hjt-logi tarkistukseen

Avaa Notepad ja kopioi/liitä allaolevassa lainausboxissa oleva teksti sinne:

Tallenna se nimellä CFScript (Tarkista että on juuri noin kirjoitettu)

Sitten raahaa CFScript ComboFix.exeen kuten alla.



Käynnistä tietokone uudelleen pyydettäessä ja lähetä combofix.txt-tiedoston sisältö tänne.

myös uusi hjtlogi

 

uusi combofix-loki ja hjt-loki...

ComboFix 07-08-04.3 - "Omistaja" 2007-08-08 16:35:25.2 [GMT 3:00] - NTFS
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.Tosi
Command switches used :: C:\Documents and Settings\Omistaja\Ty”p”yt„\CFScript.txt
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\Omistaja\APPLIC~1\Microgaming
C:\DOCUME~1\Omistaja\APPLIC~1\Microgaming\MPG\PrimaPokerNetwork.dat
C:\DOCUME~1\Omistaja\aqfasg.exe
C:\DOCUME~1\Omistaja\cbtzse.exe
C:\DOCUME~1\Omistaja\djnurk.exe
C:\DOCUME~1\Omistaja\djwgqn.exe
C:\DOCUME~1\Omistaja\ezqmhd.exe
C:\DOCUME~1\Omistaja\htjayo.exe
C:\DOCUME~1\Omistaja\icjure.exe
C:\DOCUME~1\Omistaja\jgktom.exe
C:\DOCUME~1\Omistaja\jykkuc.exe
C:\DOCUME~1\Omistaja\kkxcob.exe
C:\DOCUME~1\Omistaja\mxning.exe
C:\DOCUME~1\Omistaja\ndpuzf.exe
C:\DOCUME~1\Omistaja\nnlbpb.exe
C:\DOCUME~1\Omistaja\npgrtm.exe
C:\DOCUME~1\Omistaja\oqzaiu.exe
C:\DOCUME~1\Omistaja\pronar.exe
C:\DOCUME~1\Omistaja\pxsheu.exe
C:\DOCUME~1\Omistaja\rgacsl.exe
C:\DOCUME~1\Omistaja\rtxfuc.exe
C:\DOCUME~1\Omistaja\stbwjj.exe
C:\DOCUME~1\Omistaja\tpaxau.exe
C:\DOCUME~1\Omistaja\ukibbq.exe
C:\DOCUME~1\Omistaja\uzgiku.exe
C:\DOCUME~1\Omistaja\yflmsn.exe
C:\DOCUME~1\Omistaja\ygrfzl.exe
C:\DOCUME~1\Omistaja\yhpxuf.exe
C:\DOCUME~1\Omistaja\ywuqyr.exe
C:\DOCUME~1\Omistaja\zvwavy.exe


((((((((((((((((((((((((( Files Created from 2007-07-08 to 2007-08-08 )))))))))))))))))))))))))))))))


2007-08-08 01:27 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-08 01:09 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-08-08 01:09 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-08-08 01:09 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-08-08 00:33 <KANSIO> d-------- C:\Deckard
2007-08-08 00:27 <KANSIO> d-------- C:\DOCUME~1\Omistaja\APPLIC~1\Comodo
2007-08-08 00:27 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Comodo
2007-08-08 00:24 <KANSIO> d-------- C:\Program Files\Comodo
2007-08-08 00:19 8,061,008 --a------ C:\Program Files\CFP_Setup_English_2.4.17.183.exe
2007-08-07 21:14 50,688 --a------ C:\Program Files\ATF-Cleaner.exe
2007-08-06 23:33 <KANSIO> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-08-06 22:41 <KANSIO> d-------- C:\WINDOWS\ERUNT
2007-08-06 22:36 <KANSIO> d-------- C:\WINDOWS\pss
2007-08-06 21:41 <KANSIO> d-------- C:\DOCUME~1\Omistaja\Työpöytä
2007-08-06 19:43 <KANSIO> d-------- C:\Hijackthis
2007-08-06 19:37 488,144 --a------ C:\HJTsetup.exe
2007-08-06 16:51 14,566,808 --a------ C:\Program Files\jre-6u2-windows-i586-p.exe
2007-07-30 12:30 5,548 --a------ C:\DOCUME~1\Omistaja\gkpreo.exe
2007-07-28 18:15 <KANSIO> d-------- C:\Program Files\Common Files\Apple
2007-07-28 18:15 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-08 16:29 --------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\OpenOffice.org2
2007-08-08 01:19 2252 --a------ C:\WINDOWS\system32\tmp.reg
2007-08-07 16:47 --------- d-------- C:\Program Files\Unibet
2007-07-28 18:59 --------- d-------- C:\Program Files\iTunes
2007-07-28 18:58 --------- d-------- C:\Program Files\iPod
2007-07-28 18:53 --------- d-------- C:\Program Files\QuickTime
2007-07-28 18:22 --------- d-------- C:\Program Files\Apple Software Update
2007-07-28 01:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-28 01:02 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-28 01:02 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-28 01:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-28 00:59 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-28 00:58 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-28 00:57 95608 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-07-16 14:19 --------- d-------- C:\DOCUME~1\Omistaja\APPLIC~1\Skype
2007-06-14 20:57 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-06-11 12:53 65 --a------ C:\WINDOWS\system32\BD7420.dat
2007-06-11 12:52 --------- d-------- C:\Program Files\Brother
2007-06-11 12:51 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-06-11 12:51 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-05-22 19:34 4960 --a--c--- C:\WINDOWS\mozver.dat
2007-05-16 18:14 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 18:14 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 18:14 683520 --a--c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 18:14 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 18:14 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 18:14 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
2007-01-13 17:34 398147 --a------ C:\Program Files\GSpot260RC1.zip
2007-01-13 16:50 1733246 --a------ C:\Program Files\coda_v33.exe
2006-07-26 15:27 284 --a------ C:\DOCUME~1\Omistaja\APPLIC~1\ViewerApp.dat
2005-12-12 16:37 5190408 --a------ C:\Program Files\firefox_fi.exe
2005-11-10 17:42 6082136 --a------ C:\Program Files\winamp5111_full_emusic-7plus.exe
2005-09-10 12:00 564896 --a------ C:\Program Files\GoogleToolbarInstaller.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"="SiSPower.dll" [2004-09-02 08:47 C:\WINDOWS\system32\SiSPower.dll]
"Cmaudio"="cmicnfg.cpl" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 01:03]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-05-21 19:11]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-06-01 11:09]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-08-08 00:24]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22]
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 13:15]
"SetDefPrt"="C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 17:14]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-23 16:42]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-06-01 11:03]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-23 17:00]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2004-11-11 22:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 15:00]
"LDM"="\Program\BackWeb-8876480.exe" []
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-06-01 13:46]

C:\Documents and Settings\Omistaja\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
OpenOffice.org 2.1.lnk - C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe [2006-12-02 00:32:46]

C:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-05-26 19:02:26]
Picture Package Menu.lnk - D:\Sony kamera\Picture Package Menu\SonyTray.exe [2006-07-26 12:47:57]
Picture Package VCD Maker.lnk - D:\Sony kamera\Picture Package Applications\Residence.exe [2006-07-26 12:47:52]
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe [2005-03-08 17:16:47]

R0 Inspect;Comodo Network Engine;C:\WINDOWS\system32\DRIVERS\inspect.sys
R0 uagp35;Microsoft AGPv3.5 -suodatin;C:\WINDOWS\system32\DRIVERS\uagp35.sys
R3 brfilt;Brother MFC Filter Driver;C:\WINDOWS\system32\Drivers\Brfilt.sys
R3 brparimg;Brother Multi Function Parallel Image driver;C:\WINDOWS\system32\DRIVERS\BrParImg.sys
R3 BrParWdm;Brother WDM Parallel Driver;C:\WINDOWS\system32\Drivers\BrParwdm.sys
R3 BrSerWDM;Brother WDM Serial driver;C:\WINDOWS\system32\Drivers\BrSerWdm.sys
R3 cmuda;C-Media WDM Audio Interface;C:\WINDOWS\system32\drivers\cmuda.sys
R3 mf;mf;C:\WINDOWS\system32\DRIVERS\mf.sys
S3 QCMerced;Logitech QuickCam Communicate;C:\WINDOWS\system32\DRIVERS\LVCM.sys
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys


Contents of the 'Scheduled Tasks' folder
2007-08-07 20:43:25 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
2007-08-08 13:32:21 C:\WINDOWS\Tasks\MP Scheduled Scan.job - C:\Program Files\Windows Defender\MpCmdRun.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-08 16:38:13
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x90\x2022\x20ac|\xff\xff\xff\xff"\x2022\x20ac|\xfe\xbb\xd3w\2]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\Program Files\Common Files\Microsoft Shared\Web Folders\PUBPLACE.HTT"

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-08 16:39:24
C:\ComboFix-quarantined-files.txt ... 2007-08-08 16:38
C:\ComboFix2.txt ... 2007-08-08 01:32

--- E O F ---





Logfile of HijackThis v1.99.1
Scan saved at 16:43:44, on 8.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Sony kamera\Picture Package Menu\SonyTray.exe
D:\Sony kamera\Picture Package Applications\Residence.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\WINDOWS\system32\BrmfBAgS.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Brother BidiAgent Service for Resource manager (brmfbags) - Brother Industries, Ltd. - C:\WINDOWS\system32\BrmfBAgS.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

 

Pysy puhtaana

-> Tyhjennä järjestelmänpalautus Ohjeet
Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste. Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä.

-> Käytä CCleaneria -> CCleaner
Lataa ja asenna CCleaner. Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti.

-> Asenna SpywareBlaster -> SpywareBlaster
SpywareBlaster estää haittaohjelmia asentumasta koneellesi. Ei kuluta muistia!
Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas

-> Asenna MVPS Hosts tiedosto -> MVPS Hosts
Estää koneesi yhteyden haitallisiin sivustoihin.
Opas saatavilla suomeksi! Nimimerkki Axelin opas

-> Vaihda selaimesi Firefoxiin -> Firefox
Firefox on nopeampi, turvallisempi ja parempi selain kuin Internet Explorer.

-> Pidä järjestelmäsi ajantasalla. -> Windows Update
Vieraile Windows Updatessa säännöllisesti.

-> Pidä palomuuri ja virustorjunta ajantasalla
Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi.
ja hyvä myös escan http://koti.mbnet.fi/pattaya1/escanmwav.htm

->Pidä ohjelmistosi ajantasalla. -> Secunia Software Inspector
Secunia Software Inspector tutkii sinun järjestälmäsi ja ohjelmistosi puuttuvien turvallisuuspäivityksien osalta. Tavallinen tutkinta kestää normaalisti 5-40 sekuntia, kun läpikotainen (thorough system inspection) voi kestää useita minuutteja.

->Seuraa säännöllisesti viestintäviraston tietoja uusista haavoittuvuuksista -> CERT-FI

Jos tulevaisuudessa tulee haittaohjelmien kanssa ongelmia, älä epäröi laittaa Hijackthis-logia tarkistettavaksi!