-------- C:\Program Files\Java
2008-08-27 07:41 . 2008-08-27 07:41 <KANSIO> d-------- C:\Program Files\Common Files\Java
2008-08-27 01:32 . 2008-08-27 01:32 <KANSIO> d-------- C:\Users\Atte\AppData\Roaming\Yahoo!
2008-08-27 01:32 . 2008-08-27 01:32 <KANSIO> d-------- C:\Users\All Users\Yahoo! Companion
2008-08-27 01:32 . 2008-08-27 01:32 <KANSIO> d-------- C:\ProgramData\Yahoo! Companion
2008-08-27 00:45 . 2008-08-27 18:32 <KANSIO> d-------- C:\Users\Atte\AppData\Roaming\F-Secure
2008-08-27 00:39 . 2008-08-27 00:39 <KANSIO> d-------- C:\Users\All Users\F-Secure
2008-08-27 00:39 . 2008-08-27 00:39 <KANSIO> d-------- C:\ProgramData\F-Secure
2008-08-27 00:39 . 2008-02-13 13:39 574,376 --a------ C:\Windows\System32\msvcp50.dll
2008-08-27 00:39 . 2008-08-27 00:46 60,064 --a------ C:\Windows\System32\drivers\fsdfw.sys
2008-08-27 00:39 . 2008-02-13 13:38 36,616 --a------ C:\Windows\System32\drivers\fses.sys
2008-08-27 00:38 . 2008-08-27 00:51 <KANSIO> d-------- C:\Program Files\Welho Tietoturvapalvelu
2008-08-27 00:36 . 2008-08-27 00:37 <KANSIO> d-------- C:\Users\All Users\fssg
2008-08-27 00:36 . 2008-08-27 00:37 <KANSIO> d-------- C:\ProgramData\fssg
2008-08-26 23:31 . 2008-08-27 01:54 81,984 --a------ C:\Windows\System32\bdod.bin
2008-08-26 23:26 . 2008-08-27 01:55 <KANSIO> d-------- C:\Users\All Users\BitDefender
2008-08-26 23:26 . 2008-08-27 01:55 <KANSIO> d-------- C:\ProgramData\BitDefender
2008-08-26 23:17 . 2008-08-27 01:55 <KANSIO> d-------- C:\Program Files\Common Files\Softwin
2008-08-26 23:05 . 2008-08-26 23:05 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-08-26 21:45 . 2008-08-26 21:45 <KANSIO> d-------- C:\Program Files\IObit
2008-08-26 20:54 . 2008-08-26 20:54 249,592 --a------ C:\Windows\System32\cssdll32.dll
2008-08-26 20:53 . 2008-08-27 01:05 <KANSIO> d-------- C:\Users\Atte\AppData\Roaming\Comodo
2008-08-26 19:53 . 2008-08-26 19:53 <KANSIO> d-------- C:\Program Files\Alwil Software
2008-08-26 19:46 . 2008-08-27 18:17 <KANSIO> d-------- C:\Users\Atte\AppData\Roaming\SUPERAntiSpyware.com
2008-08-26 19:46 . 2008-08-26 19:46 <KANSIO> d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-08-26 19:46 . 2008-08-26 19:46 <KANSIO> d-------- C:\ProgramData\SUPERAntiSpyware.com
2008-08-26 19:00 . 2008-08-26 19:00 <KANSIO> d-------- C:\Users\Atte\AppData\Roaming\TuneUp Software
2008-08-26 19:00 . 2008-08-26 19:00 <KANSIO> d-------- C:\Users\All Users\TuneUp Software
2008-08-26 19:00 . 2008-08-26 19:00 <KANSIO> d-------- C:\ProgramData\TuneUp Software
2008-08-26 19:00 . 2008-04-04 14:51 28,416 --a------ C:\Windows\System32\uxtuneup.dll
2008-08-26 19:00 . 2008-04-04 14:51 16,640 --a------ C:\Windows\System32\authuitu.dll
2008-08-26 18:58 . 2008-08-27 18:17 <KANSIO> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-26 15:19 . 2006-10-02 13:43 6,144 --a------ C:\Windows\System32\ff_acm.acm
2008-08-26 15:19 . 2006-10-02 13:44 5,120 --a------ C:\Windows\System32\ff_vfw.dll
2008-08-26 15:19 . 2006-08-05 12:06 547 --a------ C:\Windows\System32\ff_vfw.dll.manifest
2008-08-26 15:04 . 2008-08-26 15:15 <KANSIO> d-------- C:\Users\Atte\AppData\Roaming\BSplayer PRO
2008-08-26 15:04 . 2008-08-26 15:04 <KANSIO> d-------- C:\Program Files\Webteh
2008-08-26 14:50 . 2008-08-26 18:58 <KANSIO> d-------- C:\Users\Atte\AppData\Roaming\uTorrent
2008-08-26 13:54 . 2008-08-26 13:54 <KANSIO> d-------- C:\Users\Atte\AppData\Roaming\vlc
2008-08-25 22:24 . 2008-07-19 08:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-08-25 22:24 . 2008-07-19 06:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-08-25 22:24 . 2008-07-19 08:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-08-25 22:24 . 2008-07-19 08:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-08-25 22:23 . 2008-07-19 08:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-08-25 22:23 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-08-25 22:23 . 2008-07-19 06:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-08-25 22:23 . 2008-07-19 08:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-08-25 22:23 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-08-24 10:23 . 2008-08-24 10:23 <KANSIO> d-------- C:\Users\All Users\PlayMovie
2008-08-24 10:23 . 2008-08-24 10:23 <KANSIO> d-------- C:\ProgramData\PlayMovie
2008-08-24 10:22 . 2008-08-24 10:23 <KANSIO> d-------- C:\Users\Atte\AppData\Roaming\CyberLink
2008-08-23 09:43 . 2008-08-23 09:43 56 --a------ C:\Windows\Cleanup.cmd
2008-08-23 09:10 . 2008-08-26 18:24 <KANSIO> d-------- C:\Users\Atte\AppData\Roaming\foobar2000
2008-08-23 08:59 . 2008-08-23 08:59 <KANSIO> d-------- C:\Program Files\foobar2000
2008-08-22 22:52 . 2008-08-22 22:52 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Videos
2008-08-22 22:52 . 2008-08-22 22:52 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Searches
2008-08-22 22:52 . 2008-08-22 22:52 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Saved Games
2008-08-22 22:52 . 2008-08-22 22:52 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Pictures
2008-08-22 22:52 . 2008-08-22 22:52 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Music
2008-08-22 22:52 . 2008-08-22 22:52 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Links
2008-08-22 22:52 . 2008-08-22 22:52 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Downloads
2008-08-22 22:52 . 2008-08-22 22:52 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Documents
2008-08-22 22:52 . 2008-08-22 22:52 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Contacts
2008-08-22 22:52 . 2008-04-23 17:55 1,079,840 --a------ C:\Windows\System32\nvcpluir.dll
2008-08-22 22:52 . 2008-04-23 17:55 768,544 --a------ C:\Windows\System32\nvcplui.exe
2008-08-22 22:52 . 2008-04-23 17:55 442,368 --a------ C:\Windows\System32\nvuninst.exe
2008-08-22 22:52 . 2008-04-23 17:55 420,384 --a------ C:\Windows\System32\nvcpl.cpl
2008-08-22 22:52 . 2008-04-23 17:55 313,888 --a------ C:\Windows\System32\nvexpbar.dll
2008-08-22 19:32 . 2008-08-22 19:32 0 --a------ C:\Windows\nsreg.dat
2008-08-22 19:08 . 2008-07-16 04:32 2,048 --a------ C:\Windows\System32\tzres.dll
2008-08-22 19:03 . 2008-08-22 19:03 <KANSIO> d-------- C:\Program Files\MSXML 4.0
2008-08-22 18:56 . 2008-06-26 04:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-08-22 18:56 . 2008-06-26 04:45 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-08-22 18:56 . 2008-06-26 06:29 801,280 --a------ C:\Windows\System32\NaturalLanguage6.dll
2008-08-22 18:56 . 2008-06-19 06:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL
2008-08-22 18:55 . 2008-08-22 18:58 <KANSIO> d-------- C:\Program Files\Windows Live
2008-08-22 18:55 . 2008-08-22 18:58 <KANSIO> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-22 18:55 . 2008-02-29 10:11 988,216 --a------ C:\Windows\System32\winload.exe
2008-08-22 18:55 . 2008-02-29 10:11 927,288 --a------ C:\Windows\System32\winresume.exe
2008-08-22 18:55 . 2008-02-22 08:05 615,992 --a------ C:\Windows\System32\ci.dll
2008-08-22 18:55 . 2008-02-29 10:14 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-08-22 18:54 . 2008-08-22 18:54 <KANSIO> d-------- C:\Users\All Users\WLInstaller
2008-08-22 18:54 . 2008-08-22 18:54 <KANSIO> d-------- C:\ProgramData\WLInstaller
2008-08-22 18:52 . 2008-05-09 00:59 430,080 --a------ C:\Windows\System32\vbscript.dll
2008-08-22 18:52 . 2008-05-09 00:59 180,224 --a------ C:\Windows\System32\scrobj.dll
2008-08-22 18:52 . 2008-05-09 00:59 172,032 --a------ C:\Windows\System32\scrrun.dll
2008-08-22 18:52 . 2008-05-09 00:59 155,648 --a------ C:\Windows\System32\wscript.exe
2008-08-22 18:52 . 2008-05-09 00:58 135,168 --a------ C:\Windows\System32\wshom.ocx
2008-08-22 18:52 . 2008-05-09 00:58 135,168 --a------ C:\Windows\System32\cscript.exe
2008-08-22 18:52 . 2008-05-09 00:59 90,112 --a------ C:\Windows\System32\wshext.dll
2008-08-22 18:51 . 2008-04-10 08:12 738,304 --a------ C:\Windows\System32\inetcomm.dll
2008-08-22 18:51 . 2008-04-23 07:42 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-08-22 18:51 . 2008-04-23 07:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-08-22 18:51 . 2008-04-23 07:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-08-22 18:51 . 2008-05-10 04:33 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
2008-08-22 18:51 . 2008-04-23 07:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-08-22 18:40 . 2008-08-22 18:40 <KANSIO> d-------- C:\Windows\ACER
2008-08-22 18:40 . 2007-04-19 13:41 83,554,304 --a------ C:\Windows\System32\acer.scr
2008-08-22 18:40 . 2008-02-25 12:38 20,619,563 --a------ C:\Windows\System32\acer.exe
2008-08-22 18:35 . 2008-08-22 18:35 <KANSIO> d-------- C:\Users\Atte\AppData\Roaming\Acer
2008-08-22 18:34 . 2008-01-16 18:35 82,432 --a------ C:\Windows\System32\msxml4r.dll
2008-08-22 18:34 . 2008-01-16 18:35 44,544 --a------ C:\Windows\System32\msxml4a.dll
2008-08-22 18:32 . 2008-08-25 22:27 <KANSIO> d-------- C:\Users\All Users\CyberLink
2008-08-22 18:32 . 2008-08-25 22:27 <KANSIO> d-------- C:\ProgramData\CyberLink
2008-08-22 18:29 . 2008-08-22 18:34 <KANSIO> d-------- C:\Program Files\Acer Arcade Deluxe
2008-08-22 18:28 . 2008-08-22 18:28 <KANSIO> d-------- C:\CLSetup
2008-08-22 18:28 . 2008-08-22 18:28 20 --a------ C:\Medion.ini
2008-08-22 18:16 . 2008-08-22 18:16 <KANSIO> d-------- C:\Users\Atte\Bluetooth Software
2008-08-22 18:15 . 2008-08-27 18:34 0 --a------ C:\Windows\System32\LogConfigTemp.xml
2008-08-22 18:13 . 2008-08-22 18:13 <KANSIO> d-------- C:\Program Files\Launch Manager
2008-08-22 18:13 . 2008-08-22 18:40 <KANSIO> d-------- C:\Program Files\Acer Inc
2008-08-22 18:13 . 2008-08-22 18:13 92 --a------ C:\Windows\GridV.UNI
2008-08-22 18:13 . 2008-08-22 18:13 83 --a------ C:\Windows\LManager.UNI
2008-08-22 18:12 . 2008-08-22 18:12 <KANSIO> d-------- C:\Users\All Users\InstallShield
2008-08-22 18:12 . 2008-08-22 18:12 <KANSIO> d-------- C:\ProgramData\InstallShield
2008-08-22 18:12 . 2007-03-29 16:48 626,688 --a------ C:\Windows\Image.dll
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-26 18:17 --------- d-----w C:\ProgramData\McAfee
2008-08-26 17:51 --------- d-----w C:\ProgramData\SiteAdvisor
2008-08-26 10:54 --------- d-----w C:\Users\Atte\AppData\Roaming\vlc
2008-08-22 16:11 --------- d-----w C:\Program Files\Windows Mail
2008-08-22 16:09 --------- d-----w C:\ProgramData\Microsoft Help
2008-08-22 15:40 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-22 15:35 --------- d-----w C:\Program Files\Acer
2008-08-22 15:12 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-22 15:03 --------- d-----w C:\Program Files\Intel
2008-08-22 15:00 --------- d-sh--w C:\ProgramData\Työpöytä
2008-08-22 15:00 --------- d-sh--w C:\ProgramData\Tiedostot
2008-08-22 15:00 --------- d-sh--w C:\ProgramData\Suosikit
2008-08-22 15:00 --------- d-sh--w C:\ProgramData\Mallit
2008-08-22 15:00 --------- d-sh--w C:\ProgramData\Käynnistä-valikko
2008-08-22 15:00 --------- d-sh--w C:\Program Files\Common Files\Järjestelmä
2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-05-27 05:21 1,582,592 ----a-w C:\Windows\System32\tquery.dll
2008-05-27 05:21 1,418,240 ----a-w C:\Windows\System32\mssrch.dll
2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\SearchFilterHost.exe
2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\mssitlb.dll
2008-05-27 05:17 754,176 ----a-w C:\Windows\System32\propsys.dll
2008-05-27 05:17 60,416 ----a-w C:\Windows\System32\msscntrs.dll
2008-05-27 05:17 6,103,040 ----a-w C:\Windows\System32\chtbrkr.dll
2008-05-27 05:17 34,816 ----a-w C:\Windows\System32\msscb.dll
2008-05-27 05:17 32,768 ----a-w C:\Windows\System32\mssprxy.dll
2008-05-27 05:17 313,344 ----a-w C:\Windows\System32\thawbrkr.dll
2008-05-27 05:17 301,568 ----a-w C:\Windows\System32\srchadmin.dll
2008-05-27 05:17 194,560 ----a-w C:\Windows\System32\offfilt.dll
2008-05-27 05:17 143,872 ----a-w C:\Windows\System32\korwbrkr.dll
2008-05-27 05:17 11,776 ----a-w C:\Windows\System32\msshooks.dll
2008-05-27 05:17 1,671,680 ----a-w C:\Windows\System32\chsbrkr.dll
2008-05-27 04:59 18,904 ----a-w C:\Windows\System32\StructuredQuerySchemaTrivial.bin
2008-05-27 04:59 106,605 ----a-w C:\Windows\System32\StructuredQuerySchema.bin
2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
.
(((((((((((((((((((((((((((((( Rekisterin k?ynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhji? arvoja ja laillisia oletusarvoja ei n?ytet?
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 23:38 121392 --a------ C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 05:23 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 05:25 125952]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-04 12:26 1037608]
"ePower_DMC"="C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-03-11 19:30 397312]
"eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 23:38 526896]
"eAudio"="C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 03:36 544768]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 04:38 40048]
"BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-02-25 18:57 34040]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-04-23 17:55 13535776]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-04-23 17:55 92704]
"WarReg_PopUp"="C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 09:03 303104]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-10-03 14:44 178712]
"ZPdtWzdVitaKey MC3000"="C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" [2008-08-22 18:07 3659264]
"PLFSetI"="C:\Windows\PLFSetI.exe" [2007-10-23 10:56 200704]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2008-04-28 14:18 809480]
"ArcadeDeluxeAgent"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-03-05 15:55 147456]
"CLMLServer"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-03-05 15:55 167936]
"PlayMovie"="C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-03-04 21:21 167936]
"F-Secure Manager"="C:\Program Files\Welho Tietoturvapalvelu\Common\FSM32.EXE" [2008-02-13 13:38 184800]
"F-Secure TNB"="C:\Program Files\Welho Tietoturvapalvelu\FSGUI\TNBUtil.exe" [2008-02-13 13:38 741800]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"Malwarebytes Anti-Malware (reboot)"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [2008-08-17 15:01 1195640]
"RtHDVCpl"="RtHDVCpl.exe" [2008-03-11 12:53 5296128 C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [2007-11-20 13:15 1826816 C:\Windows\SkyTel.exe]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe [2008-08-22 18:35:06 1216512]
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-04-24 18:50:32 723760]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2008-08-22 18:07 3024896 C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.avis"= ff_acm.acm
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SUPERAntiSpyware"=D:\Ohjelmat\SUPERAntiSpyware\SUPERAntiSpyware.exe
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe"
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
"COMODO Firewall Pro"="D:\Ohjelmat\Comodo\Firewall\cfp.exe" -h
"COMODO SafeSurf"="C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{5696DEF7-4A92-43C3-A866-686026E113FD}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F7BD98D3-48DE-4938-BB30-CFE824D4CCB1}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{0B76C179-DF30-4A87-8F18-E650B6CD58EA}"= C:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{E885242C-59DD-49A1-A0F2-0D1E5CAC77AB}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{C6B7D6EC-764D-4750-A926-37FB44528D75}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{8A5DDD64-E254-47CD-933A-829EC1ECAEB5}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{85BC361B-9364-4457-8236-D2698BD20350}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{34B3D820-68A4-4353-A36E-53D4648A6157}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{CBA85712-0FC3-4EB3-A74A-0AE7C01B4E7C}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{10EA568E-864A-4521-8489-16FFA41343E3}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{4A1A220A-6C86-4D07-BB80-54433F171834}"= C:\Program Files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie
"{AB3D76D6-3E34-4338-8892-CBC0BEB5AD17}"= C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program
"{C0D2F650-1237-4D35-B814-4E00D52FE3A9}"= C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia
"{63781234-922E-4BF6-86E5-4C2741D1A691}"= C:\Program Files\Acer\Acer VCM\VC.exe:Acer VCM
"{87F7F42D-1D2E-404B-AF69-17F0E5EA7A8D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{67CCCB1A-CA68-4BAE-A1C4-4C011C0C0599}"= UDP:C:\Windows\System32\mpxa.exe:mpxa
"{DAE21590-C1B0-48AD-8944-9A6BA24EE58B}"= TCP:C:\Windows\System32\mpxa.exe:mpxa
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 AlfaFF;AlfaFF File System mini-filter;C:\Windows\system32\Drivers\AlfaFF.sys [2008-08-22 18:07]
R1 F-Secure HIPS;F-Secure HIPS;C:\Program Files\Welho Tietoturvapalvelu\HIPS\fshs.sys [2008-08-27 00:46]
R1 FSES;F-Secure Email Scanning Driver;C:\Windows\system32\drivers\fses.sys [2008-02-13 13:38]
R1 FSFW;F-Secure Firewall Driver;C:\Windows\system32\drivers\fsdfw.sys [2008-08-27 00:46]
R1 fsvista;F-Secure Vista Support Driver;C:\Program Files\Welho Tietoturvapalvelu\Anti-Virus\minifilter\fsvista.sys [2008-02-13 13:38]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-03-05 09:25]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-02-25 18:57]
R2 CLHNService;CLHNService;C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 18:35]
R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 13:22]
R2 IGBASVC;iGroupTec Service;C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2008-08-22 18:07]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-02-25 02:02]
R2 NTIPPKernel;NTIPPKernel;C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 18:35]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-02-25 18:53]
R2 RS_Service;Raw Socket Service;C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-10 17:03]
R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2008-01-21 05:23]
R2 vfsFPService;Validity Fingerprint Service;C:\Windows\system32\vfsFPService.exe [2008-04-22 11:02]
R3 AVerAF15;AVerMedia BDA Digital Tuner;C:\Windows\system32\Drivers\AVerAF15.sys [2008-03-14 09:51]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Welho Tietoturvapalvelu\Anti-Virus\minifilter\fsgk.sys [2008-02-13 13:38]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 17:12]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1E60x86.sys [2008-03-11 14:38]
R3 vfs101x;vfs101x;C:\Windows\system32\drivers\vfs101x.sys [2008-04-22 11:02]
S3 btwaudio;Bluetooth-äänilaite;C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 22:46]
S3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 09:20]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 09:20]
S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 05:23]
S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Welho Tietoturvapalvelu\Anti-Virus\Win2K\FSfilter.sys [2008-02-13 13:38]
S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Welho Tietoturvapalvelu\Anti-Virus\Win2K\FSrec.sys [2008-02-13 13:38]
S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 05:23]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
'Ajoitetut teht?v?t'-kansion sis?lt?
2008-08-27 C:\Windows\Tasks\1-Click Maintenance.job
- D:\Ohjelmat\tuneup utilities 2008\OneClickStarter.exe [2008-04-16 09:59]
2008-08-27 C:\Windows\Tasks\AutoSmartDefrag.job
- D:\Ohjelmat\IObit SmartDefrag\IObit SmartDefrag.exe [2008-08-14 21:14]
2008-08-27 C:\Windows\Tasks\Scheduled scanning task.job
- C:\PROGRA~1\WELHOT~1\ANTI-V~1\fsav.exe [2008-02-13 13:38]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Atte\AppData\Roaming\Mozilla\Firefox\Profiles\gnryy7h6.default\
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-27 18:34:20
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\nvvsvc.exe
C:\Windows\System32\audiodg.exe
C:\Windows\System32\agrsmsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Welho Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Welho Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Welho Tietoturvapalvelu\Anti-Virus\fsgk32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
C:\Program Files\Welho Tietoturvapalvelu\Common\FSMB32.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Welho Tietoturvapalvelu\Common\FCH32.EXE
C:\ACER\Mobility Center\MobilityService.exe
C:\Program Files\Welho Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Welho Tietoturvapalvelu\Anti-Virus\fsqh.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\Welho Tietoturvapalvelu\FSAUA\program\fsaua.exe
C:\Program Files\Welho Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Welho Tietoturvapalvelu\FWES\program\fsdfwd.exe
C:\Program Files\Welho Tietoturvapalvelu\FSAUA\program\fsus.exe
C:\Windows\System32\conime.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Welho Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\Users\Atte\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Welho Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Completion time: 2008-08-27 18:36:33 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-27 15:36:25
Pre-Run: 109,061,582,848 tavua vapaana
Post-Run: 108,659,736,576 tavua vapaana
354 --- E O F --- 2008-08-24 00:02:28
==================
ja malware
Malwarebytes' Anti-Malware 1.25
Tietokantaversio: 1088
Windows 6.0.6001 Service Pack 1
19:16:48 27.8.2008
mbam-log-08-27-2008 (19-16-48).txt
Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 111494
Kulunut aika: 27 minute(s), 41 second(s)
Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0
Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)
Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)
Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)
Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 27. elokuuta 2008 @ 19:20
|
|
Hujo
Suspended permanently
|
27. elokuuta 2008 @ 19:31 |
Linkki tähän viestiin
|
Lataa SmitfraudFix (c) S!Ri
Pura sisältö (kansio nimeltä SmitfraudFix) työpöydällesi:
Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita ponnahtava rapport ? muistion sisältö viestiketjuusi.
Löytyy myös C:\rapport.txt
Huomaa : process.exe filun tunnistaa jotkut Anti-virus ohjelmat
(AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja.
A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä,
silloin ne saattavat varoittaa käyttäjää.
Voiko tietsikka koskaan toimia?
|
|
ade_84
Suspended due to non-functional email address
|
27. elokuuta 2008 @ 22:08 |
Linkki tähän viestiin
|
Ei jostain syystä toimi mulla toi smitfraudfix.
ku laittaa siit alust sen 1 ni siin lukee jotain käyttö estetty
ja sit se ikkuna vaan hävii siit.
|
|
Hujo
Suspended permanently
|
27. elokuuta 2008 @ 22:26 |
Linkki tähän viestiin
|
|
valvojan oikeudet
Voiko tietsikka koskaan toimia?
|
|
ade_84
Suspended due to non-functional email address
|
27. elokuuta 2008 @ 22:31 |
Linkki tähän viestiin
|
|
mul on valvojan oikeudet, mut en sit tiiä.
|
|
Hujo
Suspended permanently
|
27. elokuuta 2008 @ 22:36 |
Linkki tähän viestiin
|
|
Onkos se punanen rasti hävinnyt
=========
scannaa uusi hjt:n loki
==========
mites kone toimii
Voiko tietsikka koskaan toimia?
|
|
ade_84
Suspended due to non-functional email address
|
27. elokuuta 2008 @ 23:34 |
Linkki tähän viestiin
|
On joo hävinny ja kone toimii hyvin, täs viel logi.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:06:25, on 26.8.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
D:\Ohjelmat\Comodo\Firewall\cfp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\Atte\AppData\Local\Temp\43B.tmp.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Atte\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Atte\AppData\Local\Temp\c.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Acer\Acer VCM\VC.exe
C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
C:\Program Files\Windows Defender\MSASCui.exe
D:\Ohjelmat\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
D:\Ohjelmat\Comodo\Firewall\cfpconfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\WinRar\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "D:\Ohjelmat\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] C:\PROGRA~1\ALWILS~1\Avast4\ASWREG~1.EXE "C:\Program Files\Alwil Software\Avast4\AhAScr.dll"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [mpt] c:\WINDOWS\system32\mpt.exe
O4 - HKCU\..\Run: [kek] c:\WINDOWS\system32\kek.exe
O4 - HKCU\..\Run: [Somefox] C:\Users\Atte\AppData\Local\Temp\43B.tmp.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Ohjelmat\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Lähetä kuva &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Lähetä sivu &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll C:\Windows\system32\cssdll32.dll
O20 - Winlogon Notify: !SASWinLogon - D:\Ohjelmat\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - D:\Ohjelmat\Comodo\Firewall\cmdagent.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
--
End of file - 11814 bytes
|
|
ade_84
Suspended due to non-functional email address
|
27. elokuuta 2008 @ 23:38 |
Linkki tähän viestiin
|
Ja Kiitos paljon avusta.
Mites noi avast ja comodo merkinnät tos logissa ku mul ei oo kumpaakaan enää koneella??
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 27. elokuuta 2008 @ 23:40
|
|
Hujo
Suspended permanently
|
27. elokuuta 2008 @ 23:57 |
Linkki tähän viestiin
|
Voiko tietsikka koskaan toimia?
|
|
ade_84
Suspended due to non-functional email address
|
28. elokuuta 2008 @ 00:02 |
Linkki tähän viestiin
|
|
Mul on welhon tietoturvan kautta f-secure
|
|
Hujo
Suspended permanently
|
28. elokuuta 2008 @ 00:08 |
Linkki tähän viestiin
|
|
sitten poistat lisää poista sovelutuksesta avastin ja Comodo
Poistat kansiot vikasiedossa
C:\Program Files\Alwil Software
D:\Ohjelmat\Comodo
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 28. elokuuta 2008 @ 00:09
|
|
Mainos
|
|
|
|
ade_84
Suspended due to non-functional email address
|
28. elokuuta 2008 @ 00:11 |
Linkki tähän viestiin
|
|
okei näin teen, kiitti.
|
|
