User Käyttäjä Salasana  
   
tiistai 24.12.2024 / 03:03
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > hjt logi tarkastettavaksi
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
HJT logi tarkastettavaksi
  Siirry:
 
Kirjoittaja Viesti
TD_13
Newbie
_
2. joulukuuta 2005 @ 11:29 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Kone ollut nyt jumissa jonkun aikaa. Rekisteritiedostot puhdistettu, virukset tarkistettu, spywaret ajettu, mutta kone silti tökkii. Prosesseissa ja käynnistysvalikossa (msconfig) kummittelee tiedosto nimeltään hedgie, onko tietoa mikä se mahdollisesti on? Näkyy myös logissa.

Varsinkin netti ollut hidas, aivan kuin jokin söisi kaistat pois.

Tässä HJT logi

Logfile of HijackThis v1.99.1
Scan saved at 16:17:13, on 2.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\ohjelmat\antiblax\Anti-Blaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\hedgie.exe
C:\Program Files\AVPersonal\AVWIN.EXE
C:\Ohjelmat\adware\Ad-Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dnainternet.fi/aloitussivu/ppo
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Ohjelmat\spybot\SDHelper.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [C-Media Mixer] C:\Program Files\PCI Audio Applications\Bin\AudioRack.exe /MixerStartup
O4 - HKLM\..\Run: [Anti-Blaxx Manager] c:\ohjelmat\antiblax\Anti-Blaxx.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [hedgie] C:\WINDOWS\system32\hedgie.exe
O4 - HKLM\..\RunServices: [hedgie] C:\WINDOWS\system32\hedgie.exe
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Ohjelmat\bitcomet\BitComet.exe"
O4 - HKCU\..\Run: [hedgie] C:\WINDOWS\system32\hedgie.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AEABD7C2-9C82-417B-A96F-1D25D0EF43D3}: NameServer = 212.50.211.55 212.50.192.227
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: msupdate - C:\WINDOWS\SYSTEM32\msupdate32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\ohjelmat\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
Zipp2
Member
_
2. joulukuuta 2005 @ 11:39 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Scanna tuo tuolla ja kopioi tulos ja pistä tänne.

C:\WINDOWS\system32\hedgie.exe

http://virusscan.jotti.org/
TD_13
Newbie
_
2. joulukuuta 2005 @ 11:44 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Tulos näyttää tältä, pahasti näyttää troijan hevoselta, eikö?


Service load:
0% 100%
File: hedgie.exe
Status:
INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5 2019fc38af7f713802ad55c8b3bcb5fc
Packers detected:
FSG
Scanner results
AntiVir
Found Trojan/Dldr.Agen.xq.2.C
ArcaVir
Found Trojan.Proxy.Small.Bo
Avast
Found Win32:Trojano-2975
AVG Antivirus
Found Proxy.AMD
BitDefender
Found Trojan.Proxy.Small.DC
ClamAV
Found nothing
Dr.Web
Found Trojan.Proxy.524
F-Prot Antivirus
Found unknown virus (probable variant)
Fortinet
Found W32/Cosiam.D!tr
Kaspersky Anti-Virus
Found Trojan-Proxy.Win32.Small.bo
NOD32
Found a variant of Win32/TrojanProxy.Daemonize
Norman Virus Control
Found Sandbox: W32/Malware; [ General information ]

* File might be compressed.
* File length: 10672 bytes.

[ Changes to filesystem ]
* Deletes file C:\WINDOWS\SYSTEM32\hedgie.exe.
* Creates file C:\WINDOWS\SYSTEM32\hedgie.exe.

[ Changes to registry ]
* Sets value "ATI_VER"="Cs7?" in key "HKLM\Software\Microsoft".

[ Network services ]
* Opens URL: http://jupitersatellites.biz/hedgie/access.php.

[ Security issues ]
* Possible backdoor functionality [UNKNOWN] port 3599.

[ Process/window information ]
* Creates a mutex bin28-1024.
* Will automatically restart after boot (I'll be back...).
UNA
Found nothing
VBA32
Found Trojan-Proxy.Win32.Small.bo
Zipp2
Member
_
2. joulukuuta 2005 @ 11:50 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Merkkaa nuo sulje selain ja paina Fix checked

O4 - HKLM\..\Run: [hedgie] C:\WINDOWS\system32\hedgie.exe
O4 - HKLM\..\RunServices: [hedgie] C:\WINDOWS\system32\hedgie.exe
O4 - HKCU\..\Run: [hedgie] C:\WINDOWS\system32\hedgie.exe

Käynnistä sitte vikasietotilassa ja poista

C:\WINDOWS\system32\hedgie.exe
TD_13
Newbie
_
2. joulukuuta 2005 @ 12:07 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Nyt pitäisi hedgie olla poistettu täydellisesti koneelta. Logissa se kuitenkin vielä on, kuten myös msconfigin käynnistysvalikossa, mutta ei valittuna käynnistymään. Noista ei liene haittaa, vai?

Logfile of HijackThis v1.99.1
Scan saved at 17:18:09, on 2.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\ohjelmat\antiblax\Anti-Blaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Ohjelmat\bitcomet\BitComet.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\ohjelmat\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\ohjelmat\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\ohjelmat\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dnainternet.fi/aloitussivu/ppo
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Ohjelmat\spybot\SDHelper.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [C-Media Mixer] C:\Program Files\PCI Audio Applications\Bin\AudioRack.exe /MixerStartup
O4 - HKLM\..\Run: [Anti-Blaxx Manager] c:\ohjelmat\antiblax\Anti-Blaxx.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\RunServices: [hedgie] C:\WINDOWS\system32\hedgie.exe
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Ohjelmat\bitcomet\BitComet.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AEABD7C2-9C82-417B-A96F-1D25D0EF43D3}: NameServer = 212.50.211.55 212.50.192.227
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: msupdate - C:\WINDOWS\SYSTEM32\msupdate32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\ohjelmat\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 2. joulukuuta 2005 @ 12:21

Zipp2
Member
_
2. joulukuuta 2005 @ 12:27 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Multa jäi huomaamatta tuo eka varvilla

C:\WINDOWS\SYSTEM32\msupdate32.dll

ja sillä voi olla kaveri mukana jonka nimi on mspostsp.exe ,mutta Ewidon pitäs kyllä löytää ja poistaa ne.

Hae tuolta

http://www.ewido.net/en/download/

asenna ja päivitä se.
Käynnistä sitte vikasietotilassa ja scannaa + putsaa Ewidolla ja säästä logi.
Käynnistä site normaalisti ja uus Hijack + Ewido logi.
TD_13
Newbie
_
2. joulukuuta 2005 @ 13:13 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Tässä on ewidon raportti (löysi mainitsemasi tiedoston jo heti asennuksen jälkeen) :

ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 18:06:52, 2.12.2005
+ Report-Checksum: A295B0A6

+ Scan result:

C:\WINDOWS\hosts -> Trojan.Qhost.el : Cleaned with backup
C:\WINDOWS\kl.exe -> Dropper.Agent.abo : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WH27STUF\hedgie[1].exe -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\system32\hedgie.exe -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\system32\mspostsp.exe -> Trojan.Inject.i : Cleaned with backup
C:\WINDOWS\system32\paytime.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\Temp\100.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\102.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\103.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\105.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\106.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\109.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\10A.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\10C.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\10F.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\113.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\114.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\117.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\11A.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\11D.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\120.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\123.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\128.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\12B.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\12E.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\12F.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\131.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\133.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\134.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\137.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\25.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\2F.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\30.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\32.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\328.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\32B.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\32E.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\331.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\334.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\337.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\33A.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\34.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\35.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\38.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\39.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\3B.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\3D.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\3E.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\41.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\42.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\43.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\45.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\4673.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\4679.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\467F.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\4686.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\468D.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\4693.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\4698.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\469D.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46A3.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46AB.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46B1.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46B7.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46BD.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46C3.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46C9.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46CF.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46D5.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46DE.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46E9.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46F0.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\46F6.tmp -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\Temp\48.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\4B.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\51.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\55.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\56.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\58.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\5A.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\5B.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\5E.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\5F.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\61.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\64.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\66.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\67.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\6A.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\6E.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\6F.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\7F.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\82.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\87.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\8A.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\8D.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\90.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\93.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\95.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\96.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\99.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\9A.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\9C.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\9E.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\9F.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\A2.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\A3.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\A5.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\A7.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\A8.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\AB.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\AC.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\AE.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\B0.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\B1.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\B4.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\B5.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\B7.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\BA.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\BC.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\BD.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\C0.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\C1.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\C3.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\C6.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\C7.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\C9.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\CB.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\CC.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\CF.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\D0.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\D2.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\D4.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\D5.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\D8.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\D9.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\DB.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\DC.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\DE.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\DF.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\E0.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\E1.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\E4.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\E5.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\E6.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\E7.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\E9.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\EA.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\EC.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\ED.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\EE.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\F0.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\F2.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\F3.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\F4.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\F6.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\F7.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\F9.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\FA.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\FB.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\FE.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\Temp\FF.tmp -> Proxy.Small.dc : Cleaned with backup
C:\WINDOWS\tool2.exe -> Not-A-Virus.Hoax.Renos.z : Cleaned with backup
C:\WINDOWS\tool3.exe -> Dropper.Agent.abu : Cleaned with backup
C:\WINDOWS\toolbar.exe -> Downloader.VB.qr : Cleaned with backup


::Report End



Ja Hijack:


Logfile of HijackThis v1.99.1
Scan saved at 18:10:20, on 2.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\ohjelmat\antiblax\Anti-Blaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Ohjelmat\bitcomet\BitComet.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
c:\ohjelmat\ewido\ewidoctrl.exe
c:\ohjelmat\ewido\ewidoguard.exe
C:\ohjelmat\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\ohjelmat\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\ohjelmat\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dnainternet.fi/aloitussivu/ppo
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Ohjelmat\spybot\SDHelper.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [C-Media Mixer] C:\Program Files\PCI Audio Applications\Bin\AudioRack.exe /MixerStartup
O4 - HKLM\..\Run: [Anti-Blaxx Manager] c:\ohjelmat\antiblax\Anti-Blaxx.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Ohjelmat\bitcomet\BitComet.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AEABD7C2-9C82-417B-A96F-1D25D0EF43D3}: NameServer = 212.50.211.55 212.50.192.227
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: msupdate - msupdate32.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: ewido security suite control - ewido networks - c:\ohjelmat\ewido\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - c:\ohjelmat\ewido\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\ohjelmat\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
Zipp2
Member
_
2. joulukuuta 2005 @ 13:35 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Merkkaa nuo sulje selain ja paina Fix checked

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O20 - Winlogon Notify: msupdate - msupdate32.dll (file missing)

Kato sitte jos tuo löyty piilotiedostot näkyvillä niin poista se

C:\WINDOWS\SYSTEM32\msupdate32.dll

Kato myös varalta että Host file on ok..ei ylimääräisiä rivejä
Avaa Hijackki
Config... > Misc Tools > Open host file manager.
TD_13
Newbie
_
2. joulukuuta 2005 @ 13:52 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Tiedostoa ei löytynyt ja host file oli myös kunnossa. Ilmeisesti mitään muuta vikaa ei enää logissa ollut?

Kiitos paljon avusta! Pitää seurailla koneen käyttäytymistä, ainakin nyt kone toimii kunnolla.
Mainos
_
__
 
_
Zipp2
Member
_
2. joulukuuta 2005 @ 13:55 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Joo ei logissa muuta näy.
Aiheeseen liittyviä linkkejä
Lataa uusin versio HijackThis-ohjelmasta täältä!
 
Aiheeseen liittyviä viestiketjuja Viestejä Viimeisin viesti Keskustelualue
HJT Logi 2 3. kesäkuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT-logi ja vale-firefox ongelmia....virus koneella ? 4 6. toukokuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT logi, kone jumittaa 1 3. huhtikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
Näppäimistö sekoilee hjt log 1 2. huhtikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT-log ja Malwarebytes- log, Troijalainen? Apu tarpeen! 2 10. maaliskuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT-loki, kone valtavan hidas ja perusskannereiden läpi ajamisella ei vaikutusta 1 19. helmikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
probook 445 hjt-logit 1 19. tammikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT loki tarkastukseen 1 19. tammikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
Win7 + HJT ongelma ja kummitteleva Mass effect 2 1 11. tammikuuta 2014 Windows -ongelmat
HJT-logia.. 1 9. tammikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit

 
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > hjt logi tarkastettavaksi
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2024 AfterDawn Oy