AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
maanantai 17.11.2025 / 08:44
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > kone jumissa/viruksia sikana (hijackthis)
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
kone jumissa/viruksia sikana (hijackthis)
  Siirry:
 
Kirjoittaja Viesti
klasu84
Suspended due to non-functional email address
_ 		22. helmikuuta 2009 @ 21:56 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
tässä malware scanlog ja sen jälkeinen hijackthislog


Malwarebytes' Anti-Malware 1.34
Tietokantaversio: 1793
Windows 5.1.2600 Service Pack 3

22.2.2009 21:45:55
mbam-log-2009-02-22 (21-45-55).txt

Tarkistustyyppi: Täysi tarkistus (C:\|)
Tarkistetut kohteet: 129101
Kulunut aika: 51 minute(s), 4 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 16
Saastuneita rekisteriarvoja: 5
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 46

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79ae735f-9663-4b92-9602-39eb563fa30c} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\byxwtsp (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{79ae735f-9663-4b92-9602-39eb563fa30c} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{81705d67-3f73-4983-859b-97d0922e5abe} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3935B537-3E6D-04ED-ABB3-ACB16A699E3B} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{81705d67-3f73-4983-859b-97d0922e5abe} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{79ae735f-9663-4b92-9602-39eb563fa30c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

Saastuneita rekisteriarvoja:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\94a97af4 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{81705d67-3f73-4983-859b-97d0922e5abe} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{79ae735f-9663-4b92-9602-39eb563fa30c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{f0d4f88e-e1f8-460f-a41c-6cfb7f73af79} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{735e980d-45d2-4777-af82-9923d3c8d3ae} (Trojan.Zlob) -> Quarantined and deleted successfully.

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
C:\WINDOWS\system32\byxwtsp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Omistaja\Local Settings\Temp\murxbnfb.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\etmbjohj.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\srbukokl.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\pauxtrud.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\hsssrlbh.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\cgasbkqe.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\ciphpvmy.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\jqvadgwe.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\ukiyyuby.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\vahaoxqs.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\yacfcmek.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\dfonvfyw.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\ofibrewm.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\qfpvmcxj.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\nnrfdncc.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\rlvewyjw.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\xjxalall.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\fvpfwxqb.0ll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\knoquiyd.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\ebykdnuy.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\uetylfqx.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\vfxnnucb.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\gybqfnmh.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\ijbcnhxe.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\qwahxdhu.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\qynnigyt.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\pytwcabh.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\ouwhhbbk.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\oxmcqbrn.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\emtehlpl.0ll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\nibxtkvj.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\amjpmwkn.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\xofxmhct.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\vppcjvoe.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\trkiilra.0ll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\ttovewel.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Omistaja\Local Settings\Temp\hcqkwkpf.0ll (Trojan.Vundo) -> Delete on reboot.
C:\Program Files\AVG\AntivirusGold 4.3\AntivirusGold 4.3.exe (Rogue.AstrumAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ulacmbfx.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM979a4968.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM979a4968.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Omistaja\Suosikit\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully.








Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:50:50, on 22.2.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\Logi_MwX.Exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://elisa.net/paketti/haku.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://elisa.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://elisa.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja Elisa Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8DB411E3-9C88-40E3-8E5A-3CBA3962A26F} - C:\WINDOWS\system32\vtutu.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: SMS-viesti - {46387535-6745-4809-8169-A275735096A9} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Palvelut - {DEDE8966-E34D-45A3-B372-597A63AE9048} - http://service.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Tuki - {FA911172-5BB4-456F-82D3-D082AE21E1CA} - http://tuki.elisa.net/ (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 7651 bytes
[ + lainaa]
klasu84
Suspended due to non-functional email address
_ 		22. helmikuuta 2009 @ 22:05 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
tässä vielä javaralog


JavaRa 1.13 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Feb 22 21:58:13 2009

Found and removed: C:\Program Files\Java\j2re1.4.2_05

Found and removed: C:\Program Files\Java\jre1.5.0_09

Found and removed: C:\Windows\System32\jpicpl32.cpl

Found and removed: C:\Windows\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142050}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_09\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_10\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core1.zip

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core2.zip

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core3.zip

------------------------------------

Finished reporting.
[ + lainaa]
Hujo
Suspended permanently
_ 		23. helmikuuta 2009 @ 00:45 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2

älä asenna palautus consolia
2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

[ + lainaa]
Voiko tietsikka koskaan toimia?
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > kone jumissa/viruksia sikana (hijackthis)
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2025 AfterDawn Oy