AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
torstai 13.11.2025 / 19:21
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > 117 vihua, hjt-logi
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
117 vihua, Hjt-logi
  Siirry:
 
Kirjoittaja Viesti
herne2
Suspended due to non-functional email address
_ 		12. kesäkuuta 2008 @ 13:36 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Eli ajoin tällä koneella malwarebytesin, joka löysi 117 vihua ja ie kuulemma pomputtaa(pomputti?) ikkunoita auki itsekseen. Alla malware logi ja sen jälkeen kone käynnistetty ja otettu hjt-logi. Kone todella hidas.

Malwarebytes' Anti-Malware 1.17
Tietokantaversio: 849

12:49:29 2008-06-12
mbam-log-6-12-2008 (12-49-29).txt

Tarkistustyyppi: Täysi tarkistus (C:\|)
Tarkistetut kohteet: 145859
Kulunut aika: 2 hour(s), 22 minute(s), 37 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 3
Saastuneita rekisteriavaimia: 13
Saastuneita rekisteriarvoja: 5
Saastuneita rekisterikohteita: 2
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 94

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
C:\WINDOWS\system32\ungmpawo.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\xxywTKaY.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\xxyyayxx.dll (Trojan.FakeAlert) -> Unloaded module successfully.

Saastuneita rekisteriavaimia:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4b1ceb99-b70d-4f5a-808f-8782dae58c14} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{4b1ceb99-b70d-4f5a-808f-8782dae58c14} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{487c9905-26a8-42c8-8033-c58ad3d2aec3} (Trojan.FakeAlert) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{487c9905-26a8-42c8-8033-c58ad3d2aec3} (Trojan.FakeAlert) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xxyyayxx (Trojan.FakeAlert) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-11cf-aax5-81cx1c635612} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Saastuneita rekisteriarvoja:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4bdb5e18 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{487c9905-26a8-42c8-8033-c58ad3d2aec3} (Trojan.FakeAlert) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows svchost (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSN (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BM48e86d84 (Trojan.Agent) -> Delete on reboot.

Saastuneita rekisterikohteita:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\xxywtkay -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\xxywtkay -> Quarantined and deleted successfully.

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
C:\WINDOWS\system32\asenrwhf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fhwrnesa.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bhduusqc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cqsuudhb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\opnnlIXQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\QXIlnnpo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\QXIlnnpo.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qoMcaxXN.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\NXxacMoq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\NXxacMoq.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ungmpawo.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\owapmgnu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xxywTKaY.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\YaKTwyxx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\YaKTwyxx.ini2 (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\yayyYPgG.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GgPYyyay.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GgPYyyay.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xxyyayxx.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\Marrun juttuja\Local Settings\Temp\eraseme_41131.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marrun juttuja\Local Settings\Temporary Internet Files\Content.IE5\3KF2ZB4X\bot[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marrun juttuja\Local Settings\Temporary Internet Files\Content.IE5\3KF2ZB4X\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marrun juttuja\Local Settings\Temporary Internet Files\Content.IE5\3KF2ZB4X\kb713501[1] (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marrun juttuja\Local Settings\Temporary Internet Files\Content.IE5\3KF2ZB4X\setup[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marrun juttuja\Local Settings\Temporary Internet Files\Content.IE5\TB5H81I3\bot[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marrun juttuja\Local Settings\Temporary Internet Files\Content.IE5\UDC8KGH4\css4[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marrun juttuja\Local Settings\Temporary Internet Files\Content.IE5\UDC8KGH4\css4[3] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Paula\Local Settings\Temporary Internet Files\Content.IE5\6J45X1UJ\bot[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP854\A0393458.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP855\A0394444.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP855\A0397461.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP856\A0398474.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP857\A0398525.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP857\A0398528.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP857\A0398539.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP857\A0398543.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP857\A0398548.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP857\A0398553.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP857\A0398554.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP857\A0398556.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP857\A0398557.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP858\A0398575.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP858\A0398577.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP858\A0398588.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP858\A0398598.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP858\A0398599.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP858\A0398600.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP858\A0398601.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP858\A0398608.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP858\A0398610.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP858\A0398631.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP858\A0398634.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP858\A0398635.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP859\A0398657.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP859\A0398658.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP859\A0398659.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP859\A0398670.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399700.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399705.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399706.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399707.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399708.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399715.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399717.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399729.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399732.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399736.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399739.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399740.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399741.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399742.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399749.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399751.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399760.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399763.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399764.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399784.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399785.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399786.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP861\A0399787.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP862\A0399796.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP863\A0399822.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP863\A0400826.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP864\A0403851.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A50E7FFE-C7AF-48DC-82C8-8C96FB23AEF7}\RP865\A0404851.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eaifsekt.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\knadyfsy.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\otxohceo.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qwdtnrgb.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tgbhskqk.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vwfujbap.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\sjxhwrpw.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:26, on 2008-06-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HPQ\One-Touch\OneTouch.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Sensior\Bin\Reader.exe
C:\Program Files\Java\j2re1.4.2_11\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Wireless\IEEE802.11b WLAN Card Utility\WLPCCfg.exe
C:\Program Files\OpenOffice.org1.0.1\program\soffice.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://elisa.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: {3f1c75e5-7558-f20a-a9a4-67c13737d6ea} - {ae6d7373-1c76-4a9a-a02f-85575e57c1f3} - C:\WINDOWS\system32\wbnjpufr.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles
O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKLM\..\Run: [Sensior Reader] C:\Program Files\Sensior\Bin\Start Reader.bat
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_11\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /scan
O4 - HKCU\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [VMCL] E:\\VMC_PBStarter.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 1.0.1.lnk = C:\Program Files\OpenOffice.org1.0.1\program\quickstart.exe
O4 - Global Startup: IEEE802.11b WLAN Card Utility.lnk = C:\Program Files\Wireless\IEEE802.11b WLAN Card Utility\WLPCCfg.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_11\bin\npjpi142_11.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_11\bin\npjpi142_11.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game10.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe

--
End of file - 9163 bytes
[ + lainaa]
Hujo
Suspended permanently
_ 		12. kesäkuuta 2008 @ 15:49 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
niinkuin tämäkin
[ + lainaa]
Voiko tietsikka koskaan toimia?
herne2
Suspended due to non-functional email address
_ 		12. kesäkuuta 2008 @ 15:59 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
no juurihan vastasin, että näin kävi tämän nimenomaisen aiheen osalta. Valitan. Tietääkseni tuota toista aihetta koskevaa viestiä ei ollut kuin yksi.
[ + lainaa]
Mainos
_ 		__
 
_
Hujo
Suspended permanently
_ 		12. kesäkuuta 2008 @ 16:04 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
mode varmaankin sulkee tämän
[ + lainaa]
Voiko tietsikka koskaan toimia?
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > 117 vihua, hjt-logi
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2025 AfterDawn Oy