Kone sekasi...hijack logi

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by Tupmo, Aug 13, 2008.

  1. Tupmo

    Tupmo Member

    Joined:
    Oct 14, 2006
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    16
    Juu eiköhän tuoll joku mätä. mutta mikä? =)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:54:15, on 13.8.2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
    C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
    C:\Windows\PLFSetI.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
    C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
    C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
    C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\System32\rundll32.exe
    C:\Users\Tupmo\AppData\Local\Temp\RtkBtMnt.exe
    C:\Program Files\Acer\Acer VCM\AcerVCM.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
    C:\Program Files\Acer\Acer VCM\acp2HID.exe
    C:\Program Files\Acer\Acer VCM\VC.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.intl.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
    O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
    O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
    O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
    O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Tupmo\AppData\Local\Temp\urqQkigd.dll,c
    O4 - HKCU\..\Run: [BMd91de23f] Rundll32.exe "C:\Users\Tupmo\AppData\Local\Temp\lrpeuscf.dll",s
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
    O4 - Global Startup: Acer VCM.lnk = ?
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
    O8 - Extra context menu item: Lähetä kuva &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Lähetä sivu &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
    O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
    O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
    O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
    O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O13 - Gopher Prefix:
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
    O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
    O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
    O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
    O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
    O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

    --
    End of file - 11804 bytes
     
    Tupmo, Aug 13, 2008
    #1
  2. yaht

    yaht Regular member

    Joined:
    Dec 6, 2005
    Messages:
    2,261
    Likes Received:
    0
    Trophy Points:
    46

    Lataa Malwarebytes' Anti-Malware työpöydällesi.

    * Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
    * Lopuksi varmistu, että seuraavat on valittu: Päivitä Malwarebytes' Anti-Malware ja Käynnistä Malwarebytes' Anti-Malware ja sen jälkeen klikkaa Lopeta.
    * Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
    * Kun ohjelma on latautunut, valitse Suorita täysi tarkistus ja klikkaa Tarkista.
    * Kun skanni on valmis, klikkaa OK ja sitten Näytä tulokset nähdäksesi tulokset.
    * Varmistu, että kaikki on merkitty ja klikkaa Poista valitut.
    * Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös
    täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
    * Lähetä lokin sisältö seuraavassa viestissäsi + uusi hjt-loki.

    1. Lataa Combofix.exe työpöydällesi jommastakummasta linkistä:
    Combofix.exe
    Combofix.exe

    Avaa Combofix.exe ja seuraa näyttöön tulevia ohjeita

    Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
    Käynnistä kone uudelleen, jos niin pyydetään ja lähetä combofix.txt-tiedoston sisältö tänne.

    Tyhjennä roskakori ja käynnistä koneesi uudelleen.

    Postita tänne seuraavat lokit:
    * Tuore HijackThis loki (Otetaan viimeisenä ennen postitusta)
    * (C:\ComboFix.txt) raportti
    *
     
    yaht, Aug 13, 2008
    #2
  3. Tupmo

    Tupmo Member

    Joined:
    Oct 14, 2006
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    16
    Tässähän nämä:

    ComboFix 08-08-13.05 - Tupmo 2008-08-14 18:32:39.1 - NTFSx86
    Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1035.18.1868 [GMT 3:00]
    Running from: C:\Users\Tupmo\Desktop\ComboFix.exe
    * Created a new restore point
    .

    (((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Windows\system32\drivers\npf.sys
    C:\Windows\system32\packet.dll
    C:\Windows\system32\wpcap.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_NPF


    ((((( Tiedostot, jotka on luotu seuraavalla aikav„lill„: 2008-07-14 to 2008-08-14 )))))))))))))))))
    .

    2008-08-13 22:25 . 2008-08-13 22:25 <KANSIO> d-------- C:\Users\Tupmo\AppData\Roaming\Malwarebytes
    2008-08-13 22:25 . 2008-08-13 22:25 <KANSIO> d-------- C:\Users\All Users\Malwarebytes
    2008-08-13 22:25 . 2008-08-13 22:25 <KANSIO> d-------- C:\ProgramData\Malwarebytes
    2008-08-13 22:25 . 2008-08-13 22:25 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-08-13 22:25 . 2008-07-30 20:07 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
    2008-08-13 22:25 . 2008-07-30 20:07 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
    2008-08-13 17:53 . 2008-08-13 17:53 <KANSIO> d-------- C:\Program Files\Trend Micro
    2008-08-09 20:15 . 2008-08-09 20:15 <KANSIO> d-------- C:\vghd
    2008-08-09 19:54 . 2008-08-09 20:13 <KANSIO> d-------- C:\Program Files\PowerISO
    2008-08-07 20:55 . 2008-08-14 18:42 <KANSIO> d-------- C:\Users\All Users\Kaspersky Lab
    2008-08-07 20:55 . 2008-08-14 18:42 <KANSIO> d-------- C:\ProgramData\Kaspersky Lab
    2008-08-07 20:55 . 2008-08-07 20:55 <KANSIO> d-------- C:\Program Files\Kaspersky Lab
    2008-08-07 20:55 . 2008-08-14 18:38 2,483,744 --ahs---- C:\Windows\System32\drivers\fidbox.dat
    2008-08-07 20:55 . 2008-08-14 18:38 344,096 --ahs---- C:\Windows\System32\drivers\fidbox2.dat
    2008-08-07 20:55 . 2008-08-07 20:59 96,976 --a------ C:\Windows\System32\drivers\klin.dat
    2008-08-07 20:55 . 2008-08-07 20:59 87,855 --a------ C:\Windows\System32\drivers\klick.dat
    2008-08-07 20:55 . 2008-08-14 18:38 21,532 --ahs---- C:\Windows\System32\drivers\fidbox.idx
    2008-08-07 20:55 . 2008-08-14 18:38 3,304 --ahs---- C:\Windows\System32\drivers\fidbox2.idx
    2008-08-07 20:41 . 2008-08-07 20:41 <KANSIO> d-------- C:\Users\All Users\Kaspersky Lab Setup Files
    2008-08-07 20:41 . 2008-08-07 20:41 <KANSIO> d-------- C:\ProgramData\Kaspersky Lab Setup Files
    2008-08-07 20:34 . 2008-08-09 19:27 <KANSIO> d-------- C:\Users\Tupmo\AppData\Roaming\vghd
    2008-08-07 20:34 . 2008-08-07 20:34 152,920 --a------ C:\Windows\System32\vghd.scr
    2008-08-07 20:33 . 2008-08-07 20:52 <KANSIO> d-a------ C:\Users\All Users\TEMP
    2008-08-07 20:33 . 2008-08-07 20:52 <KANSIO> d-a------ C:\ProgramData\TEMP
    2008-08-07 18:34 . 2008-08-07 18:34 <KANSIO> d-------- C:\Windows\WinRAR
    2008-08-05 17:18 . 2008-08-05 17:18 <KANSIO> d-------- C:\EGIS_Drive
    2008-07-28 18:01 . 2005-05-26 15:34 2,297,552 --a------ C:\Windows\System32\d3dx9_26.dll
    2008-07-28 18:01 . 2008-07-28 18:01 319 --a------ C:\Windows\game.ini
    2008-07-28 17:28 . 2008-07-28 17:28 <KANSIO> d-------- C:\Program Files\Activision
    2008-07-25 15:18 . 2008-08-07 22:11 <KANSIO> d-------- C:\Program Files\Java
    2008-07-25 15:18 . 2008-07-25 15:18 <KANSIO> d-------- C:\Program Files\Common Files\Java
    2008-07-24 20:50 . 2008-07-24 20:50 <KANSIO> d-------- C:\Users\All Users\Apple Computer
    2008-07-24 20:50 . 2008-07-24 20:50 <KANSIO> d-------- C:\ProgramData\Apple Computer
    2008-07-24 20:49 . 2008-07-24 20:49 <KANSIO> d-------- C:\Users\All Users\Apple
    2008-07-24 20:49 . 2008-07-24 20:49 <KANSIO> d-------- C:\ProgramData\Apple
    2008-07-24 20:49 . 2008-07-24 20:49 <KANSIO> d-------- C:\Program Files\Apple Software Update
    2008-07-24 20:42 . 2008-07-24 20:50 <KANSIO> d-------- C:\Program Files\QuickTime
    2008-07-24 07:26 . 2008-08-13 21:39 <KANSIO> d-------- C:\Users\Tupmo\AppData\Roaming\uTorrent
    2008-07-24 07:26 . 2008-07-24 07:26 <KANSIO> d-------- C:\Program Files\uTorrent
    2008-07-23 22:43 . 2008-07-23 22:43 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Videos
    2008-07-23 22:43 . 2008-07-23 22:43 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Searches
    2008-07-23 22:43 . 2008-07-23 22:43 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Saved Games
    2008-07-23 22:43 . 2008-07-23 22:43 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Pictures
    2008-07-23 22:43 . 2008-07-23 22:43 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Music
    2008-07-23 22:43 . 2008-07-23 22:43 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Links
    2008-07-23 22:43 . 2008-07-23 22:43 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Downloads
    2008-07-23 22:43 . 2008-07-23 22:43 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Documents
    2008-07-23 22:43 . 2008-07-23 22:43 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Contacts
    2008-07-23 22:43 . 2008-04-23 17:55 1,079,840 --a------ C:\Windows\System32\nvcpluir.dll
    2008-07-23 22:43 . 2008-04-23 17:55 768,544 --a------ C:\Windows\System32\nvcplui.exe
    2008-07-23 22:43 . 2008-04-23 17:55 442,368 --a------ C:\Windows\System32\nvuninst.exe
    2008-07-23 22:43 . 2008-04-23 17:55 420,384 --a------ C:\Windows\System32\nvcpl.cpl
    2008-07-23 22:43 . 2008-04-23 17:55 313,888 --a------ C:\Windows\System32\nvexpbar.dll
    2008-07-23 22:01 . 2008-07-23 22:01 <KANSIO> d-------- C:\Users\Tupmo\AppData\Roaming\.BitTornado
    2008-07-23 22:00 . 2008-07-23 22:00 <KANSIO> d-------- C:\Program Files\BitTornado
    2008-07-23 21:45 . 2008-07-23 21:45 <KANSIO> d-------- C:\Program Files\MSXML 4.0
    2008-07-23 20:02 . 2008-07-23 20:02 <KANSIO> d-------- C:\Users\Tupmo\AppData\Roaming\vlc
    2008-07-23 20:01 . 2008-07-23 20:01 <KANSIO> d-------- C:\Program Files\ffdshow
    2008-07-23 20:01 . 2008-06-08 23:58 60,273 --a------ C:\Windows\System32\pthreadGC2.dll
    2008-07-23 20:01 . 2008-06-12 20:36 7,680 --a------ C:\Windows\System32\ff_vfw.dll
    2008-07-23 20:01 . 2007-07-10 18:10 547 --a------ C:\Windows\System32\ff_vfw.dll.manifest
    2008-07-23 19:56 . 2008-07-23 20:03 <KANSIO> d-------- C:\player
    2008-07-23 19:55 . 2008-07-23 19:55 <KANSIO> d-------- C:\Users\Tupmo\AppData\Roaming\Media Player Classic
    2008-07-23 19:47 . 2008-07-23 19:47 <KANSIO> d-------- C:\Program Files\VideoLAN
    2008-07-23 19:10 . 2008-07-23 19:17 <KANSIO> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
    2008-07-23 19:09 . 2008-07-23 19:18 <KANSIO> d-------- C:\Program Files\Windows Live
    2008-07-23 18:53 . 2008-07-23 18:53 <KANSIO> d-------- C:\Users\Tupmo\AppData\Roaming\CyberLink
    2008-07-23 18:53 . 2008-07-23 18:53 <KANSIO> d-------- C:\Users\All Users\PlayMovie
    2008-07-23 18:53 . 2008-07-23 18:53 <KANSIO> d-------- C:\ProgramData\PlayMovie
    2008-07-23 18:45 . 2008-07-23 18:45 <KANSIO> d-------- C:\Windows\ACER
    2008-07-23 18:45 . 2007-04-19 13:41 83,554,304 --a------ C:\Windows\System32\acer.scr
    2008-07-23 18:45 . 2008-02-25 12:38 20,619,563 --a------ C:\Windows\System32\acer.exe
    2008-07-23 18:44 . 2008-07-23 18:44 <KANSIO> d-------- C:\Convesoft
    2008-07-23 18:43 . 2008-07-23 18:43 <KANSIO> d-------- C:\Users\Administrator\AppData
    2008-07-23 18:34 . 2008-02-29 10:11 988,216 --a------ C:\Windows\System32\winload.exe
    2008-07-23 18:34 . 2008-02-29 10:11 927,288 --a------ C:\Windows\System32\winresume.exe
    2008-07-23 18:34 . 2008-02-22 08:05 615,992 --a------ C:\Windows\System32\ci.dll
    2008-07-23 18:34 . 2008-02-29 09:53 378,368 --a------ C:\Windows\System32\srcore.dll
    2008-07-23 18:34 . 2008-02-29 07:12 318,464 --a------ C:\Windows\System32\rstrui.exe
    2008-07-23 18:34 . 2008-02-29 09:53 46,592 --a------ C:\Windows\System32\setbcdlocale.dll
    2008-07-23 18:34 . 2008-02-29 09:53 40,960 --a------ C:\Windows\System32\srclient.dll
    2008-07-23 18:34 . 2008-02-29 10:14 19,000 --a------ C:\Windows\System32\kd1394.dll
    2008-07-23 18:34 . 2008-02-29 07:12 14,848 --a------ C:\Windows\System32\srdelayed.exe
    2008-07-23 18:34 . 2008-02-29 09:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
    2008-07-23 18:32 . 2008-04-25 05:12 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
    2008-07-23 18:32 . 2008-04-25 07:35 826,880 --a------ C:\Windows\System32\wininet.dll
    2008-07-23 18:32 . 2008-02-22 07:57 295,936 --a------ C:\Windows\System32\gdi32.dll
    2008-07-23 18:30 . 2008-07-23 18:30 <KANSIO> d-------- C:\Users\Tupmo\Option
    2008-07-23 18:30 . 2008-05-10 04:33 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
    2008-07-23 18:29 . 2008-01-30 12:52 14,848 --a------ C:\Windows\System32\drivers\NTIDrvr.sys
    2008-07-23 18:29 . 2008-01-30 12:51 13,824 --a------ C:\Windows\System32\drivers\UBHelper.sys
    2008-07-23 18:28 . 2008-04-26 11:08 1,314,816 --a------ C:\Windows\System32\quartz.dll
    2008-07-23 18:28 . 2008-05-09 00:59 430,080 --a------ C:\Windows\System32\vbscript.dll
    2008-07-23 18:28 . 2008-05-09 00:59 180,224 --a------ C:\Windows\System32\scrobj.dll
    2008-07-23 18:28 . 2008-05-09 00:59 172,032 --a------ C:\Windows\System32\scrrun.dll
    2008-07-23 18:28 . 2008-05-09 00:59 155,648 --a------ C:\Windows\System32\wscript.exe
    2008-07-23 18:28 . 2008-05-09 00:58 135,168 --a------ C:\Windows\System32\wshom.ocx
    2008-07-23 18:28 . 2008-05-09 00:58 135,168 --a------ C:\Windows\System32\cscript.exe
    2008-07-23 18:28 . 2008-05-09 00:59 90,112 --a------ C:\Windows\System32\wshext.dll
    2008-07-23 18:27 . 2008-07-23 19:09 <KANSIO> d-------- C:\Users\All Users\WLInstaller
    2008-07-23 18:27 . 2008-07-23 19:09 <KANSIO> d-------- C:\ProgramData\WLInstaller
    2008-07-23 18:17 . 2008-07-24 16:20 <KANSIO> d-------- C:\Users\Tupmo\AppData\Roaming\Acer
    2008-07-23 18:16 . 2008-01-16 18:35 82,432 --a------ C:\Windows\System32\msxml4r.dll
    2008-07-23 18:16 . 2008-01-16 18:35 44,544 --a------ C:\Windows\System32\msxml4a.dll
    2008-07-23 18:14 . 2008-07-23 20:12 <KANSIO> d-------- C:\Users\All Users\CyberLink
    2008-07-23 18:14 . 2008-07-23 20:12 <KANSIO> d-------- C:\ProgramData\CyberLink
    2008-07-23 18:12 . 2008-07-23 18:17 <KANSIO> d-------- C:\Program Files\Acer Arcade Deluxe
    2008-07-23 18:11 . 2008-07-23 18:11 <KANSIO> d-------- C:\CLSetup
    2008-07-23 18:11 . 2008-07-23 18:11 20 --a------ C:\Medion.ini
    2008-07-23 18:04 . 2008-08-14 18:38 0 --a------ C:\Windows\System32\LogConfigTemp.xml
    2008-07-23 18:03 . 2008-07-23 18:45 <KANSIO> d-------- C:\Program Files\Acer Inc
    2008-07-23 18:03 . 2008-07-23 18:03 92 --a------ C:\Windows\GridV.UNI
    2008-07-23 18:02 . 2008-07-23 18:02 <KANSIO> d-------- C:\Users\All Users\InstallShield
    2008-07-23 18:02 . 2008-07-23 18:02 <KANSIO> d-------- C:\ProgramData\InstallShield
    2008-07-23 18:02 . 2008-07-23 18:02 <KANSIO> d-------- C:\Program Files\Launch Manager
    2008-07-23 18:02 . 2007-03-29 16:48 626,688 --a------ C:\Windows\Image.dll
    2008-07-23 18:02 . 2008-02-22 09:33 491,520 --a------ C:\Windows\Acer Crystal Eye webcam.EXE
    2008-07-23 18:02 . 2007-04-20 06:30 222,382 --a------ C:\Windows\Acer Crystal Eye webcam.ico
    2008-07-23 18:02 . 2007-10-23 10:56 200,704 --a------ C:\Windows\PLFSetI.exe
    2008-07-23 18:02 . 2006-05-16 11:58 73,728 --a------ C:\Windows\System32\ISUSPM.cpl
    2008-07-23 18:02 . 2008-02-22 18:05 4,822 --a------ C:\Windows\Suyin.reg
    2008-07-23 18:02 . 2008-07-23 18:02 83 --a------ C:\Windows\LManager.UNI
    2008-07-23 18:02 . 2007-10-29 13:35 36 --a------ C:\Windows\PidList.ini
    2008-07-23 18:00 . 2008-07-23 18:00 <KANSIO> d-------- C:\Windows\System32\es-MX
    2008-07-23 18:00 . 2008-07-23 18:00 <KANSIO> d-------- C:\Windows\System32\es-AR

    .
    (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-08-07 17:50 --------- d-----w C:\ProgramData\McAfee
    2008-08-07 17:47 --------- d-----w C:\ProgramData\SiteAdvisor
    2008-07-28 15:01 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-07-23 18:45 --------- d-----w C:\ProgramData\Microsoft Help
    2008-07-23 16:47 --------- d-----w C:\Program Files\VideoLAN
    2008-07-23 15:43 --------- d-----w C:\Program Files\Cyberlink
    2008-07-23 15:17 --------- d-----w C:\Program Files\Acer
    2008-07-23 15:02 --------- d-----w C:\Program Files\Common Files\InstallShield
    2008-07-23 14:56 --------- d-----w C:\Program Files\Intel
    2008-07-23 14:51 --------- d-sh--w C:\ProgramData\Työpöytä
    2008-07-23 14:51 --------- d-sh--w C:\ProgramData\Tiedostot
    2008-07-23 14:51 --------- d-sh--w C:\ProgramData\Suosikit
    2008-07-23 14:51 --------- d-sh--w C:\ProgramData\Mallit
    2008-07-23 14:51 --------- d-sh--w C:\ProgramData\Käynnistä-valikko
    2008-07-23 14:51 --------- d-sh--w C:\Program Files\Common Files\Järjestelmä
    2008-07-07 07:40 56,108 ----a-w C:\Windows\system32\drivers\scdemu.sys
    2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll
    2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll
    2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll
    2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
    .

    (((((((((((((((((((((((((((((( Rekisterin k„ynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Huom* Tyhji„ arvoja ja laillisia oletusarvoja ei n„ytet„

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2008-03-04 23:38 121392 --a------ C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 05:23 1233920]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 05:25 125952]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 05:25 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-04 12:26 1037608]
    "eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 23:38 526896]
    "eAudio"="C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 03:36 544768]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 04:38 40048]
    "BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 21:36 28672]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-04-23 17:55 13535776]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-04-23 17:55 92704]
    "WarReg_PopUp"="C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 09:03 303104]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-10-03 14:44 178712]
    "ZPdtWzdVitaKey MC3000"="C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" [2008-07-23 17:58 3673600]
    "PLFSetI"="C:\Windows\PLFSetI.exe" [2007-10-23 10:56 200704]
    "LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2008-04-28 14:18 809480]
    "ArcadeDeluxeAgent"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-04-25 19:44 147456]
    "CLMLServer"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-04-25 19:44 167936]
    "PlayMovie"="C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 17:28 167936]
    "ePower_DMC"="C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-05-09 14:07 397312]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-07-24 20:42 413696]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
    "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-07-07 10:34 167936]
    "Malwarebytes Anti-Malware (reboot)"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [2008-07-30 20:07 1187448]
    "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 18:21 201992]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-03-11 12:53 5296128 C:\Windows\RtHDVCpl.exe]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe [2008-07-23 18:17:42 1216512]
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-04-24 18:50:32 723760]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
    2008-07-23 17:58 3130368 C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{50E72D95-345D-40FC-BD34-9FEA76258837}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{5E8251DB-4085-41F8-AC85-F56EACC50182}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{2FAFE5A6-49C9-4B27-B4EF-FF907F89FBB2}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
    "{8A346530-1E28-40B6-9375-8D641075583C}"= C:\Program Files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie
    "{347344B2-BE0B-4ECF-9238-A0CF0F651D7F}"= C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program
    "{B7623816-BF67-4E9C-940F-963744443466}"= C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia
    "{1CC3D4B9-0440-414B-B07C-F22EE30B563F}"= C:\Program Files\Acer\Acer VCM\VC.exe:Acer VCM
    "{65718459-7596-46C6-A711-83760871EC3B}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
    "{401048E6-6FFD-4E19-B19C-F4C07731C60C}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
    "{27663051-B5F4-43E7-9DFD-FB7EBB074089}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
    "{FCB99525-04BD-4CDC-A7B2-892281496F7A}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
    "{A6C38F28-735A-4141-9801-0981850AEFBF}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
    "{965ECB18-8867-4187-983E-07F5ABA76968}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
    "{097BE34E-C176-4517-8B92-7FAEBC42934D}"= C:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
    "{71B28A58-0E6F-4FB5-9E15-2D0822E7D01A}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{9BB790D4-3770-4E9A-B074-38E460E7CC9D}"= UDP:32465:utorrent
    "TCP Query User{1D4B22CD-E03C-449E-B926-AC9D8BADDF57}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
    "UDP Query User{CE490C18-2DF3-4D3B-B8AA-A94F03203725}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
    "{05C20538-0FD9-4B47-BEEE-572E575559F0}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "{FFDAB629-42DD-4FB8-8A63-552E3BAEF711}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "TCP Query User{1293FD61-3683-463A-AFD4-ACC7877FD0BD}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
    "UDP Query User{35A0A37B-B34F-4380-A9CD-7F16FE94E289}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu
    "C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption
    "C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption
    "C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
    "C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr
    "C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu
    "C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
    "C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
    "C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
    "C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr

    R0 AlfaFF;AlfaFF File System mini-filter;C:\Windows\system32\Drivers\AlfaFF.sys [2008-07-23 17:58]
    R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [2008-01-29 18:29]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2008-03-26 13:10]
    R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-05-02 17:27]
    R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 13:11]
    R2 CLHNService;CLHNService;C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 18:35]
    R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 13:22]
    R2 IGBASVC;iGroupTec Service;C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2008-07-23 17:58]
    R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 21:36]
    R2 NTIPPKernel;NTIPPKernel;C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 18:35]
    R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 21:36]
    R2 RS_Service;Raw Socket Service;C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-10 17:03]
    R2 vfsFPService;Validity Fingerprint Service;C:\Windows\system32\vfsFPService.exe [2008-04-27 22:26]
    R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 17:12]
    R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\Windows\system32\DRIVERS\klfltdev.sys [2008-03-13 19:02]
    R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1E60x86.sys [2008-03-11 14:38]
    R3 vfs101x;vfs101x;C:\Windows\system32\drivers\vfs101x.sys [2008-04-27 22:27]
    S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 05:23]
    S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 05:23]
    .
    - - - - ORPHANS REMOVED - - - -

    HKLM-Run-eRecoveryService - (no file)


    .
    ------- Supplementary Scan -------
    .
    R0 -: HKCU-Main,Start Page = hxxp://www.google.fi/
    R0 -: HKLM-Main,Start Page = hxxp://fi.intl.acer.yahoo.com
    O8 -: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
    O8 -: Lähetä kuva &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 -: Lähetä sivu &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm


    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-14 18:41:44
    Windows 6.0.6001 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Windows\System32\nvvsvc.exe
    C:\Windows\System32\audiodg.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
    C:\Windows\System32\agrsmsvc.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\ACER\Mobility Center\MobilityService.exe
    C:\Program Files\Cyberlink\Shared files\RichVideo.exe
    C:\Windows\System32\wbem\unsecapp.exe
    C:\Windows\System32\conime.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Users\Tupmo\AppData\Local\Temp\RtkBtMnt.exe
    C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\wbem\unsecapp.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Acer\Acer VCM\acp2HID.exe
    C:\Windows\System32\wbem\WMIADAP.exe
    .
    **************************************************************************
    .
    Completion time: 2008-08-14 18:44:26 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-08-14 15:44:15

    Pre-Run: 95,073,673,216 tavua vapaana
    Post-Run: 94,447,915,008 tavua vapaana

    328 --- E O F --- 2008-07-24 14:34:53



    Malwarebytes' Anti-Malware 1.24
    Tietokantaversio: 1049
    Windows 6.0.6001 Service Pack 1

    17:22:32 14.8.2008
    mbam-log-8-14-2008 (17-22-32).txt

    Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
    Tarkistetut kohteet: 110595
    Kulunut aika: 25 minute(s), 37 second(s)

    Saastuneita muistiprosesseja: 0
    Saastuneita muistimoduuleja: 1
    Saastuneita rekisteriavaimia: 3
    Saastuneita rekisteriarvoja: 2
    Saastuneita rekisterikohteita: 0
    Saastuneita hakemistoja: 0
    Saastuneita tiedostoja: 26

    Saastuneita muistiprosesseja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita muistimoduuleja:
    C:\Users\Tupmo\AppData\Local\Temp\urqqkigd.dll (Trojan.Vundo) -> Delete on reboot.

    Saastuneita rekisteriavaimia:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.

    Saastuneita rekisteriarvoja:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmd91de23f (Trojan.Agent) -> Quarantined and deleted successfully.

    Saastuneita rekisterikohteita:
    (Haitallisia kohteita ei löydetty)

    Saastuneita hakemistoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita tiedostoja:
    C:\Users\Tupmo\AppData\Local\Temp\urqqkigd.dll (Trojan.Vundo) -> Delete on reboot.
    C:\Users\Tupmo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\58EOT4RU\8579[1].dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\58EOT4RU\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\58EOT4RU\kb456456[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BIZA8C2A\ico[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BIZA8C2A\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BIZA8C2A\kb767887[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W12HU76I\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W12HU76I\kb65666[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W12HU76I\kb671231[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W12HU76I\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W12HU76I\kb767887[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X100H6CK\kb65666[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\aarlhpeq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\flutoaob.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\folvywet.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\gxehlmhf.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\hvewjcyo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\tdvklasa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\vagnklcl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\ycscgojt.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\qrgjojet.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\smmhncmh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\cygvucat.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\dsnwaxnd.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Tupmo\AppData\Local\Temp\nxhxwrbt.dll (Trojan.Agent) -> Delete on reboot.



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:54:15, on 13.8.2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
    C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
    C:\Windows\PLFSetI.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
    C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
    C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
    C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\System32\rundll32.exe
    C:\Users\Tupmo\AppData\Local\Temp\RtkBtMnt.exe
    C:\Program Files\Acer\Acer VCM\AcerVCM.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
    C:\Program Files\Acer\Acer VCM\acp2HID.exe
    C:\Program Files\Acer\Acer VCM\VC.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.intl.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
    O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
    O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
    O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
    O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Tupmo\AppData\Local\Temp\urqQkigd.dll,c
    O4 - HKCU\..\Run: [BMd91de23f] Rundll32.exe "C:\Users\Tupmo\AppData\Local\Temp\lrpeuscf.dll",s
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
    O4 - Global Startup: Acer VCM.lnk = ?
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
    O8 - Extra context menu item: Lähetä kuva &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Lähetä sivu &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
    O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
    O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
    O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
    O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O13 - Gopher Prefix:
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
    O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
    O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
    O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
    O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
    O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

    --
    End of file - 11804 bytes
     
    Tupmo, Aug 14, 2008
    #3
  4. Tupmo

    Tupmo Member

    Joined:
    Oct 14, 2006
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    16
    vieläkö siellä näkyy jotain?
     
    Tupmo, Aug 15, 2008
    #4
  5. Hujo

    Hujo Guest

    hjt:n lokit on sama ei ole tuo alempi uusin.
     
    Hujo, Aug 19, 2008
    #5
  6. Tupmo

    Tupmo Member

    Joined:
    Oct 14, 2006
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    16
    jaah =)...no tuossa:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:04:40, on 20.8.2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
    C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
    C:\Windows\PLFSetI.exe
    C:\Users\Tupmo\AppData\Local\Temp\RtkBtMnt.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
    C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
    C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
    C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Acer\Acer VCM\AcerVCM.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Acer\Acer VCM\acp2HID.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Acer\Acer VCM\VC.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
    O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
    O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
    O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
    O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
    O4 - Global Startup: Acer VCM.lnk = ?
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
    O8 - Extra context menu item: Lähetä kuva &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Lähetä sivu &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
    O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
    O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O13 - Gopher Prefix:
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,
    O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
    O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
    O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
    O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
    O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
    O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

    --
    End of file - 10953 bytes
     
    Tupmo, Aug 20, 2008
    #6
  7. Hujo

    Hujo Guest

    scannaa hjt:llä merkkaa paina Fix checked

    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
     
    Hujo, Aug 20, 2008
    #7

Share This Page