AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
lauantai 2.8.2025 / 09:41
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > kone tökkii hillittömästi hjt loki
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
Kone tökkii hillittömästi Hjt loki
  Siirry:
 
Kirjoittaja Viesti
tomppa92
Junior Member
_ 		19. heinäkuuta 2007 @ 13:45 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
kone ei päästä firefoxiin ja norton valittaa Downloader viiruksesta

Logfile of HijackThis v1.99.1
Scan saved at 17:41:29, on 19.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
C:\WINDOWS\TEMP\win34.tmp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\ups.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Tomi\LOCALS~1\Temp\svsys.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hijack This\scanner.exe.exe
C:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.elisa.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.elisa.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.elisa.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {05A271EC-486B-4AF2-BF34-DCBD5F10F8B5} - (no file)
O2 - BHO: (no name) - {1FB63E52-4D6E-48C1-A08F-F630FE50F337} - C:\WINDOWS\system32\ljjiiji.dll
O2 - BHO: (no name) - {67B23883-C236-406E-B4AD-4D2A2A7B85A8} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {9A18B2A9-E8C1-4674-BE5B-36FDC160C63A} - C:\WINDOWS\system32\ljjki.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O5 "LPT1:" /M "Stylus C62"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Pc Suite\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\Musaa\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avp] C:\WINDOWS\TEMP\win34.tmp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\Icq\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\Icq\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ljjiiji - C:\WINDOWS\SYSTEM32\ljjiiji.dll
O20 - Winlogon Notify: ljjki - C:\WINDOWS\system32\ljjki.dll
O20 - Winlogon Notify: winjgf32 - C:\WINDOWS\SYSTEM32\winjgf32.dll
O20 - Winlogon Notify: winzbb32 - C:\WINDOWS\SYSTEM32\winzbb32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - D:\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - D:\Nvc\bin\nvcoas.exe (file missing)
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - D:\Nvc\BIN\NVCSCHED.EXE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
[ + lainaa]
Games dont get us violance, BUT LAGG Does!
<a href='http://www.just-click.us/?r=Stolieddood'><img alt='Join the Just-Click Pay-To-Click program!' title='Join the Just Click Pay-To-Click program!' src='http://www.just-click.us/images/logo3.gif' border='0'></a>

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 19. heinäkuuta 2007 @ 13:53
yamaneko
AfterDawn Addict

5 tuotearviota
_ 		20. heinäkuuta 2007 @ 08:29 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Jos jokin alla olevista toimista ei onnustu
Avaa AVG Anti-Spyware ja klikkaa Shield kuvaketta ikkunan ylälaidassa
Muuta Resident shield is -tila active:sta inactive:ksi


1.
1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
combofix.exe
combofix.exe

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.


2.
Lataa [url=http://www.atribune.org/ccount/click.php?id=4][color=blue]VundoFix.exe[/color][/url] työpöydällesi.[list]
[*]Tupla-klikkaa VundoFix.exe ajaaksesi sen.
[*]Klikkaa Scan for Vundo valintaa.
[*]Kun skannaus on valmis, klikkaa Remove Vundo valintaa.
[*]Sinulta kysytään haluatko poistaa filut - klikkaa YES.
[*]Kun olet klikannut yes, työpöytäsi tyhjenee kun se alkaa poistamaan Vundoa.
[*]Kun se on valmis, fiksi ilmoittaa käynnistäväsi koneesi uudelleen, klikkaa OK.
[*]Postita C:\vundofix.txt lokin sekä tuoreen HijackThis lokin sisältö.
[/list]

Huomaa: Se on mahdollista että VundoFix löysi tiedoston jota se ei pystynyt poistamaan.
Tässä tilanteessa, VundoFix ajaa itsensä rebootissa, seuraa vain yläpuolelle olevia ohjeita alkaen kohdasta "Klikkaa Scan for Vundo valintaa." kun VundoFix ilmaantuu uudelleenkäynnistyksen yhteydessä.


3.
Käynnistä Hijackthis ja valitse Do a system scan only
Valitse seuraavat rivit (ne mitkä löytyy):

O2 - BHO: (no name) - {05A271EC-486B-4AF2-BF34-DCBD5F10F8B5} - (no file)
O2 - BHO: (no name) - {1FB63E52-4D6E-48C1-A08F-F630FE50F337} - C:\WINDOWS\system32\ljjiiji.dll
O2 - BHO: (no name) - {67B23883-C236-406E-B4AD-4D2A2A7B85A8} - (no file)
O2 - BHO: (no name) - {9A18B2A9-E8C1-4674-BE5B-36FDC160C63A} - C:\WINDOWS\system32\ljjki.dll
O4 - HKLM\..\Run: [avp] C:\WINDOWS\TEMP\win34.tmp.exe
O20 - Winlogon Notify: ljjiiji - C:\WINDOWS\SYSTEM32\ljjiiji.dll
O20 - Winlogon Notify: ljjki - C:\WINDOWS\system32\ljjki.dll
O20 - Winlogon Notify: winjgf32 - C:\WINDOWS\SYSTEM32\winjgf32.dll
O20 - Winlogon Notify: winzbb32 - C:\WINDOWS\SYSTEM32\winzbb32.dll

Valitse lopuksi Fix checked


4.
Ota uusi loki
[ + lainaa]
tomppa92
Junior Member
_ 		22. heinäkuuta 2007 @ 13:44 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
"Tomi" - 2007-07-22 17:30:31 - ComboFix 07-07-17.8 - Service Pack 2 NTFS


(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\byxywtq.dll
C:\WINDOWS\system32\eumqmtmx.dll
C:\WINDOWS\system32\pktvfqiw.dll
C:\WINDOWS\system32\byxywtq.dll
C:\WINDOWS\system32\tuxyb.bak2
C:\WINDOWS\system32\tuxyb.ini
C:\WINDOWS\system32\xmtmqmue.ini
C:\WINDOWS\system32\byxut.dll
C:\WINDOWS\system32\ljjiiji.dll
C:\WINDOWS\system32\ljjiiji.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\DOWNLO~1\UDC6_0001_D19M1908NetInstaller.exe
C:\WINDOWS\hosts
C:\WINDOWS\system32\components
C:\WINDOWS\system32\components\flx0.dll
C:\WINDOWS\system32\components\flx1.dll
C:\WINDOWS\system32\components\flx2.dll
C:\WINDOWS\system32\syswin.exe
C:\WINDOWS\system32\winjgf32.dll


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_WINDOWS_LOG


((((((((((((((((((((((((( Files Created from 2007-06-22 to 2007-07-22 )))))))))))))))))))))))))))))))


2007-07-22 17:26 51,200 --a--c--- C:\WINDOWS\nircmd.exe
2007-07-20 11:04 d----c--- C:\DOCUME~1\Tomi\APPLIC~1\Hyperionics
2007-07-19 17:34 12,800 --a--c--- C:\WINDOWS\system32\s2f.exe


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-22 14:23:04 -------- dc----w C:\Program Files\Common Files\Symantec Shared
2007-07-22 14:13:24 -------- dc----w C:\DOCUME~1\Tomi\APPLIC~1\Skype
2007-07-19 14:41:22 -------- dc----w C:\Program Files\Hijack This
2007-07-17 20:17:33 -------- dc--a-w C:\Program Files\Norton Internet Security
2007-07-12 07:34:59 -------- dc----w C:\Program Files\XoftSpySE
2007-07-11 08:32:47 -------- dc----w C:\DOCUME~1\Tomi\APPLIC~1\Registry Booster
2007-06-21 04:36:36 -------- dc----w C:\Program Files\Common Files\Nokia
2007-06-21 04:36:35 -------- dc----w C:\Program Files\Nokia
2007-06-21 04:30:50 -------- dc----w C:\DOCUME~1\Tomi\APPLIC~1\PC Suite
2007-06-18 09:01:45 -------- dc--a-w C:\Program Files\Norton SystemWorks
2007-06-13 16:52:37 22,016 -c----w C:\WINDOWS\system32\winzbb32.dll
2007-06-11 16:16:47 -------- dc----w C:\DOCUME~1\Tomi\APPLIC~1\Nokia Multimedia Player
2007-06-11 13:37:58 -------- dc----w C:\Program Files\MP3
2007-06-11 09:29:32 4,102 -c--a-w C:\WINDOWS\mozver.dat
2007-06-11 09:02:21 -------- dc----w C:\Program Files\iPod
2007-06-11 09:00:03 -------- dc----w C:\Program Files\QuickTime
2007-06-11 06:16:43 -------- dc----w C:\Program Files\Hoster
2007-06-10 17:55:38 0 -c--a-w C:\WINDOWS\system32\windpk32.dll
2007-06-10 11:55:11 552 -c--a-w C:\WINDOWS\system32\d3d8caps.dat
2007-06-10 11:36:44 247,903 -c--a-w C:\WINDOWS\system32\xxyyv.dll
2007-06-10 09:23:08 -------- dc-h--w C:\Program Files\InstallShield Installation Information
2007-06-09 19:23:04 890,927 -csh--w C:\WINDOWS\system32\yccfe.ini2
2007-06-09 18:52:41 0 -c--a-w C:\WINDOWS\system32\nfktsmpk.dll
2007-06-09 18:10:28 893,763 -csh--w C:\WINDOWS\system32\yccfe.bak2
2007-06-03 20:42:17 -------- dc----w C:\Program Files\THQ
2007-06-03 20:41:15 108,144 -c--a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-06-03 16:33:55 -------- dc----w C:\Program Files\Creative
2007-06-03 08:45:06 43,520 -c--a-w C:\WINDOWS\system32\CmdLineExt03.dll
2007-05-24 20:21:44 -------- dc----w C:\Program Files\Travian
2007-05-16 15:14:02 683,520 -c--a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-05 15:32:45 0 -c--a-w C:\WINDOWS\system32\ylvguxfi.dll
2007-05-03 14:18:46 64,812 -c--a-w C:\WINDOWS\system32\perfc00B.dat
2007-05-03 14:18:46 354,486 -c--a-w C:\WINDOWS\system32\perfh00B.dat
2007-05-03 14:18:44 46,802 -c--a-w C:\WINDOWS\system32\perfc040.dat
2007-05-03 14:18:44 279,866 -c--a-w C:\WINDOWS\system32\perfh040.dat
2007-04-25 14:22:38 144,896 -c--a-w C:\WINDOWS\system32\schannel.dll
2006-08-07 11:08:08 867 -c--a-w C:\Program Files\INSTALL.LOG


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{05A271EC-486B-4AF2-BF34-DCBD5F10F8B5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{67B23883-C236-406E-B4AD-4D2A2A7B85A8}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-03-14 03:43 501400 --a--c--- C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9A18B2A9-E8C1-4674-BE5B-36FDC160C63A}]
C:\WINDOWS\system32\ljjki.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9ECB9560-04F9-4bbc-943D-298DDF1699E1}]
2005-06-10 11:08 104064 --a------ C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
2005-10-07 15:43 218736 --a------ C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-08 18:03]
"nwiz"="nwiz.exe" [2005-11-11 13:47 C:\WINDOWS\system32\nwiz.exe]
"PCSuiteTrayApplication"="D:\Pc Suite\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-05-03 15:44]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"iTunesHelper"="G:\Program Files\Musaa\iTunes\iTunesHelper.exe" [2007-06-01 16:51]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-14 16:12]
"Norton SystemWorks"="C:\Program Files\Norton SystemWorks\cfgwiz.exe" [2004-09-10 05:12]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-03-30 13:34]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Symantec NetDriver Warning"=C:\PROGRA~1\SYMNET~1\SNDWarn.exe
"Nokia.PCSync"=D:\Pc Suite\Nokia PC Suite 6\PcSync2.exe /NoDialog

C:\DOCUME~1\Tomi\KYNNIS~1\Ohjelmat\KYNNIS~1
FileBox eXtender.lnk - D:\Program Files\FileBX\FileBX.exe [2007-07-20 11:04:17]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="D:\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-07-11 12:28]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=apitrap.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]


Contents of the 'Scheduled Tasks' folder
2007-06-18 08:43:00 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2007-06-01 17:26:03 C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Tomi.job
2007-06-18 09:01:45 C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
2007-07-19 21:00:00 C:\WINDOWS\tasks\Symantec Drmc.job
2007-06-13 12:46:00 C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
2007-04-24 12:46:24 C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
2007-07-20 01:00:08 C:\WINDOWS\tasks\XoftSpy.job
2007-07-22 14:38:57 C:\WINDOWS\tasks\XoftSpySE 2.job
2007-07-12 18:14:31 C:\WINDOWS\tasks\XoftSpySE.job

**************************************************************************

catchme 0.3.1040 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-22 17:38:53
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\xb9m\xd3w\2]
"AB79C053C7D38EE4AB9A00CB3B5D2472"="C?\Program Files\Common Files\Microsoft Shared\Web Folders\PUBPLACE.HTT"

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-22 17:41:48 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-22 17:41

--- E O F ---

[ + lainaa]
Games dont get us violance, BUT LAGG Does!
<a href='http://www.just-click.us/?r=Stolieddood'><img alt='Join the Just-Click Pay-To-Click program!' title='Join the Just Click Pay-To-Click program!' src='http://www.just-click.us/images/logo3.gif' border='0'></a>
tomppa92
Junior Member
_ 		22. heinäkuuta 2007 @ 13:55 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
VundoFix V6.3.20

Checking Java version...

Scan started at 18:53:49 27.4.2007

Listing files found while scanning....

C:\WINDOWS\System32\fffhk.bak2
C:\WINDOWS\System32\fffhk.ini
C:\WINDOWS\System32\fffhk.ini2
C:\WINDOWS\System32\fffhk.tmp
C:\WINDOWS\System32\khfff.dll

Beginning removal...

Attempting to delete C:\WINDOWS\System32\fffhk.bak2
C:\WINDOWS\System32\fffhk.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\System32\fffhk.ini
C:\WINDOWS\System32\fffhk.ini Has been deleted!

Attempting to delete C:\WINDOWS\System32\fffhk.ini2
C:\WINDOWS\System32\fffhk.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\System32\fffhk.tmp
C:\WINDOWS\System32\fffhk.tmp Has been deleted!

Attempting to delete C:\WINDOWS\System32\khfff.dll
C:\WINDOWS\System32\khfff.dll Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

VundoFix V6.5.0

Checking Java version...

Scan started at 21:17:10 10.6.2007

Listing files found while scanning....

C:\windows\system32\mljhefg.dll
C:\windows\system32\mljhiii.dll

Beginning removal...

Attempting to delete C:\windows\system32\mljhefg.dll
C:\windows\system32\mljhefg.dll Could not be deleted.

Attempting to delete C:\windows\system32\mljhiii.dll
C:\windows\system32\mljhiii.dll Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\windows\system32\mljhefg.dll
C:\windows\system32\mljhefg.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.5.0

Checking Java version...

Scan started at 21:45:50 10.6.2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.5.0

Checking Java version...

Scan started at 21:19:38 13.6.2007

Listing files found while scanning....

C:\windows\system32\mllmn.dll
C:\windows\system32\nmllm.bak2
C:\windows\system32\nmllm.ini
C:\windows\system32\srsru.ini
C:\WINDOWS\system32\ursrs.dll
C:\WINDOWS\system32\vturopp.dll

Beginning removal...

Attempting to delete C:\windows\system32\mllmn.dll
C:\windows\system32\mllmn.dll Has been deleted!

Attempting to delete C:\windows\system32\nmllm.bak2
C:\windows\system32\nmllm.bak2 Has been deleted!

Attempting to delete C:\windows\system32\nmllm.ini
C:\windows\system32\nmllm.ini Has been deleted!

Attempting to delete C:\windows\system32\srsru.ini
C:\windows\system32\srsru.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ursrs.dll
C:\WINDOWS\system32\ursrs.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vturopp.dll
C:\WINDOWS\system32\vturopp.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.5.0

Checking Java version...

Scan started at 10:27:42 15.6.2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.5.0

Checking Java version...

Scan started at 17:56:57 19.7.2007

Listing files found while scanning....

C:\WINDOWS\system32\ikjjl.bak2
C:\WINDOWS\system32\ikjjl.ini
C:\WINDOWS\system32\ikjjl.ini2
C:\WINDOWS\system32\ikjjl.tmp
C:\WINDOWS\system32\ljjki.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ikjjl.bak2
C:\WINDOWS\system32\ikjjl.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ikjjl.ini
C:\WINDOWS\system32\ikjjl.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ikjjl.ini2
C:\WINDOWS\system32\ikjjl.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ikjjl.tmp
C:\WINDOWS\system32\ikjjl.tmp Has been deleted!

Attempting to delete C:\WINDOWS\system32\ljjki.dll
C:\WINDOWS\system32\ljjki.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.5.0

Checking Java version...

Scan started at 17:47:36 22.7.2007

Listing files found while scanning....

No infected files were found.


Beginning removal...

[ + lainaa]
Games dont get us violance, BUT LAGG Does!
<a href='http://www.just-click.us/?r=Stolieddood'><img alt='Join the Just-Click Pay-To-Click program!' title='Join the Just Click Pay-To-Click program!' src='http://www.just-click.us/images/logo3.gif' border='0'></a>
tomppa92
Junior Member
_ 		22. heinäkuuta 2007 @ 14:00 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Logfile of HijackThis v1.99.1
Scan saved at 18:00:06, on 22.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
G:\Program Files\Musaa\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijack This\scanner.exe.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.elisa.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.elisa.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Pc Suite\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\Musaa\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: FileBox eXtender.lnk = D:\Program Files\FileBX\FileBX.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\Icq\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\Icq\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://drivecleaner.com/.freeware/installdrivecleanerstart.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - D:\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - D:\Nvc\bin\nvcoas.exe (file missing)
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - D:\Nvc\BIN\NVCSCHED.EXE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


[ + lainaa]
Games dont get us violance, BUT LAGG Does!
<a href='http://www.just-click.us/?r=Stolieddood'><img alt='Join the Just-Click Pay-To-Click program!' title='Join the Just Click Pay-To-Click program!' src='http://www.just-click.us/images/logo3.gif' border='0'></a>
yamaneko
AfterDawn Addict

5 tuotearviota
_ 		22. heinäkuuta 2007 @ 15:53 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Hei

Onko sinulla joskus ollut Norman (ei siis Norton) mutta nyt olet poistanut sen?


1.
Käynnistä Hijackthis ja valitse Do a system scan only
Valitse seuraavat rivit (ne jotka löytyvät):

O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://drivecleaner.com/.freeware/installdrivecleanerstart.cab

Valitse lopuksi Fix checked


2.
Aja uudelleen Combofix, ohjeet yllä.


3.
Lataa Killbox Option^Explicitiltä.

Huomaa: Jos sinulla on jo Killbox, tämä on uusi versio joka sinun tulee asentaa. Poista aikaisempi.

[*]Tallenna työpöydällesi.
[*] Tupla-klikkaa Killbox.exe ajaaksesi ohjelman.
[*] Valitse: [*]Delete on Reboot[*] sitten klikkaa All Files valintaa.
[*]Kopioi ja liitä alapuolella olevat tiedostopolut leikepöydälle mustaamalla KAIKKI ne ja painamalla CTRL + C (tai, mustaamisen jälkeen, oikea klikki hiirellä ja valitse kopioi):

C:\WINDOWS\system32\winzbb32.dll
C:\WINDOWS\system32\windpk32.dll
C:\WINDOWS\system32\xxyyv.dll
C:\WINDOWS\system32\yccfe.ini2
C:\WINDOWS\system32\nfktsmpk.dll
C:\WINDOWS\system32\yccfe.bak2
C:\WINDOWS\system32\ylvguxfi.dll

[*] Palaa Killboxiin, mene File valikkoon, ja valitse Paste from Clipboard.

[*]Klikkaa puna-valkoista Delete File valintaa. Klikkaa Yes "Delete on Reboot" pyyntöön. Klikkaa OK mihin vain PendingFileRenameOperations pyyntöön (ja anna fixaajan tietää jos jokin tälläinen tulee!).
[color=purple]Käynnistä koneesi itse jos se ei sitä automaattisesti tee.

Jos saat tälläisen viestin: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." Kun yrität ajaa KillBoxia, klikkaa tätä ladataksesi ja ajaaksesi Missingfilessetup.exe;n. Sitten koita KillBoxia uudestaan.


4.
Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta

Lataa AVG Anti-Spyware 7.5 ja tallenna ohjelma työpöydällesi.
[*]Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
[*]Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
[*]Käynnistä AVG Anti-Spyware.
[*]Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.
[*]Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.

[*]Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
[*]Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
[*]Sitten "Reports" valikon alta:
[*]Laita täppi kohtaan "Automatically generate report after every scan"
[*]Ota täppi pois kohdasta"Only if threats were found"

[*]Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
[*]"Resident shield is", muuta tila active:sta inactive:ksi
[*]Sulje ohjelma, ÄLÄ skannaa vielä.
Käynnistä koneesi vikasietotilaan, Ohje!

HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.
[*]Kun vikasietotilassa, käynnistä AVG Anti-Spyware.
[*]Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
[*]AVG aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.

Kun skannaus on valmis:
TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
[*]Varmistu, että Set all elements to: näyttää [color=#FF6600]Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
[*]Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"


[*]Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
[*]Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
[*]Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG Anti-Spyware:n raportti viestikejuusi.


5.
Uusi Hjt -loki, sekä AVG Anti-Spyware että C:\ComboFix.txt loki tänne.
[ + lainaa]

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 22. heinäkuuta 2007 @ 15:54
tomppa92
Junior Member
_ 		30. heinäkuuta 2007 @ 17:31 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
En voinut tallentaa AVG:n lokia joten sitä ei ole.

Logfile of HijackThis v1.99.1
Scan saved at 21:29:32, on 30.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
G:\Program Files\Musaa\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\DF206D97847745E7983C822C45EE3038\ringjack.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hijack This\scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.elisa.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.elisa.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.elisa.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Pc Suite\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\Musaa\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\Icq\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\Icq\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} -
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - D:\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - D:\Nvc\bin\nvcoas.exe (file missing)
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - D:\Nvc\BIN\NVCSCHED.EXE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

JA COMBOFIX.TXT

"Tomi" - 2007-07-30 21:33:11 - ComboFix 07-07-17.8 - Service Pack 2 NTFS


((((((((((((((((((((((((( Files Created from 2007-06-28 to 2007-07-30 )))))))))))))))))))))))))))))))


2007-07-23 08:19 d----c--- C:\!KillBox
2007-07-22 23:26 d----c--- C:\Program Files\Yahoo!
2007-07-22 17:26 51,200 --a--c--- C:\WINDOWS\nircmd.exe
2007-07-20 11:04 d----c--- C:\DOCUME~1\Tomi\APPLIC~1\Hyperionics
2007-07-19 17:34 12,800 --a--c--- C:\WINDOWS\system32\s2f.exe
2007-06-21 07:52 d----c--- C:\WINDOWS\system32\SoftwareDistribution
2007-06-21 07:36 d----c--- C:\Program Files\Nokia
2007-06-13 19:46 d----c--- C:\Program Files\XoftSpySE
2007-06-11 16:37 18,912 --a--c--- C:\WINDOWS\system32\drivers\SMMD.sys
2007-06-11 16:37 d----c--- C:\WINDOWS\system32\IOSUBSYS
2007-06-11 16:37 d----c--- C:\Program Files\MP3
2007-06-11 11:59 d----c--- C:\Program Files\QuickTime
2007-06-10 22:45 d----c--- C:\DOCUME~1\Tomi\DoctorWeb
2007-06-10 21:17 d----c--- C:\VundoFix Backups
2007-06-10 14:55 552 --a--c--- C:\WINDOWS\system32\d3d8caps.dat
2007-06-03 23:42 d----c--- C:\Program Files\THQ
2007-06-03 23:25 68,888 --a--c--- C:\WINDOWS\system32\xinput1_3.dll
2007-06-03 23:25 62,744 --a--c--- C:\WINDOWS\system32\xinput1_2.dll
2007-06-03 23:25 3,426,072 --a--c--- C:\WINDOWS\system32\d3dx9_32.dll
2007-06-03 23:25 251,672 --a--c--- C:\WINDOWS\system32\xactengine2_5.dll
2007-06-03 23:25 237,848 --a--c--- C:\WINDOWS\system32\xactengine2_4.dll
2007-06-03 23:25 236,824 --a--c--- C:\WINDOWS\system32\xactengine2_3.dll
2007-06-03 23:25 2,414,360 --a--c--- C:\WINDOWS\system32\d3dx9_31.dll
2007-06-03 23:25 15,128 --a--c--- C:\WINDOWS\system32\x3daudio1_1.dll
2007-06-03 23:24 2,297,552 --a--c--- C:\WINDOWS\system32\d3dx9_26.dll
2007-06-03 19:33 139,264 --a--c--- C:\WINDOWS\system32\eax.dll
2007-06-03 19:33 d----c--- C:\Program Files\Creative
2007-06-03 18:38 233,472 -ra--c--- C:\WINDOWS\system32\MafiaSetup.exe
2007-06-03 18:14 5,248 --a--c--- C:\WINDOWS\system32\drivers\vax347s.sys
2007-06-03 18:14 159,616 --a--c--- C:\WINDOWS\system32\drivers\vax347b.sys


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-30 18:29:27 -------- dc----w C:\Program Files\Hijack This
2007-07-30 17:54:46 -------- dc----w C:\DOCUME~1\Tomi\APPLIC~1\Skype
2007-07-30 15:09:02 -------- dc----w C:\Program Files\Common Files\Symantec Shared
2007-07-25 00:50:41 -------- dc----w C:\DOCUME~1\Tomi\APPLIC~1\Registry Booster
2007-07-24 20:45:54 -------- dc--a-w C:\Program Files\Norton Internet Security
2007-06-21 04:36:36 -------- dc----w C:\Program Files\Common Files\Nokia
2007-06-21 04:30:50 -------- dc----w C:\DOCUME~1\Tomi\APPLIC~1\PC Suite
2007-06-18 09:01:45 -------- dc--a-w C:\Program Files\Norton SystemWorks
2007-06-11 16:16:47 -------- dc----w C:\DOCUME~1\Tomi\APPLIC~1\Nokia Multimedia Player
2007-06-11 09:29:32 4,102 -c--a-w C:\WINDOWS\mozver.dat
2007-06-11 09:02:21 -------- dc----w C:\Program Files\iPod
2007-06-11 06:16:43 -------- dc----w C:\Program Files\Hoster
2007-06-10 09:23:08 -------- dc-h--w C:\Program Files\InstallShield Installation Information
2007-06-03 20:41:15 108,144 -c--a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-06-03 08:45:06 43,520 -c--a-w C:\WINDOWS\system32\CmdLineExt03.dll
2007-05-16 15:14:02 683,520 -c--a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-03 14:18:46 64,812 -c--a-w C:\WINDOWS\system32\perfc00B.dat
2007-05-03 14:18:46 354,486 -c--a-w C:\WINDOWS\system32\perfh00B.dat
2007-05-03 14:18:44 46,802 -c--a-w C:\WINDOWS\system32\perfc040.dat
2007-05-03 14:18:44 279,866 -c--a-w C:\WINDOWS\system32\perfh040.dat
2006-08-07 11:08:08 867 -c--a-w C:\Program Files\INSTALL.LOG


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
2006-10-26 10:28 440384 --a--c--- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-07-12 04:00 501136 --a--c--- C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9ECB9560-04F9-4bbc-943D-298DDF1699E1}]
2005-06-10 11:08 104064 --a------ C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
2005-10-07 15:43 218736 --a------ C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-08 18:03]
"nwiz"="nwiz.exe" [2005-11-11 13:47 C:\WINDOWS\system32\nwiz.exe]
"PCSuiteTrayApplication"="D:\Pc Suite\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-05-03 15:44]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"iTunesHelper"="G:\Program Files\Musaa\iTunes\iTunesHelper.exe" [2007-06-01 16:51]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-14 16:12]
"Norton SystemWorks"="C:\Program Files\Norton SystemWorks\cfgwiz.exe" [2004-09-10 05:12]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-03-30 13:34]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Symantec NetDriver Warning"=C:\PROGRA~1\SYMNET~1\SNDWarn.exe
"Nokia.PCSync"=D:\Pc Suite\Nokia PC Suite 6\PcSync2.exe /NoDialog

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="D:\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-07-11 12:28]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=apitrap.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]


Contents of the 'Scheduled Tasks' folder
2007-06-18 08:43:00 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2007-06-01 17:26:03 C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Tomi.job
2007-06-18 09:01:45 C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
2007-07-26 21:00:00 C:\WINDOWS\tasks\Symantec Drmc.job
2007-06-13 12:46:00 C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
2007-04-24 12:46:24 C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
2007-07-27 01:05:57 C:\WINDOWS\tasks\XoftSpy.job
2007-07-30 17:53:35 C:\WINDOWS\tasks\XoftSpySE 2.job
2007-07-25 18:16:17 C:\WINDOWS\tasks\XoftSpySE.job

**************************************************************************

catchme 0.3.1040 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-30 21:35:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\xb9m\xd3w\2]
"AB79C053C7D38EE4AB9A00CB3B5D2472"="C?\Program Files\Common Files\Microsoft Shared\Web Folders\PUBPLACE.HTT"

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-30 21:37:10
C:\ComboFix-quarantined-files.txt ... 2007-07-30 21:36
C:\ComboFix2.txt ... 2007-07-22 17:41

--- E O F ---

[ + lainaa]
Games dont get us violance, BUT LAGG Does!
<a href='http://www.just-click.us/?r=Stolieddood'><img alt='Join the Just-Click Pay-To-Click program!' title='Join the Just Click Pay-To-Click program!' src='http://www.just-click.us/images/logo3.gif' border='0'></a>

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 30. heinäkuuta 2007 @ 17:40
Hujo
Suspended permanently
_ 		31. heinäkuuta 2007 @ 02:08 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Poista tuo vanha VundoFix V6.5.0 ja lataa uusi annetusta linkistä
[ + lainaa]
Voiko tietsikka koskaan toimia?
Mainos
_ 		__
 
_
tomppa92
Junior Member
_ 		1. elokuuta 2007 @ 07:52 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Oliko muuta? Olenko muuten puhdas?
[ + lainaa]
Games dont get us violance, BUT LAGG Does!
<a href='http://www.just-click.us/?r=Stolieddood'><img alt='Join the Just-Click Pay-To-Click program!' title='Join the Just Click Pay-To-Click program!' src='http://www.just-click.us/images/logo3.gif' border='0'></a>
Aiheeseen liittyviä linkkejä
Lataa uusin versio HijackThis-ohjelmasta täältä!
 
Aiheeseen liittyviä viestiketjuja Viestejä Viimeisin viesti Keskustelualue
HJT Logi 2 3. kesäkuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT-logi ja vale-firefox ongelmia....virus koneella ? 4 6. toukokuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT logi, kone jumittaa 1 3. huhtikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
Näppäimistö sekoilee hjt log 1 2. huhtikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT-log ja Malwarebytes- log, Troijalainen? Apu tarpeen! 2 10. maaliskuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT-loki, kone valtavan hidas ja perusskannereiden läpi ajamisella ei vaikutusta 1 19. helmikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
probook 445 hjt-logit 1 19. tammikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT loki tarkastukseen 1 19. tammikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
Win7 + HJT ongelma ja kummitteleva Mass effect 2 1 11. tammikuuta 2014 Windows -ongelmat
HJT-logia.. 1 9. tammikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit

 
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > kone tökkii hillittömästi hjt loki
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2025 AfterDawn Oy