Nettiselaimet ei yhdistä ja ohjelmia kaatuilee, HJT logi

Elikkäs selaimet ei toimi muutakuin vikasietotilassa, mutta esim msn messenger toimii täydellisesti. Muitakin ohjelmia on ruvennut kaatuilemaan esim. Windowsin sivupalkki ja Winamp.

Tässä hjt logi:


Logfile of HijackThis v1.99.1
Scan saved at 17:32:36, on 6.7.2008
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mikael Väänänen\Desktop\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Mikael\Ohjelmat\AVG\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [Updater] C:\Windows\system32\updater\explorer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SpeedOptimizer] "C:\Program Files\SpeedOptimizer\SPO.exe"
O4 - HKLM\..\Run: [RegClean] C:\Program Files\RegClean\RegClean.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [iTunesHelper] "D:\Mikael\Ohjelmat\Itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] D:\Mikael\Ohjelmat\AVG\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Alcohol.exe Autorun] C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe /startup
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe
O4 - HKCU\..\Run: [RegClean Expert Scheduler] "C:\Program Files\Registry Clean Expert\RCHelper.exe" /startup
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - Startup: Kuma_Tray.lnk = C:\Program Files\Kuma Games\kgsystray\Kuma_tray.exe
O4 - Startup: Last.fm Helper.lnk = D:\Mikael\Ohjelmat\Last.fm\LastFMHelper.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Privoxy\privoxy.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PacificPoker4 - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - D:\Mikael\Pelit\PACIFI~1\pacificpoker.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Mikael\Pelit\Party Poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Mikael\Pelit\Party Poker\PartyPoker\RunApp.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Mikael\Ohjelmat\AVG\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: ,avgrsstx.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30011 (AppHostSvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\Mikael\Ohjelmat\AVG\avgwdsvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - %windir%\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\MediaServer.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30003 (W3SVC) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30001 (WAS) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Windows Media Playerin verkkojakamispalvelu (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSvc) - Unknown owner - %windir%\system32\inetsrv\wmsvc.exe (file missing)

 

poista tämä versio HijackThis v1.99.1

uusi tuosta alta

Lataa TÄSTÄ HJTInstall.exe

* Tallenna HJTInstall.exe työpöydällesi.
* Tuplaklikkaa HJTInstall.exe-kuvaketta työpöydälläsi.
* Oletuksena se asentaa itsensä hakemistoon C:\Program Files\Trend Micro\HijackThis.
* Klikkaa Install.
* Asennusohjelma luo HijackThis-kuvakkeen työpöydälle.
* Kun asennus on valmis, se käynnistää HijackThisin.
* Klikkaa Do a system scan and save a logfile-painiketta. Ohjelma aloittaa skannauksen ja lokin pitäisi avautua Muistioon.
* Klikkaa ensin "Muokkaa > Valitse kaikki" sitten "Muokkaa > Kopioi" kopioidaksesi koko lokin sisällön.
* Liitä lokin sisältö seuraavaan vastaukseesi.
* ÄLÄ käytä Analyse This-nappulaa, sen löydöt ovat vaarallisia väärinymmärrettyinä.
* ÄLÄ fixaa HijackThis-ohjelmalla vielä mitään. Suurin osa sen löydöistä ovat joko harmittomia tai jopa tarpeellisia.

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:03:22, on 7.7.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\DAP\DAP.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Mikael\Ohjelmat\AVG\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [Updater] C:\Windows\system32\updater\explorer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SpeedOptimizer] "C:\Program Files\SpeedOptimizer\SPO.exe"
O4 - HKLM\..\Run: [RegClean] C:\Program Files\RegClean\RegClean.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [iTunesHelper] "D:\Mikael\Ohjelmat\Itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] D:\Mikael\Ohjelmat\AVG\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Alcohol.exe Autorun] C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe /startup
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe
O4 - HKCU\..\Run: [RegClean Expert Scheduler] "C:\Program Files\Registry Clean Expert\RCHelper.exe" /startup
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Startup: Kuma_Tray.lnk = C:\Program Files\Kuma Games\kgsystray\Kuma_tray.exe
O4 - Startup: Last.fm Helper.lnk = D:\Mikael\Ohjelmat\Last.fm\LastFMHelper.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Privoxy\privoxy.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PacificPoker4 - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - D:\Mikael\Pelit\PACIFI~1\pacificpoker.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Mikael\Pelit\Party Poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Mikael\Pelit\Party Poker\PartyPoker\RunApp.exe (file missing)
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Mikael\Ohjelmat\AVG\avgpp.dll
O20 - AppInit_DLLs: ,avgrsstx.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\Mikael\Ohjelmat\AVG\avgwdsvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\MediaServer.exe

--
End of file - 13251 bytes

 

Poista lisää poista sovelutuksesta

Ask Toolbar BHO


Poista vikasiedossa kansio

C:\Program Files\AskPBar


Scannaa hjt:llä merkkaa paina Fix checked


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Mikael\Pelit\Party Poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Mikael\Pelit\Party Poker\PartyPoker\RunApp.exe (file missing)

==============

Mitäs virustorjuntaa käytät

=============

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi.

 

AVG:tä oon käyttäny mutta eipä se oo vähään aikaan päivittyny näitten ongelmien myötä


Malwarebytes' Anti-Malware 1.20
Tietokantaversio: 935
Windows 6.0.6001 Service Pack 1

21:56:00 13.7.2008
mbam-log-7-13-2008 (21-56-00).txt

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 310463
Kulunut aika: 1 hour(s), 4 minute(s), 40 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 2
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 1
Saastuneita tiedostoja: 42

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{87862e26-bda0-4a78-b94c-86bcb9428a6f} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Windows\System32\TWUNK_16.EXE (Trojan.Agent) -> Quarantined and deleted successfully.

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhenU (Adware.WhenUSave) -> Quarantined and deleted successfully.

Saastuneita tiedostoja:
C:\Users\Eemuman\AppData\Local\Temp\tmp0000a3fb (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Eemuman\AppData\Local\Temp\tmp0000bb43 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Eemuman\AppData\Local\Temp\tmp0000c0fd (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Eemuman\AppData\Local\Temp\tmp0000c206 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Eemuman\AppData\Local\Temp\tmp0000eed0 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Eemuman\AppData\Local\Temp\tmp0000f085 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Eemuman\AppData\Local\Temp\tmp0000f620 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Eemuman\AppData\Local\Temp\tmp000129be (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Eemuman\AppData\Local\Temp\tmp00015e16 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Eemuman\AppData\Local\Temp\tmp00018aa2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Eemuman\AppData\Local\Temp\tmp0001b9bd (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Eemuman\AppData\Local\Temp\tmp0005d2d8 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Eemuman\AppData\Local\Temp\tmp0007a082 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp00009a3b (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0000a5c0 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0000acf1 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0000cffb (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0000e52f (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0000f5d2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0000ff25 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp00011a72 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp000134a6 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp00013f02 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0001583c (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp00017ad9 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp00018979 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0001dd91 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp000391d3 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0003c189 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp00071054 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0007b5f6 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0009df46 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp000dab9a (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp00450d79 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0087711c (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp01b31118 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp05f6da75 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\AppData\Local\Temp\tmp0ae76cde (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Mikael Väänänen\LimeWire Saved\setup.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhenU\Customer Support.lnk (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhenU\Uninstall Instructions.lnk (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Windows\System32\TWUNK_16.EXE (Trojan.Agent) -> Quarantined and deleted successfully.

 

Löytyikö tuosta mitään nimittäin ei pelaa vieläkään.
Ohjelmat yleensä lakkaavat yhdistämästä nettiin kun niitä päivittää ja mielestäni mikään palomuuri niitä ei ainakaan estä

 

1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

 

ComboFix 08-08-26.01 - Mikael Väänänen 2008-08-27 0:06:52.1 - NTFSx86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1035.18.1441 [GMT 3:00]
Running from: C:\Users\Mikael Väänänen\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe
C:\Users\Eemuman\AppData\Roaming\macromedia\Flash Player\#SharedObjects\E4KD9G6G\static.youku.com
C:\Users\Eemuman\AppData\Roaming\macromedia\Flash Player\#SharedObjects\E4KD9G6G\static.youku.com\v1.0.0312\v\swf\qplayer.swf\qplayer.sol
C:\Users\Eemuman\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.youku.com
C:\Users\Eemuman\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.youku.com\settings.sol
C:\Users\Eemuman\AppData\Roaming\Microsoft\Windows\Cookies\eemuman@ad.yieldmanager[2].txt
C:\Users\Eemuman\AppData\Roaming\Microsoft\Windows\Cookies\eemuman@clicktorrent[2].txt
C:\Users\Mikael Väänänen\AppData\Roaming\macromedia\Flash Player\#SharedObjects\JGLYM8FN\interclick.com
C:\Users\Mikael Väänänen\AppData\Roaming\macromedia\Flash Player\#SharedObjects\JGLYM8FN\interclick.com\ud.sol
C:\Users\Mikael Väänänen\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Users\Mikael Väänänen\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Users\Mikael Väänänen\AppData\Roaming\Microsoft\Windows\Cookies\mikael_väänänen@clicktorrent[2].txt
C:\Windows\system32\actskn43.ocx
C:\Windows\system32\Memman.vxd
C:\Windows\system32\skinboxer43.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_iprip


((((( Tiedostot, jotka on luotu seuraavalla aikav„lill„: 2008-07-26 to 2008-08-26 )))))))))))))))))
.

2008-08-26 18:06 . 2008-08-26 18:06 <KANSIO> d-------- C:\call of duty 1
2008-08-25 16:59 . 2008-08-25 16:59 <KANSIO> d-------- C:\Program Files\NaturalMotion
2008-08-25 16:59 . 2002-01-01 03:28 860,211 --a-s---- C:\Windows\System32\XSIFtk-3.6.2.1.dll
2008-08-23 10:05 . 2008-08-23 10:21 <KANSIO> d-------- C:\Program Files\Deadliest Catch Alaskan Storm
2008-08-21 20:00 . 2008-08-21 20:00 73,528 --a------ C:\Windows\System32\GDIPFONTCACHEV1.DAT
2008-08-21 10:51 . 2008-08-21 10:51 <KANSIO> d-------- C:\Users\All Users\Adobe Systems
2008-08-21 10:51 . 2008-08-21 10:51 <KANSIO> d-------- C:\ProgramData\Adobe Systems
2008-08-21 10:46 . 2008-08-21 10:46 <KANSIO> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-08-17 00:21 . 2008-08-17 00:21 <KANSIO> d-------- C:\Program Files\Webteh
2008-08-15 23:14 . 2008-08-15 23:14 <KANSIO> d-------- C:\Users\Eemuman\AppData\Roaming\DivX
2008-08-10 20:24 . 2008-08-10 20:24 <KANSIO> d-------- C:\Program Files\Common Files\Microsoft Games
2008-08-10 19:54 . 2008-08-10 19:54 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Videos
2008-08-10 19:54 . 2008-08-10 19:54 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Searches
2008-08-10 19:54 . 2008-08-10 19:54 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Saved Games
2008-08-10 19:54 . 2008-08-10 19:54 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Pictures
2008-08-10 19:54 . 2008-08-10 19:54 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Music
2008-08-10 19:54 . 2008-08-10 19:54 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Links
2008-08-10 19:54 . 2008-08-10 19:54 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Downloads
2008-08-10 19:54 . 2008-08-10 19:54 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Documents
2008-08-09 20:30 . 2008-08-09 20:30 22,328 --a------ C:\Windows\System32\drivers\PnkBstrK.sys
2008-08-09 20:30 . 2008-08-09 20:30 22,328 --a------ C:\Users\Eemuman\AppData\Roaming\PnkBstrK.sys
2008-08-09 20:29 . 2008-08-09 20:29 <KANSIO> d-------- C:\Users\All Users\id Software
2008-08-09 20:29 . 2008-08-09 20:29 <KANSIO> d-------- C:\ProgramData\id Software
2008-08-09 20:29 . 2008-08-09 20:29 2,246,144 --a------ C:\Windows\System32\pbsvc.exe
2008-08-09 20:29 . 2008-08-09 20:29 107,832 --a------ C:\Windows\System32\PnkBstrB.exe
2008-07-27 19:20 . 2008-07-27 19:20 <KANSIO> d-------- C:\Users\Eemuman\AppData\Roaming\CyberLink

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-26 21:14 --------- d-----w C:\Program Files\Steam
2008-08-26 16:22 --------- d-----w C:\Users\Eemuman\AppData\Roaming\BitTorrent
2008-08-25 15:28 --------- d---a-w C:\ProgramData\TEMP
2008-08-21 07:47 --------- d-----w C:\Program Files\Common Files\Adobe
2008-08-19 17:12 --------- d-----w C:\Program Files\Paint.NET
2008-08-19 11:53 --------- d-----w C:\Program Files\Common Files\Steam
2008-08-16 21:21 --------- d-----w C:\Program Files\ffdshow
2008-08-12 18:48 --------- d-----w C:\ProgramData\TrackMania
2008-08-10 17:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-10 16:55 --------- d-----w C:\Program Files\Microsoft Games
2008-07-27 17:52 --------- d-----w C:\Users\Eemuman\AppData\Roaming\fretsonfire
2008-07-27 16:18 --------- d-----w C:\Users\Eemuman\AppData\Roaming\LimeWire
2008-07-23 12:04 --------- d-----w C:\Program Files\City Interactive
2008-07-21 16:08 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2008-07-21 14:43 --------- d-----w C:\Program Files\LimeWire
2008-07-20 13:31 --------- d-----w C:\Program Files\Uplink
2008-07-14 14:12 --------- d-----w C:\Program Files\Google
2008-07-14 14:05 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 5
2008-07-10 13:18 96,520 ----a-w C:\Windows\system32\drivers\avgldx86.sys
2008-07-10 13:13 --------- d-----w C:\ProgramData\Malwarebytes
2008-07-07 14:35 34,296 ----a-w C:\Windows\system32\drivers\mbamcatchme.sys
2008-07-07 14:35 17,144 ----a-w C:\Windows\system32\drivers\mbam.sys
2008-07-07 09:01 --------- d-----w C:\Program Files\Trend Micro
2008-07-06 16:39 --------- d-----w C:\Program Files\MSN Messenger
2008-07-04 05:35 --------- d-----w C:\Users\Eemuman\AppData\Roaming\Winamp
2008-07-01 14:25 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-07-01 13:55 --------- d-----w C:\Program Files\DAP
2008-06-30 16:40 --------- d-----w C:\ProgramData\Test Drive Unlimited
2008-06-29 22:16 --------- d-----w C:\Users\Eemuman\AppData\Roaming\vlc
2008-06-27 09:48 --------- d-----w C:\Users\Eemuman\AppData\Roaming\ATI
2008-06-27 08:28 --------- d-----w C:\ProgramData\Symantec
2008-06-26 23:32 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-06-26 23:20 174 --sha-w C:\Program Files\desktop.ini
2008-06-26 23:12 --------- d-----w C:\Program Files\Windows Sidebar
2008-06-26 23:12 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-06-26 23:12 --------- d-----w C:\Program Files\Windows Mail
2008-06-26 23:12 --------- d-----w C:\Program Files\Windows Journal
2008-06-26 23:12 --------- d-----w C:\Program Files\Windows Defender
2008-06-26 23:12 --------- d-----w C:\Program Files\Windows Collaboration
2008-06-26 23:12 --------- d-----w C:\Program Files\Windows Calendar
.

(((((((((((((((((((((((((((((( Rekisterin k„ynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhji„ arvoja ja laillisia oletusarvoja ei n„ytet„
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 10:33 1233920]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 10:33 125952]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 13:27 219520]
"Steam"="C:\Program Files\Steam\Steam.exe" [2008-06-25 01:23 1271032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-26 18:05 734264]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 21:48 57344]
"Updater"="C:\Windows\system32\updater\explorer.exe" [2007-11-24 15:08 1478612]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30 517768]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-07 00:04 464168]
"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 07:44 107112]
"AVG8_TRAY"="D:\Mikael\Ohjelmat\AVG\avgtray.exe" [2008-07-10 16:18 1232152]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-02-15 18:39 151552]
"Acer Empowering Technology Monitor"="C:\Acer\Empowering Technology\SysMonitor.exe" [2007-01-24 10:27 319488]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 14:04 4423680 C:\Windows\RtHDVCpl.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-02-15 18:39 151552]

C:\Users\Eemuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-05-05 17:20:51 528384]
Privoxy.lnk - C:\Program Files\Privoxy\privoxy.exe [2006-11-20 17:30:54 250368]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll,

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.avis"= ff_acm.acm
"VIDC.X264"= x264vfw.dll
"VIDC.DIV3"= DivXc32.dll
"VIDC.DIV4"= DivXc32f.dll
"VIDC.3iv2"= 3ivxVfWCodec.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.VP31"= vp31vfw.dll
"VIDC.MPG4"= msmpeg4.dll
"VIDC.MP42"= msmpeg4.dll
"VIDC.MP43"= msmpeg4.dll
"msacm.l3fhg"= mp3fhg.acm
"msacm.imc"= imc32.acm
"msacm.divxa32"= divxa32.acm
"vidc.dscc"= C:\PROGRA~1\TALESA~1\dscc.dll
"vidc.dsvc"= C:\PROGRA~1\TALESA~1\dsvc.dll
"vidc.dsfs"= C:\PROGRA~1\TALESA~1\dsfs.dll
"VIDC.XFR1"= xfcodec.dll
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"MSServer"=rundll32.exe C:\Windows\system32\ljJASjHX.dll,#1

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C55EB872-84AB-4CE4-94E2-D59F19B8B14D}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{584F8E90-5B0B-419C-B103-F7866AF537F5}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{D0E42B23-09E7-445F-A462-65075C499F49}"= C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live
"{48A7AA93-CFD1-44A6-8932-38837E37135E}"= C:\Program Files\Acer Arcade Live\SlideShow DVD\Component\CLSLDVD.exe:SlideShow DVD workprocess
"{057D057B-2E77-4902-B8DB-867531B8D7A8}"= C:\Program Files\Acer Arcade Live\Acer DV Magician\Component\ARAWP.exeV Magician ARA workprocess
"{50279E87-82E9-414B-9C3E-F852377267E5}"= C:\Program Files\Acer Arcade Live\Acer DV Magician\Component\DVAX2Process.exeV Magician AVAX workprocess
"{BD0D0768-F85A-45DE-AB29-CCE02C0176BC}"= C:\Program Files\Acer Arcade Live\Acer DVDivine\DVDivine.exeVDivine
"{7016F49C-79B2-4647-9EB1-910983D6CAE9}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia\HomeMedia.exe:HomeMedia
"{2BAC7F7D-7AB9-43C6-911E-474847D3ECF5}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\HomeMedia Connect.exe:HomeMedia Connect
"{D5ECD7A4-1EAC-4181-9862-720EB00FAE19}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:HomeMedia Connect Service
"{76BA5F31-C1DC-42D5-B5F4-D34D0F52C7AE}"= C:\Program Files\Acer Arcade Live\Acer VideoMagician\VideoMagician.exe:VideoMagician
"{5BCDFD66-4C15-417A-8A5A-D7A832DD5CDA}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{C0F37E0B-F296-4BD5-873F-094A2245522E}"= UDP:\Mikael\Pelit\FM 08\fm.exe:Football Manager 2008
"{0E688EB7-AA79-4C71-9FFD-A808A939CEED}"= TCP:\Mikael\Pelit\FM 08\fm.exe:Football Manager 2008
"{71892083-89CA-422D-B67B-EEA85E139ECD}"= UDP:\Mikael\Ohjelmat\Itunes\iTunes.exe:iTunes
"{34400244-308F-4CA8-9324-63FDB49FB8EA}"= TCP:\Mikael\Ohjelmat\Itunes\iTunes.exe:iTunes
"{2E27C8D0-6C4F-4238-AFE4-716384D47A35}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{87A782E7-8BAE-4BB6-AF5A-407C20AEF3DE}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{CC95E14B-FE09-4556-87DE-3DB0C3800A9A}C:\\program files\\steam\\steamapps\\nnaab\\counter-strike source\\hl2.exe"= UDP:C:\program files\steam\steamapps\nnaab\counter-strike source\hl2.exe:hl2
"UDP Query User{442CEB8D-AC4C-4B56-A020-6937DCE6D41B}C:\\program files\\steam\\steamapps\\nnaab\\counter-strike source\\hl2.exe"= TCP:C:\program files\steam\steamapps\nnaab\counter-strike source\hl2.exe:hl2
"{CAE9C190-4FA7-4920-AEF2-AD73CF4239D9}"= UDP:C:\Program Files\DAP\DAP.exeownload Accelerator Plus (DAP)
"{5402EE17-FDB3-46F5-8E06-9979A3E6CFF2}"= TCP:C:\Program Files\DAP\DAP.exeownload Accelerator Plus (DAP)
"TCP Query User{4D37470D-B789-4B7C-B6AF-C5030E05C08C}D:\\mikael\\ohjelmat\\last.fm\\lastfm.exe"= UDP:\mikael\ohjelmat\last.fm\lastfm.exe:Last.fm
"UDP Query User{7E272AFF-28A5-4775-8F1E-F94AEBEEAEA6}D:\\mikael\\ohjelmat\\last.fm\\lastfm.exe"= TCP:\mikael\ohjelmat\last.fm\lastfm.exe:Last.fm
"TCP Query User{DC94F0D1-C85F-4248-A48E-B042ED56CFC0}C:\\program files\\xfire\\xfire.exe"= UDP:C:\program files\xfire\xfire.exe:Xfire
"UDP Query User{1970522D-2207-4B4E-8AB8-93F8FF68C47A}C:\\program files\\xfire\\xfire.exe"= TCP:C:\program files\xfire\xfire.exe:Xfire
"TCP Query User{E057944E-3DF2-4FE3-9935-32A0A6F927AE}C:\\program files\\steam\\steamapps\\nnaab\\source sdk base\\hl2.exe"= UDP:C:\program files\steam\steamapps\nnaab\source sdk base\hl2.exe:hl2
"UDP Query User{C953588D-9522-4B43-86DC-BA9627A0996F}C:\\program files\\steam\\steamapps\\nnaab\\source sdk base\\hl2.exe"= TCP:C:\program files\steam\steamapps\nnaab\source sdk base\hl2.exe:hl2
"{A85C8F28-3C15-43C7-B64B-CA8044AA66FB}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{60799AB9-50A9-42FE-9052-8AE9087ACB25}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{3688358B-08BB-4849-BD85-B67F7F407BB4}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{814087CD-C5B4-4062-B2BA-1EA86B013D80}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{9C1CADCF-3E01-4588-B9A0-33A79EB5BEF2}"= UDP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{88E51772-568C-408A-9D4F-24EC87BBD784}"= TCP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{B18C7202-BD08-4926-9D27-3F47AF83E0D4}"= UDP:C:\Windows\System32\PnkBstrB.exenkBstrB
"{3852044D-885F-4F9A-BEB4-B94CA8678B99}"= TCP:C:\Windows\System32\PnkBstrB.exenkBstrB
"{9E8B7E5C-B939-4A1B-8D7B-00F1E003CDFA}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{74BB1E6C-94C0-4B6D-99C1-C98FAD8C4F2A}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{BA3CF02B-1E5F-45F0-A22C-CE9D64967306}C:\\users\\mikael väänänen\\desktop\\cs2d_0104\\counterstrike2d.exe"= UDP:C:\users\mikael väänänen\desktop\cs2d_0104\counterstrike2d.exe:counterstrike2d.exe
"UDP Query User{2C6BCD08-C72C-4B06-AF02-135D3D58F900}C:\\users\\mikael väänänen\\desktop\\cs2d_0104\\counterstrike2d.exe"= TCP:C:\users\mikael väänänen\desktop\cs2d_0104\counterstrike2d.exe:counterstrike2d.exe
"TCP Query User{8D06A155-E224-4AD0-B25C-AF5D1CFFE277}C:\\program files\\steam\\steamapps\\nnaab\\source sdk base\\hl2.exe"= UDP:C:\program files\steam\steamapps\nnaab\source sdk base\hl2.exe:hl2
"UDP Query User{ED788890-4B7F-43FB-A2A8-31A7B13821F1}C:\\program files\\steam\\steamapps\\nnaab\\source sdk base\\hl2.exe"= TCP:C:\program files\steam\steamapps\nnaab\source sdk base\hl2.exe:hl2
"TCP Query User{46EE406B-DFB3-4D7F-9CD6-8FD5EE2D1BDD}C:\\program files\\steam\\steamapps\\nnaab\\source dedicated server\\srcds.exe"= UDP:C:\program files\steam\steamapps\nnaab\source dedicated server\srcds.exe:srcds
"UDP Query User{D642FB47-BA16-4712-A802-73C7C23F0CB1}C:\\program files\\steam\\steamapps\\nnaab\\source dedicated server\\srcds.exe"= TCP:C:\program files\steam\steamapps\nnaab\source dedicated server\srcds.exe:srcds
"TCP Query User{2A7C2600-77FA-4334-886F-917EA5963F27}C:\\program files\\steam\\steamapps\\nnaab\\counter-strike source\\hl2.exe"= UDP:C:\program files\steam\steamapps\nnaab\counter-strike source\hl2.exe:hl2
"UDP Query User{9C6D476F-F93B-441B-B397-5E01E7DE9729}C:\\program files\\steam\\steamapps\\nnaab\\counter-strike source\\hl2.exe"= TCP:C:\program files\steam\steamapps\nnaab\counter-strike source\hl2.exe:hl2
"TCP Query User{53093D3B-BB97-4359-A869-F2F46FCEFDEC}C:\\program files\\steam\\steamapps\\nnaab\\day of defeat source\\hl2.exe"= UDP:C:\program files\steam\steamapps\nnaab\day of defeat source\hl2.exe:hl2
"UDP Query User{6AF96022-1F86-4186-918A-7F9B9B7397AB}C:\\program files\\steam\\steamapps\\nnaab\\day of defeat source\\hl2.exe"= TCP:C:\program files\steam\steamapps\nnaab\day of defeat source\hl2.exe:hl2
"TCP Query User{194CFEF4-C29F-4A6B-9CFC-8EDC8D68F1CA}D:\\mikael\\azureus\\azureus.exe"= UDP:\mikael\azureus\azureus.exe:Azureus
"UDP Query User{3BC9E229-E621-42D9-AD6C-E7FB2B85B7BB}D:\\mikael\\azureus\\azureus.exe"= TCP:\mikael\azureus\azureus.exe:Azureus
"TCP Query User{11BF5934-15E5-4D3F-93FF-8BB8EB7E73A3}C:\\users\\mikael väänänen\\desktop\\guestpassbruteforcer\\server.exe"= UDP:C:\users\mikael väänänen\desktop\guestpassbruteforcer\server.exe:server.exe
"UDP Query User{F3DF5227-D189-4C49-A2D0-547812ED88A4}C:\\users\\mikael väänänen\\desktop\\guestpassbruteforcer\\server.exe"= TCP:C:\users\mikael väänänen\desktop\guestpassbruteforcer\server.exe:server.exe
"TCP Query User{953286F0-0019-4596-9C4B-8875B4FDF9BD}C:\\program files\\dap\\dap.exe"= UDP:C:\program files\dap\dap.exeownload Accelerator Plus (DAP)
"UDP Query User{B9885EE0-FEF3-4DF4-B1C5-14DC29E347BB}C:\\program files\\dap\\dap.exe"= TCP:C:\program files\dap\dap.exeownload Accelerator Plus (DAP)
"{B8E075F7-7150-4293-B3DA-9B7673C93ACC}"= UDP:\Mikael\Ohjelmat\Itunes\iTunes.exe:iTunes
"{A271BCDC-839E-41C8-ADD0-5EE7A6AD82EB}"= TCP:\Mikael\Ohjelmat\Itunes\iTunes.exe:iTunes
"TCP Query User{8DD4F89D-33FE-436C-AFAF-99CE8EC5D8B4}C:\\users\\mikael väänänen\\desktop\\cs2d_0104\\gun game cs2d\\counterstrike2d.exe"= UDP:C:\users\mikael väänänen\desktop\cs2d_0104\gun game cs2d\counterstrike2d.exe:counterstrike2d.exe
"UDP Query User{C81F5573-7383-4F41-AF6C-AC2F2BAE90AB}C:\\users\\mikael väänänen\\desktop\\cs2d_0104\\gun game cs2d\\counterstrike2d.exe"= TCP:C:\users\mikael väänänen\desktop\cs2d_0104\gun game cs2d\counterstrike2d.exe:counterstrike2d.exe
"TCP Query User{12548A01-96A8-44AD-AB14-D803BE6E6248}C:\\program files\\steam\\steamapps\\nnaab\\team fortress 2\\hl2.exe"= UDP:C:\program files\steam\steamapps\nnaab\team fortress 2\hl2.exe:hl2
"UDP Query User{3093EC0A-F153-4426-9BBC-8FF575EB08AD}C:\\program files\\steam\\steamapps\\nnaab\\team fortress 2\\hl2.exe"= TCP:C:\program files\steam\steamapps\nnaab\team fortress 2\hl2.exe:hl2
"TCP Query User{1E43ADE5-4080-4D2A-9F8E-CDCD1A36EE0E}C:\\program files\\steam\\steamapps\\nnaab\\source 2007 dedicated server\\srcds.exe"= UDP:C:\program files\steam\steamapps\nnaab\source 2007 dedicated server\srcds.exe:srcds
"UDP Query User{CD944189-F709-4BF2-80F5-29B0E64882E9}C:\\program files\\steam\\steamapps\\nnaab\\source 2007 dedicated server\\srcds.exe"= TCP:C:\program files\steam\steamapps\nnaab\source 2007 dedicated server\srcds.exe:srcds
"TCP Query User{174305D2-0B5C-4DAF-9DD0-611B8F00CDA6}C:\\program files\\steam\\steamapps\\nnaab\\garrysmod\\hl2.exe"= UDP:C:\program files\steam\steamapps\nnaab\garrysmod\hl2.exe:hl2
"UDP Query User{3B4805CC-7544-471B-8D6D-039DF1482EB5}C:\\program files\\steam\\steamapps\\nnaab\\garrysmod\\hl2.exe"= TCP:C:\program files\steam\steamapps\nnaab\garrysmod\hl2.exe:hl2
"TCP Query User{7E134A08-A673-43CD-AE9A-89B7DA226E14}D:\\mikael\\pelit\\colin mcrae dirt\\dirt (2).exe"= UDP:\mikael\pelit\colin mcrae dirt\dirt (2).exeiRT Executable
"UDP Query User{E7A8DD58-2D03-4F69-A778-ABA249DB0077}D:\\mikael\\pelit\\colin mcrae dirt\\dirt (2).exe"= TCP:\mikael\pelit\colin mcrae dirt\dirt (2).exeiRT Executable
"{03680B7E-03B4-4095-BF46-2963CC3728F8}"= UDP:\Mikael\Pelit\Pro Evolution Soccer 2008\PES2008.exero Evolution Soccer 2008
"{A8A23DEC-E6CA-46D8-8ADD-5949F0AD8D39}"= TCP:\Mikael\Pelit\Pro Evolution Soccer 2008\PES2008.exero Evolution Soccer 2008
"{40A102A5-F622-4523-B265-871B31E361F4}"= UDP:\Azureus Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call.of.Duty.4.Modern.Warfare.Full-Rip.Skullptura\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{0283816B-E412-448F-9D41-18952B3BF6AE}"= TCP:\Azureus Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call.of.Duty.4.Modern.Warfare.Full-Rip.Skullptura\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"UDP Query User{411D4515-9042-4A72-B56C-6C01184C2E75}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{BCA3A979-27DD-40EC-B9D4-C6717FC4B78D}C:\\program files\\free download manager\\fdm.exe"= UDP:C:\program files\free download manager\fdm.exe:Free Download Manager
"UDP Query User{000B92D1-7466-4C9F-94EE-31E5323564B8}C:\\program files\\free download manager\\fdm.exe"= TCP:C:\program files\free download manager\fdm.exe:Free Download Manager
"TCP Query User{37A5F0DA-69E9-407B-A048-2AF6C3DAC82E}C:\\users\\mikael väänänen\\program files\\bittorrent\\bittorrent.exe"= UDP:C:\users\mikael väänänen\program files\bittorrent\bittorrent.exe:bittorrent.exe
"UDP Query User{DDEA2233-415C-4644-B33B-B223EE8A6AAC}C:\\users\\mikael väänänen\\program files\\bittorrent\\bittorrent.exe"= TCP:C:\users\mikael väänänen\program files\bittorrent\bittorrent.exe:bittorrent.exe
"TCP Query User{BFEC57A5-5B9F-422B-B86E-C196699C2E42}C:\\program files\\steam\\steamapps\\nnaab\\garrysmod\\hl2.exe"= UDP:C:\program files\steam\steamapps\nnaab\garrysmod\hl2.exe:hl2
"UDP Query User{AC3EE9CA-E4D7-4358-8AB5-59A565A7AFD4}C:\\program files\\steam\\steamapps\\nnaab\\garrysmod\\hl2.exe"= TCP:C:\program files\steam\steamapps\nnaab\garrysmod\hl2.exe:hl2
"TCP Query User{648F8FAC-35CD-4BFA-BDCB-EB7DF184DB6F}C:\\program files\\steam\\steamapps\\nnaab\\counter-strike\\hl.exe"= UDP:C:\program files\steam\steamapps\nnaab\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{9F443610-EC0D-4752-88B1-0C259BB43C51}C:\\program files\\steam\\steamapps\\nnaab\\counter-strike\\hl.exe"= TCP:C:\program files\steam\steamapps\nnaab\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{DAF23573-5296-4243-AF0D-DC1A28E5EE35}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{C3A7BA8A-7B9A-49A9-8F08-F06D3A3FE519}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"{09F5F863-9CA2-4E6B-A8B9-6083FA8E3D1C}"= UDP:32945:uTorrent
"{81B69E0B-052F-47A8-A2EB-7F74D10C37FC}"= TCP:32945:uTorrent
"TCP Query User{166C890A-237C-4CA8-A2DD-CE056546BB10}C:\\program files\\steam\\steamapps\\nnaab\\team fortress 2\\hl2.exe"= UDP:C:\program files\steam\steamapps\nnaab\team fortress 2\hl2.exe:hl2
"UDP Query User{1FE5F1FA-FCC2-4C46-B7E2-A44F96E0385D}C:\\program files\\steam\\steamapps\\nnaab\\team fortress 2\\hl2.exe"= TCP:C:\program files\steam\steamapps\nnaab\team fortress 2\hl2.exe:hl2
"TCP Query User{B7D9ED1A-D631-4A1A-A359-A0AEFB77EC89}C:\\program files\\blitz3d\\bin\\blitzcc.exe"= UDP:C:\program files\blitz3d\bin\blitzcc.exe:blitzcc
"UDP Query User{633CE568-1678-44CA-8607-2B3C34C5F343}C:\\program files\\blitz3d\\bin\\blitzcc.exe"= TCP:C:\program files\blitz3d\bin\blitzcc.exe:blitzcc
"TCP Query User{1D0719E5-2EDF-4F19-A17D-1F37A902C75D}D:\\mikael\\ohjelmat\\azureus\\azureus.exe"= UDP:\mikael\ohjelmat\azureus\azureus.exe:Azureus
"UDP Query User{E6A7BA0A-D40C-4743-9E23-0D5648C2677C}D:\\mikael\\ohjelmat\\azureus\\azureus.exe"= TCP:\mikael\ohjelmat\azureus\azureus.exe:Azureus
"TCP Query User{8F2C6DAE-1076-4BC7-B9AD-E1645B89DD41}C:\\users\\mikael väänänen\\desktop\\cs\\cod 2d.exe"= UDP:C:\users\mikael väänänen\desktop\cs\cod 2d.exe:cod 2d.exe
"UDP Query User{B577666E-CBFC-4A1F-9AC2-CDD57520584D}C:\\users\\mikael väänänen\\desktop\\cs\\cod 2d.exe"= TCP:C:\users\mikael väänänen\desktop\cs\cod 2d.exe:cod 2d.exe
"{A95378FA-DE22-4B7D-AE40-CA2E2CB49DF9}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{CCBA77CE-7176-4CB7-9F15-9F7733CCD9C1}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{B11CE74D-88F7-48CE-82E2-427A0FDE342E}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{81571AF2-8B53-45CD-A413-593AAFE4C7C1}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{D978F072-4216-4A8C-87D5-0A8B7D9C7593}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{86D755FF-7C3B-45AC-8055-D4204FDF1F11}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{11ED9CFE-8F55-412F-BA8F-74F87E5FCC0D}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{74624884-49E7-4836-B2A7-F0D4E1AA704E}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"TCP Query User{229CEE95-C745-4ABF-9E73-6C49456F4B6A}D:\\azureus downloads\\tom.clancys.rainbow.six.vegas.2.full-rip.skullptura\\rainbow six vegas 2\\binaries\\r6vegas2_game.exe"= UDP:\azureus downloads\tom.clancys.rainbow.six.vegas.2.full-rip.skullptura\rainbow six vegas 2\binaries\r6vegas2_game.exe:R6Vegas2_Game
"UDP Query User{BF6B782C-A6B2-449F-8739-93A463F8380C}D:\\azureus downloads\\tom.clancys.rainbow.six.vegas.2.full-rip.skullptura\\rainbow six vegas 2\\binaries\\r6vegas2_game.exe"= TCP:\azureus downloads\tom.clancys.rainbow.six.vegas.2.full-rip.skullptura\rainbow six vegas 2\binaries\r6vegas2_game.exe:R6Vegas2_Game
"TCP Query User{C3E060F0-CF6F-4B1D-BB86-779ABED135B5}C:\\program files\\winamp remote\\bin\\orbtray.exe"= UDP:C:\program files\winamp remote\bin\orbtray.exe:Orb
"UDP Query User{B01B51D2-25EA-4AB1-9F08-7A2A54CD9A66}C:\\program files\\winamp remote\\bin\\orbtray.exe"= TCP:C:\program files\winamp remote\bin\orbtray.exe:Orb
"{FD2D1414-C8DA-4848-A294-2A0D18C00326}"= UDP:C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe:Mozilla Firefox
"{D5337E3B-A757-48CF-8352-E919A1409315}"= TCP:C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe:Mozilla Firefox
"TCP Query User{AC219AE4-EC18-441B-ACFE-D569C4BE00EC}C:\\users\\mikael väänänen\\program files\\bittorrent\\bittorrent.exe"= UDP:C:\users\mikael väänänen\program files\bittorrent\bittorrent.exe:bittorrent.exe
"UDP Query User{35FC47B0-1CEF-41B6-A341-ED78B9733B78}C:\\users\\mikael väänänen\\program files\\bittorrent\\bittorrent.exe"= TCP:C:\users\mikael väänänen\program files\bittorrent\bittorrent.exe:bittorrent.exe
"{E977A6A9-2B9D-4BF4-A783-7668BB26DB77}"= UDP:27000:stiim
"TCP Query User{5A5646EA-9FBE-43BA-937F-D86A28C9342B}D:\\mikael\\pelit\\trackmania\\tmunited.exe"= UDP:\mikael\pelit\trackmania\tmunited.exe:TmUnited
"UDP Query User{82A13E31-FEE2-4311-8B41-7B5F0E336881}D:\\mikael\\pelit\\trackmania\\tmunited.exe"= TCP:\mikael\pelit\trackmania\tmunited.exe:TmUnited
"TCP Query User{A8553B1D-F09F-47DF-B144-B98806F66C1E}C:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:C:\program files\wolfenstein - enemy territory\et.exe:ET
"UDP Query User{0B850099-2B6F-496E-962D-664BF2CE0097}C:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:C:\program files\wolfenstein - enemy territory\et.exe:ET
"TCP Query User{9F785675-2457-4143-BA1D-EF0B33242E48}C:\\users\\mikael väänänen\\desktop\\cod 2d\\cod 2d.exe"= UDP:C:\users\mikael väänänen\desktop\cod 2d\cod 2d.exe:cod 2d.exe
"UDP Query User{FA06353A-07B4-4229-9A71-45EA86CDB71B}C:\\users\\mikael väänänen\\desktop\\cod 2d\\cod 2d.exe"= TCP:C:\users\mikael väänänen\desktop\cod 2d\cod 2d.exe:cod 2d.exe
"TCP Query User{E7F986F9-67DC-48C8-A60A-B66943442718}C:\\program files\\counter-strike 1.6 v31\\hl.exe"= UDP:C:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"UDP Query User{2AC66BEE-3BDF-4A8B-BB14-30DBB5F7E8AE}C:\\program files\\counter-strike 1.6 v31\\hl.exe"= TCP:C:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"{E8EAD834-3DEB-4A7B-84A6-A12A73480B36}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{0B6F58C3-0DCB-498D-8917-17E2BF531AD1}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{76A7DE95-856B-42A2-8E13-E4B72CDADC93}C:\\users\\mikael väänänen\\desktop\\cod 2d\\cod 2d.exe"= UDP:C:\users\mikael väänänen\desktop\cod 2d\cod 2d.exe:cod 2d.exe
"UDP Query User{1A6858A8-4619-45C0-ADDA-78CE734BC726}C:\\users\\mikael väänänen\\desktop\\cod 2d\\cod 2d.exe"= TCP:C:\users\mikael väänänen\desktop\cod 2d\cod 2d.exe:cod 2d.exe
"{358474B7-6D04-4966-924E-082F9F453863}"= UDP:C:\Windows\System32\mqsvc.exe:Message Queuing
"{7139FEE2-D6E7-4BD8-9D51-79ADD79E876D}"= TCP:C:\Windows\System32\mqsvc.exe:Message Queuing
"{F2774ED8-B1AF-4216-9A50-E964EB4124AE}"= UDP:C:\Windows\System32\mqsvc.exe:Message Queuing
"{343B5482-31D0-4C2A-8835-451D3406D034}"= TCP:C:\Windows\System32\mqsvc.exe:Message Queuing
"{FED0DF3E-DC6C-4D49-949C-055A61CADB17}"= UDP:\Mikael\Pelit\Pro Evolution Soccer 2008\PES2008.exero Evolution Soccer 2008
"{465B6C52-E413-411D-B4E0-441A3223889B}"= TCP:\Mikael\Pelit\Pro Evolution Soccer 2008\PES2008.exero Evolution Soccer 2008
"{6F96D782-4EE9-42FB-A63E-31585461E87D}"= D:\Mikael\Ohjelmat\AVG\avgupd.exe:avgupd.exe
"{0D41758D-9565-460F-9517-74344FE24D41}"= UDP:C:\eemumanii\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{7182C636-E061-417B-80BC-2ABE33B1D673}"= TCP:C:\eemumanii\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{C08F4FAA-33C4-43F8-97AD-C0EFAF69AAA3}"= UDP:C:\eemumanii\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{1FE05D4C-57FF-4BBE-A3BE-5E6115C1A63F}"= TCP:C:\eemumanii\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"TCP Query User{6E7DDED6-BE1B-4BB7-8668-1AEB38C94B94}C:\\eemumanii\\grid\\grid\\grid.exe"= UDP:C:\eemumanii\grid\grid\grid.exe:GRID Executable
"UDP Query User{29816E2B-E64E-4058-900B-29006FCC6384}C:\\eemumanii\\grid\\grid\\grid.exe"= TCP:C:\eemumanii\grid\grid\grid.exe:GRID Executable
"TCP Query User{32EB275D-2743-46DD-BF4C-9C11180BD6AD}C:\\program files\\counter-strike 1.6 v31\\hl.exe"= UDP:C:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"UDP Query User{3F7665F9-73F1-4CED-8589-3A1D9EE13B90}C:\\program files\\counter-strike 1.6 v31\\hl.exe"= TCP:C:\program files\counter-strike 1.6 v31\hl.exe:Half-Life Launcher
"{1BB63CFF-DBBB-44A3-B00C-DF77BE7C0AF8}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{90E6FDA0-72CC-442B-BD7B-DEC3816D73F8}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{E35A75CF-B943-49A6-87BC-DBF53332CAF3}"= UDP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{3D6D5D85-5041-4088-B484-354402775994}"= TCP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{4AF2606D-E6BD-4D01-BC6A-6E1DD9533C49}"= UDP:C:\Windows\System32\PnkBstrB.exenkBstrB
"{0163E4F9-0803-4DBF-B011-F3437C6EC00A}"= TCP:C:\Windows\System32\PnkBstrB.exenkBstrB
"{EC4D01EF-1066-4302-97C0-66E79EC9B4EF}"= Disabled:UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{74DD3C00-598D-402C-B613-685820A87046}"= Disabled:TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{C7005B03-E6EE-4ADB-AC40-750E54CCF678}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{CD2C3643-4E5B-4FDE-A4B7-9C640F398408}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{76A644A5-A8F4-4068-BA92-7F773C796D65}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{605B1839-C36C-47C5-A595-0CF52CDC2DF3}C:\\call of duty 1\\the call of duty\\codmp.exe"= UDP:C:\call of duty 1\the call of duty\codmp.exe:CoDMP
"UDP Query User{BCAE5283-E0AC-4152-BCC7-A446A3BB3B99}C:\\call of duty 1\\the call of duty\\codmp.exe"= TCP:C:\call of duty 1\the call of duty\codmp.exe:CoDMP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Configurable\System]
"Rip-Listener-1"= TCP:520|%SystemRoot%\System32\svchost.exe|Svc=ipripiprip.dll,-200|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"SNMP-1"= TCP:%SystemRoot%\system32\snmp.exe|Svc=SNMP%SystemRoot%\system32\snmp.exe,-5|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 06:22]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-07-10 16:18]
R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080111.002\IDSvix86.sys [2007-11-06 19:07]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-04 18:54]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 17:52]
R2 avg8wd;AVG8 WatchDog;D:\Mikael\Ohjelmat\AVG\avgwdsvc.exe [2008-07-10 16:18]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-06-26 22:00]
R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2006-11-21 07:45]
R3 tenCapture;tenCapture;C:\Windows\system32\DRIVERS\tenCapture.sys [2007-04-21 17:15]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-03-23 05:12]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 12:11]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 12:11]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 12:11]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-09 17:46]
S3 UMPass;Microsoft UMPass-ohjain;C:\Windows\system32\DRIVERS\umpass.sys [2008-01-19 08:53]
S3 WMSvc;WWW-hallintapalvelu;C:\Windows\system32\inetsrv\wmsvc.exe [2008-01-19 10:33]
S4 NetMsmqActivator;Net.Msmq-kuuntelijasovitin;C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-12-15 02:00]
S4 NetPipeActivator;Net.Pipe-kuuntelijasovitin;C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-12-15 02:00]
S4 NetTcpActivator;Net.Tcp-kuuntelijasovitin;C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-12-15 02:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LPDService REG_MULTI_SZ LPDSVC
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\shell\AutoRun\command - J:\INSTALL\SETUP.EXE

*Newly Created Service* - COMHOST
.
'Ajoitetut teht„v„t'-kansion sis„lt”

2008-08-26 C:\Windows\Tasks\GlaryInitialize.job
- C:\Program Files\Glary Utilities\initialize.exe [2008-04-09 13:22]

2008-08-23 C:\Windows\Tasks\RegClean Scheduled Scan.job
- C:\Program Files\RegClean\RegClean.exe []

2008-08-23 C:\Windows\Tasks\RegClean Scheduled Scan.job
- C:\Program Files\RegClean []
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-fsm - (no file)
HKCU-Run-Acer Tour Reminder - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Mikael Väänänen\AppData\Roaming\Mozilla\Firefox\Profiles\slcio12l.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-27 00:14:38
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\Ati2evxx.exe
C:\Windows\System32\audiodg.exe
C:\Windows\System32\Ati2evxx.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Windows\System32\conime.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\CISVC.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Windows\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\mqsvc.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\PnkBstrA.exe
C:\Windows\System32\PnkBstrB.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\System32\TCPSVCS.EXE
C:\Windows\System32\snmp.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\mqtgsvc.exe
D:\Mikael\Ohjelmat\AVG\avgrsx.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\MIKAEL~1\AppData\Local\Temp\ir_ext_temp_6\autorun.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Completion time: 2008-08-27 0:23:39 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-26 21:22:47

Pre-Run: Järjestelmä ei löydä sanomaa numerolle 0x2379 ohjelman Application sanomatiedostossa.
Post-Run: 46,666,252,288 tavua vapaana

414 --- E O F --- 2008-06-26 22:48:12

 

scannaa uusi hjt:n loki

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:00:22, on 27.8.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Mikael\Ohjelmat\AVG\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Updater] C:\Windows\system32\updater\explorer.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] D:\Mikael\Ohjelmat\AVG\avgtray.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Privoxy\privoxy.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Mikael\Ohjelmat\AVG\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll,
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\Mikael\Ohjelmat\AVG\avgwdsvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\MediaServer.exe

--
End of file - 10448 bytes

 

ota tuo hjt:n loki normaalissa tilassa