AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
perjantai 14.3.2025 / 17:59
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > hjt-logi tutkittavaksi!
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
hjt-logi tutkittavaksi!
  Siirry:
 
Kirjoittaja Viesti
zamppaa
Junior Member
_ 		10. lokakuuta 2006 @ 10:21 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Logfile of HijackThis v1.99.1
Scan saved at 14:19:13, on 10.10.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\D-Tools\daemon.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\PROGRA~1\PRINTV~1\pvmodule.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\muamoawe.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\{E4E18821-04E2-1035-1014-030310220166}\Update.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Steam\Steam.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\OpenOffice.org1.1.1\program\soffice.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\NetLimiter 2 Lite\nlsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6BC97724-CDD3-4F4C-99CE-724A3F1AACB9} - C:\WINDOWS\System32\hyz.dll
O2 - BHO: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll
O2 - BHO: PrintViewBHO Class - {D4E0C464-30CE-4075-9A10-71FD106C2847} - C:\PROGRA~1\PRINTV~1\PRINTH~1.DLL
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PVModule] C:\PROGRA~1\PRINTV~1\pvmodule.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [muamoawe] C:\WINDOWS\System32\muamoawe.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "D:\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [muamoawe] C:\WINDOWS\System32\muamoawe.exe
O4 - Startup: OpenOffice.org 1.1.1.lnk = C:\Program Files\OpenOffice.org1.1.1\program\quickstart.exe
O4 - Global Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Global Startup: MS_update_0609_7723.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Lite\nlsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
[ + lainaa]
Daniii
Member
_ 		11. lokakuuta 2006 @ 06:13 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Laita HijackThis_v1.99.1.exe omaan kansioon esim. C:/HJT/HijackThis_v1.99.1.exe

Lataa AVG antispyware tästä:
http://www.ewido.net/en/download/
tallenna se vaikka työpöydälle ja asenna ja päivitä se. Älä aja scannia vielä!

Poista ohjauspaneelin lisää tai poista sovelluksella:

Toolbar888
PVModule tai PrintView (tai näihin viittaava)

Avaa HjT klikkaa do a system scan only ja merkitse seuraavat:

O2 - BHO: (no name) - {6BC97724-CDD3-4F4C-99CE-724A3F1AACB9} - C:\WINDOWS\System32\hyz.dll
O2 - BHO: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll
O2 - BHO: PrintViewBHO Class - {D4E0C464-30CE-4075-9A10-71FD106C2847} - C:\PROGRA~1\PRINTV~1\PRINTH~1.DLL
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll
O4 - HKLM\..\Run: [PVModule] C:\PROGRA~1\PRINTV~1\pvmodule.exe
O4 - HKLM\..\Run: [muamoawe] C:\WINDOWS\System32\muamoawe.exe
O4 - HKCU\..\Run: [muamoawe] C:\WINDOWS\System32\muamoawe.exe
O4 - Global Startup: MS_update_0609_7723.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

... ja paina fix checked.

Tarkastuta tämä:

C:\WINDOWS\SYSTEM32\instcat.dll

täällä
http://virusscan.jotti.org/ ja lähetä tulos tänne.

Käynnistä kone vikasietotilaan (räpyttele f8 käynnistyksen yhteydessä ja valitse avautuvasta valikosta vikasietotila). Laita myös piilotiedostot näkyviin ohje --> http://www.virustorjunta.net/modules.php...n+ratkaisuun#40
Varmista vielä, että pahikset ovat poissa, poista nämä vielä manuaalisesti vikasietotilassa jos siis löytyvät:

C:\Program Files\PrintView\
C:\Program Files\ToolBar888\
C:\Program Files\Common Files\{E4E18821-04E2-1035-1014-030310220166}
C:\WINDOWS\System32\muamoawe.exe
C:\WINDOWS\System32\hyz.dll
Tätä voit etsiä vaikka windowsin haku-toiminolla:
MS_update_0609_7723.exe


Nyt voit ajattaa tuon avg:n spyware-ohjelman vikasietotilassa minkä asensit aikaisemmin tarkempia ohjeita täällä:
http://www.virustorjunta.net/modules.php...iewtopic&t=5829

Lähetä AVG:n luoma raportti tähän viestiketjuun, lähetä myös uusi HjT-logi.
[ + lainaa]

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 11. lokakuuta 2006 @ 06:15
zamppaa
Junior Member
_ 		11. lokakuuta 2006 @ 13:55 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Uuusi HjT-logi

Logfile of HijackThis v1.99.1
Scan saved at 17:47:36, on 11.10.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
D:\Steam\Steam.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\NetLimiter 2 Lite\nlsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Hjt\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "D:\Steam\Steam.exe" -silent
O4 - Startup: OpenOffice.org 1.1.1.lnk = C:\Program Files\OpenOffice.org1.1.1\program\quickstart.exe
O4 - Global Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O21 - SSODL: IEFilter - {CFEDEB49-AA30-4F57-BA11-7EA5D0FB0AF5} - C:\WINDOWS\system32\IEFilter.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Lite\nlsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
[ + lainaa]
Daniii
Member
_ 		11. lokakuuta 2006 @ 17:04 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Mitäs toi jotti sanos tosta --> C:\WINDOWS\SYSTEM32\instcat.dll

avgn logi vielä :)

Tämä fixiin:
O21 - SSODL: IEFilter - {CFEDEB49-AA30-4F57-BA11-7EA5D0FB0AF5} - C:\WINDOWS\system32\IEFilter.dll (file missing)
[ + lainaa]

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 11. lokakuuta 2006 @ 17:05
zamppaa
Junior Member
_ 		11. lokakuuta 2006 @ 18:43 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Joo elikkä se jottis sano tollasta:
Status: POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only flagged as malware by heuristic detection(s). This might be a false positive. Therefore, results of this scan will not be stored in the database)

Scanner result kaikki muut ok (not found) mut tua:AntiVir: Found Heuristic/Malware (probable variant)

Sori jos on sekava :)


joo unohin laittaa ton AVG-login mutta se on tässä näin:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 22:30:04 11.10.2006

+ Scan result:



C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0019249.dll -> Adware.Softomate : No action taken.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020448.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020449.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020450.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020451.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020452.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020453.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020454.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020455.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020456.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020457.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020458.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020459.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020460.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020461.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020462.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020463.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020464.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020465.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020466.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020467.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020468.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020469.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020470.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020471.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020472.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020473.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020474.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020475.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020476.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020477.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020478.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020479.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020480.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020481.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020482.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020483.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020484.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020485.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020486.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020487.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020488.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020489.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020490.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020491.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020492.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020493.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020494.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020495.exe -> Trojan.Zapchast.ca : No action taken.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020496.exe -> Trojan.Zapchast.ca : No action taken.


::Report end
[ + lainaa]
Daniii
Member
_ 		12. lokakuuta 2006 @ 16:13 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Ewidon ohjeissa oli tällainen kohta:

# Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
# Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".

Laita omaan ewidoosi asetus päälle että se pistä karanteeniin jos löytää nyt noilla asetuksilla millä scannasit se kyllä löysi mutta ei tehnyt mitään. Korjaa siis tämä asetus ja scannaa uusiks ja lähetä logi :)
[ + lainaa]
zamppaa
Junior Member
_ 		12. lokakuuta 2006 @ 17:52 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Okei eli siin o se AVG-logi ja uus HjT-logi

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 21:28:28 12.10.2006

+ Scan result:



C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0019249.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@ehg-talentumoyi.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Red_Baaryna\Cookies\red_baaryna@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020448.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020449.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020450.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020451.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020452.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020453.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020454.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020455.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020456.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020457.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020458.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020459.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020460.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020461.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020462.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020463.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020464.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020465.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020466.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020467.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020468.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020469.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020470.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020471.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020472.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020473.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020474.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020475.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020476.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020477.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020478.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020479.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020480.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020481.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020482.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020483.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020484.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020485.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020486.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020487.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020488.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020489.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020490.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020491.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020492.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020493.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020494.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020495.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{D386FCC3-B122-4CC5-8E8E-2057F1AF9A8B}\RP15\A0020496.exe -> Trojan.Zapchast.ca : Cleaned with backup (quarantined).



::Report end



Logfile of HijackThis v1.99.1
Scan saved at 21:52:19, on 12.10.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\NetLimiter 2 Lite\nlsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Hjt\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "D:\Steam\Steam.exe" -silent
O4 - Startup: OpenOffice.org 1.1.1.lnk = C:\Program Files\OpenOffice.org1.1.1\program\quickstart.exe
O4 - Global Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Lite\nlsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
[ + lainaa]
Daniii
Member
_ 		12. lokakuuta 2006 @ 18:01 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Noniin nyt on puhdistettu suurimmat roskat pois :) Kannattaa ajattaa toi avg:n spywaresofta kerran parissa viikossa.

Suosittelen vielä päivittämään tuon windowsin, eli hae sp2 vaikka http://update.microsoft.com
[ + lainaa]
Mainos
_ 		__
 
_
zamppaa
Junior Member
_ 		12. lokakuuta 2006 @ 19:07 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Okei kiitoksia todella paljon!!!
[ + lainaa]
Viestiketju on suljettu. Uusien viestien lähettäminen ei ole mahdollista.
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > hjt-logi tutkittavaksi!
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2025 AfterDawn Oy