Virus alert - HJT ongelma?

AfterDawn.com

AfterDawn.com Mainosta sivuillamme


		Käyttäjä	Salasana

		Puuttuuko tunnus? Liity jäseneksi nyt!. Salasana hukassa? Klikkaa tästä.

Yksityisviestit

Luo uusi yksityisviesti

Kaikki uudet viestit

Ilman vastauksia olevat viestiketjut

lauantai 15.11.2025 / 02:09

Hae keskustelualueilta:

In English

Suomeksi

På svenska

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > virus alert - hjt ongelma?

Aiheet

Keskustelualueet

Keskustelualueet

Aloita uusi viestiketju

Virus alert - HJT ongelma?

Siirry:

Kirjoittaja

Viesti

nvidie

Junior Member

29. syyskuuta 2008 @ 12:42

Linkki tähän viestiin

Sain hommattua viiruksen koneeseeni, joka teki VIRUS ALERT tekstin kellon viereen ja vähän väliä tuli WINDOWS SECURITY ALERT ja SPYWARE ALERT ilmoituksia ja esim. C: asema hävisi näkyvistä. Ajoin Malwarebytes antimalware ja CCleaner ohjelmat ja virus alert tekstit ja kyseiset ilmoitukset hävisivät mutta Windows tehtävien hallinta näyttää että suoritinkäyttö on kokoajan väh. 50% ja järjeslmänpalautusta ei voi suorittaa, joten osaisiko joku sanoa mikä mättää tässä loki:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:41:23, on 29.9.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
H:\Asennetutu ohjelmat\DAEMON Tools Lite\daemon.exe
C:\Program Files\Hauppauge\WinTV NOVA USB\TTUSBAutoRun.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Hauppauge\WinTV NOVA USB\DVBData.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Asennetutu ohjelmat\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "H:\Asennetutu ohjelmat\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: DVB-USB Start Up Service.lnk = C:\Program Files\Hauppauge\WinTV NOVA USB\TTUSBAutoRun.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: F-Secure Automatic Update (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6390 bytes

Asus P5KC, E6750 2,66Ghz, Inno3d 512 8800GT OC, 2GB DDR2 800, WD500GB hd + Buffalo 250GB ulkoinen, ATX kotelo+400W ja 22" Samsung syncmaster.

nvidie

Junior Member

29. syyskuuta 2008 @ 12:48

Linkki tähän viestiin

Ja tässä Malwarebytesin loki:

Malwarebytes' Anti-Malware 1.28
Tietokantaversio: 1221
Windows 5.1.2600 Service Pack 2

29.9.2008 12:15:44
mbam-log-2008-09-29 (12-15-44).txt

Tarkistustyyppi: Täysi tarkistus (C:\|E:\|F:\|G:\|H:\|)
Tarkistetut kohteet: 79315
Kulunut aika: 31 minute(s), 45 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 5
Saastuneita rekisteriavaimia: 28
Saastuneita rekisteriarvoja: 5
Saastuneita rekisterikohteita: 18
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 50

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
C:\WINDOWS\system32\emlmhoso.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\urqOeeDV.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\fccyyVOI.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\rwlfsdmk.dll (Trojan.Zlob) -> Delete on reboot.
C:\WINDOWS\onfwbsak.dll (Trojan.FakeAlert) -> Delete on reboot.

Saastuneita rekisteriavaimia:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b091d1b-af42-4ea3-8ff5-3adb46fe8dae} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fccyyvoi (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{7b091d1b-af42-4ea3-8ff5-3adb46fe8dae} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b0fd8d20-254a-46e8-8a89-1ae0058e9b94} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{b0fd8d20-254a-46e8-8a89-1ae0058e9b94} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{b46021f2-b50f-4f72-aa13-3698d851a344} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\solution.solution (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\solution.solution.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{892b2785-b0d0-4aa2-ae6a-0ed60b00a979} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{99c6d1bb-7555-474c-91da-d8fb62a9cc75} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{00476c87-a276-49bf-86bc-ff005732430b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99c6d1bb-7555-474c-91da-d8fb62a9cc75} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{b3336375-6d34-4704-a5f4-6775adcf0424} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{82bc1bf9-f653-4871-8e09-e70a99617508} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{59b4236e-2a39-4942-8278-980630d6d26f} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0c7903d3-3a4d-4dfb-9b6d-d6325d3bd39a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webvideo (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{5b89edb3-5196-4c58-b470-0d1579fee6e9} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0b35f3bd-f003-496d-a13d-a1ed0b18784d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{be7e682b-ce10-44e8-9b7f-1430e9c0f305} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f07c2b06-ff81-4eb8-8ab9-7620a24309fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f07c2b06-ff81-4eb8-8ab9-7620a24309fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\peltodgx.bxfa (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\peltodgx.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Saastuneita rekisteriarvoja:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\98948ff4 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{7b091d1b-af42-4ea3-8ff5-3adb46fe8dae} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\rwlfsdmk (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{59b4236e-2a39-4942-8278-980630d6d26f} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\onfwbsak (Trojan.FakeAlert) -> Delete on reboot.

Saastuneita rekisterikohteita:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\urqoeedv -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\urqoeedv -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (55697-645-2982205-23937) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (H:mm:ss) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (Hijack.Drives) -> Bad: (12) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
C:\WINDOWS\system32\fccyyVOI.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\urqOeeDV.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\VDeeOqru.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VDeeOqru.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\emlmhoso.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\osohmlme.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\rwlfsdmk.dll (Trojan.Zlob) -> Delete on reboot.
C:\Documents and Settings\PS\Local Settings\Temp\0mYq8p2N.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Documents and Settings\PS\Local Settings\Temporary Internet Files\Content.IE5\0X4LWRAZ\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\PS\Local Settings\Temporary Internet Files\Content.IE5\CJQDKHMX\CA3BUREX (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\PS\Local Settings\Temporary Internet Files\Content.IE5\SDWBANK9\file[1].exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP285\A0067189.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP286\A0071203.exe (Trojan.Adclicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP289\A0075310.exe (Trojan.Adclicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP289\A0075339.exe (Trojan.Adclicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP289\A0075360.exe (Trojan.Adclicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP290\A0075404.exe (Trojan.Adclicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP291\A0075482.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP292\A0077504.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP293\A0078517.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP293\A0078518.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP293\A0079530.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP304\A0085942.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP305\A0086003.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP307\A0089098.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP308\A0089133.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP308\A0089144.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP312\A0091379.exe (Trojan.AdClicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP313\A0091400.exe (Trojan.AdClicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP313\A0092443.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP313\A0092444.exe (Trojan.AdClicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8CC47014-63E4-4B6F-874A-65D5C39719FE}\RP313\A0092445.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\ewte.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cbXnOGya.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khfcbxuS.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnnlJyAR.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuvTmmnl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkkkHxXr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvUnOIXQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmnmmlKa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pw72Gp0F.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Y51n5g4I.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\peltodgx.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\onfwbsak.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\fbxrqtwn.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\dfmlxbpkvkd.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\PS\Local Settings\Temp\sfsrv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\PS\Suosikit\Error Cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\PS\Suosikit\Privacy Protector.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\PS\Suosikit\Spyware&Malware Protection.url (Rogue.Link) -> Quarantined and deleted successfully.

Asus P5KC, E6750 2,66Ghz, Inno3d 512 8800GT OC, 2GB DDR2 800, WD500GB hd + Buffalo 250GB ulkoinen, ATX kotelo+400W ja 22" Samsung syncmaster.

Aloita uusi viestiketju

Aiheeseen liittyviä linkkejä

Lataa uusin versio HijackThis-ohjelmasta täältä!

Aiheeseen liittyviä viestiketjuja		Viestejä	Viimeisin viesti	Keskustelualue
HJT Logi		2	3. kesäkuuta 2014	Virukset ja haittaohjelmat - HijackThis -logit
HJT-logi ja vale-firefox ongelmia....virus koneella ?		4	6. toukokuuta 2014	Virukset ja haittaohjelmat - HijackThis -logit
HJT logi, kone jumittaa		1	3. huhtikuuta 2014	Virukset ja haittaohjelmat - HijackThis -logit
Näppäimistö sekoilee hjt log		1	2. huhtikuuta 2014	Virukset ja haittaohjelmat - HijackThis -logit
HJT-log ja Malwarebytes- log, Troijalainen? Apu tarpeen!		2	10. maaliskuuta 2014	Virukset ja haittaohjelmat - HijackThis -logit
HJT-loki, kone valtavan hidas ja perusskannereiden läpi ajamisella ei vaikutusta		1	19. helmikuuta 2014	Virukset ja haittaohjelmat - HijackThis -logit
probook 445 hjt-logit		1	19. tammikuuta 2014	Virukset ja haittaohjelmat - HijackThis -logit
HJT loki tarkastukseen		1	19. tammikuuta 2014	Virukset ja haittaohjelmat - HijackThis -logit
Win7 + HJT ongelma ja kummitteleva Mass effect 2		1	11. tammikuuta 2014	Windows -ongelmat
HJT-logia..		1	9. tammikuuta 2014	Virukset ja haittaohjelmat - HijackThis -logit

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > virus alert - hjt ongelma?

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme

© 1999-2025 AfterDawn Oy