Koneellani on jotai vierasta...

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by PETE11, Apr 1, 2010.

Thread Status:
Not open for further replies.
  1. PETE11

    PETE11 Regular member

    Joined:
    Oct 22, 2006
    Messages:
    816
    Likes Received:
    9
    Trophy Points:
    28
    Moikka...

    Sain tänään jonkun vieraan ohjelman vahingossa koneelleni.En löytänyt sitä,että olisin voinut poistaa.Ohjelma oli "Security Tools"Löysin palomuurista ohjelman,joka oli Leak Test.Luultavammin on sama ohjelma.Hälytyksiä alkoi tämän jälkeen tuleemaan,kun tuo ohjelma pääsi koneelle.Ajoin kaikilla,mikä oli mahdollista.Tässä on logit HiJack,Avira ja malwarebytes.Ajoin vielä läpi Ad-Aware ohjelmalla.Muutamia päiviä ollut vaikeuksia saada sivustot auki samaan tapaan kun ennen.Tässäpä tietoa.Kuitenkin tässä tuo logi:

    Logfile of Trend Micro HijackThis v2.0.3 (BETA)
    Scan saved at 22:45:32, on 1.4.2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\lxctcoms.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\system32\IoctlSvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
    C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    E:\True Image\TimounterMonitor.exe
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\Program Files\Comodo\VEngine\VEngine.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
    C:\Program Files\Locitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Ari-Pekka Lpj\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll
    O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Family Toolbar\tbcore3.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Comodo VerificationEngine Browser Helper NEW - {A968A4B4-C492-4834-B651-17602C3885C8} - C:\Program Files\Comodo\VEngine\VEngineIE32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll
    O4 - HKLM\..\Run: [AcronisTimounterMonitor] E:\True Image\TimounterMonitor.exe
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
    O4 - HKLM\..\Run: [VEngine] C:\Program Files\Comodo\VEngine\VEngine.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Locitech\SetPoint\SetPoint.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://E:\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: FreshDownload - {0CFF0557-22C2-4B1F-8E5F-AC7DE66BAC11} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1249601019062
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
    O23 - Service: Cacheman Service (CachemanService) - Unknown owner - C:\Program Files\Cacheman\CachemanServ.exe (file missing)
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Google-päivityspalvelu (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: SupportSoft RemoteAssist - Unknown owner - C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe (file missing)
    O23 - Service: Aseman tilannevedos (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: WMI resurssisovitin (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
    O23 - Service: Windows Media Playerin verkkojakamispalvelu (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

    --
    End of file - 10180 bytes


    Malwarebytes' Anti-Malware 1.42
    Tietokantaversio: 3453
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 6.0.2900.5512

    1.4.2010 19:03:23
    mbam-log-2010-04-01 (19-02-42).txt

    Tarkistustyyppi: Täysi tarkistus (C:\|E:\|G:\|H:\|)
    Tarkistetut kohteet: 189275
    Kulunut aika: 1 hour(s), 0 minute(s), 36 second(s)

    Saastuneita muistiprosesseja: 0
    Saastuneita muistimoduuleja: 0
    Saastuneita rekisteriavaimia: 0
    Saastuneita rekisteriarvoja: 0
    Saastuneita rekisterikohteita: 0
    Saastuneita hakemistoja: 1
    Saastuneita tiedostoja: 3

    Saastuneita muistiprosesseja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita muistimoduuleja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriavaimia:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriarvoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisterikohteita:
    (Haitallisia kohteita ei löydetty)

    Saastuneita hakemistoja:
    C:\Documents and Settings\All Users\Application Data\36550423 (Rogue.Multiple) -> No action taken.

    Saastuneita tiedostoja:
    C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A0038119.exe (Trojan.Agent) -> No action taken.
    C:\Documents and Settings\All Users\Application Data\36550423\36550423.exe (Rogue.Multiple) -> No action taken.
    C:\Documents and Settings\xxxxxxxx\Käynnistä-valikko\Ohjelmat\Security Tool.LNK (Rogue.SecurityTool) -> No action taken.



    Avira AntiVir Premium
    Report file date: 1. huhtikuuta 2010 19:47

    Scanning for 1953293 virus strains and unwanted programs.

    The program is running as an unrestricted full version.
    Online services are available:

    Licensee : xxxxxxxxxxxxxxxx
    Serial number : xxxxxxxxxxxxx
    Platform : Windows XP
    Windows version : (Service Pack 3) [5.1.2600]
    Boot mode : Normally booted
    Username : SYSTEM
    Computer name : xxxxxxxxxxxxxx

    Version information:
    BUILD.DAT : 10.0.0.597 36208 Bytes 18.3.2010 15:42:00
    AVSCAN.EXE : 10.0.2.3 433832 Bytes 31.3.2010 17:19:45
    AVSCAN.DLL : 10.0.2.2 45928 Bytes 31.3.2010 17:19:45
    LUKE.DLL : 10.0.2.3 104296 Bytes 31.3.2010 17:19:52
    LUKERES.DLL : 10.0.0.1 12648 Bytes 31.3.2010 17:19:52
    VBASE000.VDF : 7.10.0.0 19875328 Bytes 6.11.2009 17:19:35
    VBASE001.VDF : 7.10.1.0 1372672 Bytes 19.11.2009 17:19:36
    VBASE002.VDF : 7.10.3.1 3143680 Bytes 20.1.2010 17:19:37
    VBASE003.VDF : 7.10.3.75 996864 Bytes 26.1.2010 17:19:37
    VBASE004.VDF : 7.10.4.203 1579008 Bytes 5.3.2010 17:19:38
    VBASE005.VDF : 7.10.4.204 2048 Bytes 5.3.2010 17:19:38
    VBASE006.VDF : 7.10.4.205 2048 Bytes 5.3.2010 17:19:38
    VBASE007.VDF : 7.10.4.206 2048 Bytes 5.3.2010 17:19:38
    VBASE008.VDF : 7.10.4.207 2048 Bytes 5.3.2010 17:19:38
    VBASE009.VDF : 7.10.4.208 2048 Bytes 5.3.2010 17:19:38
    VBASE010.VDF : 7.10.4.209 2048 Bytes 5.3.2010 17:19:38
    VBASE011.VDF : 7.10.4.210 2048 Bytes 5.3.2010 17:19:38
    VBASE012.VDF : 7.10.4.211 2048 Bytes 5.3.2010 17:19:38
    VBASE013.VDF : 7.10.4.242 153088 Bytes 8.3.2010 17:19:38
    VBASE014.VDF : 7.10.5.17 99328 Bytes 10.3.2010 17:19:38
    VBASE015.VDF : 7.10.5.44 107008 Bytes 11.3.2010 17:19:38
    VBASE016.VDF : 7.10.5.69 92672 Bytes 12.3.2010 17:19:38
    VBASE017.VDF : 7.10.5.91 119808 Bytes 15.3.2010 17:19:39
    VBASE018.VDF : 7.10.5.121 112640 Bytes 18.3.2010 17:19:39
    VBASE019.VDF : 7.10.5.138 139776 Bytes 18.3.2010 17:19:39
    VBASE020.VDF : 7.10.5.164 113152 Bytes 22.3.2010 17:19:39
    VBASE021.VDF : 7.10.5.182 108032 Bytes 23.3.2010 17:19:39
    VBASE022.VDF : 7.10.5.199 123904 Bytes 24.3.2010 17:19:39
    VBASE023.VDF : 7.10.5.217 279552 Bytes 25.3.2010 17:19:39
    VBASE024.VDF : 7.10.5.234 202240 Bytes 26.3.2010 17:19:39
    VBASE025.VDF : 7.10.5.254 187904 Bytes 30.3.2010 17:19:40
    VBASE026.VDF : 7.10.5.255 2048 Bytes 30.3.2010 17:19:40
    VBASE027.VDF : 7.10.6.0 2048 Bytes 30.3.2010 17:19:40
    VBASE028.VDF : 7.10.6.1 2048 Bytes 30.3.2010 17:19:40
    VBASE029.VDF : 7.10.6.2 2048 Bytes 30.3.2010 17:19:40
    VBASE030.VDF : 7.10.6.3 2048 Bytes 30.3.2010 17:19:40
    VBASE031.VDF : 7.10.6.15 130560 Bytes 1.4.2010 12:42:01
    Engineversion : 8.2.1.204
    AEVDF.DLL : 8.1.1.3 106868 Bytes 31.3.2010 17:19:41
    AESCRIPT.DLL : 8.1.3.23 1278331 Bytes 31.3.2010 17:19:41
    AESCN.DLL : 8.1.5.0 127347 Bytes 31.3.2010 17:19:41
    AESBX.DLL : 8.1.2.1 254323 Bytes 31.3.2010 17:19:42
    AERDL.DLL : 8.1.4.3 541043 Bytes 31.3.2010 17:19:41
    AEPACK.DLL : 8.2.1.1 426358 Bytes 31.3.2010 17:19:41
    AEOFFICE.DLL : 8.1.0.41 201083 Bytes 31.3.2010 17:19:41
    AEHEUR.DLL : 8.1.1.16 2503031 Bytes 31.3.2010 17:19:41
    AEHELP.DLL : 8.1.10.2 237941 Bytes 31.3.2010 17:19:41
    AEGEN.DLL : 8.1.3.2 373108 Bytes 31.3.2010 17:19:41
    AEEMU.DLL : 8.1.1.0 393587 Bytes 31.3.2010 17:19:40
    AECORE.DLL : 8.1.12.3 188789 Bytes 31.3.2010 17:19:40
    AEBB.DLL : 8.1.0.3 53618 Bytes 31.3.2010 17:19:40
    AVWINLL.DLL : 10.0.0.0 19304 Bytes 31.3.2010 17:19:28
    AVPREF.DLL : 10.0.0.0 44904 Bytes 31.3.2010 17:19:45
    AVREP.DLL : 10.0.0.8 62209 Bytes 31.3.2010 17:20:00
    AVREG.DLL : 10.0.1.2 52072 Bytes 31.3.2010 17:20:00
    AVSCPLR.DLL : 10.0.2.3 83304 Bytes 31.3.2010 17:20:00
    AVARKT.DLL : 10.0.0.13 227176 Bytes 31.3.2010 17:19:42
    AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 31.3.2010 17:19:43
    SQLITE3.DLL : 3.6.19.0 355688 Bytes 31.3.2010 17:19:54
    AVSMTP.DLL : 10.0.0.17 63848 Bytes 31.3.2010 17:19:46
    NETNT.DLL : 10.0.0.0 11624 Bytes 31.3.2010 17:19:52
    RCIMAGE.DLL : 10.0.0.26 2631528 Bytes 31.3.2010 17:19:29
    RCTEXT.DLL : 10.0.46.0 97128 Bytes 31.3.2010 17:19:29

    Configuration settings for the scan:
    Jobname.............................: avguard_async_scan
    Configuration file..................: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\AVGUARD_4bf3abc4\guard_slideup.avp
    Logging.............................: low
    Primary action......................: repair
    Secondary action....................: quarantine
    Scan master boot sector.............: on
    Scan boot sector....................: off
    Process scan........................: on
    Scan registry.......................: off
    Search for rootkits.................: off
    Integrity checking of system files..: off
    Scan all files......................: All files
    Scan archives.......................: on
    Recursion depth.....................: 20
    Smart extensions....................: on
    Macro heuristic.....................: on
    File heuristic......................: high

    Start of the scan: 1. huhtikuuta 2010 19:47

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'firefox.exe' - '1' Module(s) have been scanned
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'Ad-Aware.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
    Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
    Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'KHALMNPR.EXE' - '1' Module(s) have been scanned
    Scan process 'AVWEBGRD.EXE' - '1' Module(s) have been scanned
    Scan process 'avmailc.exe' - '1' Module(s) have been scanned
    Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
    Scan process 'Sup_SmartRAM.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'VEngine.exe' - '1' Module(s) have been scanned
    Scan process 'cfp.exe' - '1' Module(s) have been scanned
    Scan process 'TimounterMonitor.exe' - '1' Module(s) have been scanned
    Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
    Scan process 'SeaPort.exe' - '1' Module(s) have been scanned
    Scan process 'IoctlSvc.exe' - '1' Module(s) have been scanned
    Scan process 'MSCamS32.exe' - '1' Module(s) have been scanned
    Scan process 'MDM.EXE' - '1' Module(s) have been scanned
    Scan process 'lxctcoms.exe' - '1' Module(s) have been scanned
    Scan process 'jqs.exe' - '1' Module(s) have been scanned
    Scan process 'avshadow.exe' - '1' Module(s) have been scanned
    Scan process 'fsssvc.exe' - '1' Module(s) have been scanned
    Scan process 'CTsvcCDA.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'schedul2.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'AAWService.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
    Scan process 'cmdagent.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned

    Starting the file scan:

    Begin scan in 'C:\System Volume Information\_restore{F5C053B1-61E0-402B-8008-7E462DB5566F}\RP425\A0058715.exe'
    C:\System Volume Information\_restore{F5C053B1-61E0-402B-8008-7E462DB5566F}\RP425\A0058715.exe
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to the quarantine directory under the name '49a16fc3.qua'.
    Begin scan in 'C:\System Volume Information\_restore{F5C053B1-61E0-402B-8008-7E462DB5566F}\RP425\A0058716.exe'
    C:\System Volume Information\_restore{F5C053B1-61E0-402B-8008-7E462DB5566F}\RP425\A0058716.exe
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to the quarantine directory under the name '51364065.qua'.


    End of the scan: 1. huhtikuuta 2010 19:48
    Used time: 01:07 Minute(s)

    The scan has been done completely.

    0 Scanned directories
    52 Files were scanned
    2 Viruses and/or unwanted programs were found
    0 Files were classified as suspicious
    0 files were deleted
    0 Viruses and unwanted programs were repaired
    2 Files were moved to quarantine
    0 Files were renamed
    0 Files cannot be scanned
    50 Files not concerned
    2 Archives were scanned
    0 Warnings
    2 Notes


    The scan results will be transferred to the Guard.


    Toivon mukaan voitte heittää palautetta...
     
    Last edited: Apr 1, 2010
    PETE11, Apr 1, 2010
    #1
Thread Status:
Not open for further replies.

Share This Page