Mainoksia virustorjunnoista, Troijan Hevonen yrittää tulla koko ajan!!!

djteme · Jul 26, 2006

Öhöm.....taas tulee niitä mainoksia näkymään... Mitäs nyt?

-kemisti- · Jul 26, 2006

Lähetä uusi HjT-loki. Ja päivitä Windows! Jos windows on edelleen XP ilman service packeja, niin ei mikään ihme ole, jos örkit pesii koneella.

djteme · Jul 26, 2006

Olen asentanut service pack 2.

Logfile of HijackThis v1.99.1
Scan saved at 12:30:41, on 26.7.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\{04D6D603-07DA-1035-1021-051025050166}\Update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\olthwado.exe
C:\Program Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.op.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1152012107960
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1153659729967
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

-kemisti- · Jul 26, 2006

Tarkista nämä:

C:\Program Files\Common Files\{04D6D603-07DA-1035-1021-051025050166}\Update.exe
C:\WINDOWS\system32\olthwado.exe

täällä -> http://www.virustotal.com/en/indexf.html
ja lähetä tulokset

djteme · Jul 26, 2006

Antivirus Version Update Result
AntiVir 6.35.1.0 07.26.2006 no virus found
Authentium 4.93.8 07.26.2006 no virus found
Avast 4.7.844.0 07.26.2006 no virus found
AVG 386 07.25.2006 no virus found
BitDefender 7.2 07.26.2006 no virus found
CAT-QuickHeal 8.00 07.25.2006 no virus found
ClamAV devel-20060426 07.26.2006 Trojan.Starter-7
DrWeb 4.33 07.26.2006 Trojan.Starter.65
eTrust-InoculateIT 23.72.78 07.25.2006 no virus found
eTrust-Vet 12.6.2309 07.26.2006 no virus found
Ewido 4.0 07.26.2006 Trojan.Starter.65
Fortinet 2.77.0.0 07.26.2006 no virus found
F-Prot 3.16f 07.26.2006 no virus found
F-Prot4 4.2.1.29 07.26.2006 no virus found
Ikarus 0.2.65.0 07.26.2006 no virus found
Kaspersky 4.0.2.24 07.26.2006 no virus found
McAfee 4814 07.25.2006 no virus found
Microsoft 1.1508 07.26.2006 no virus found
NOD32v2 1.1679 07.26.2006 no virus found
Norman 5.90.23 07.26.2006 W32/Smalltroj.HEH
Panda 9.0.0.4 07.25.2006 Spyware/Virtumonde
Sophos 4.07.0 07.26.2006 no virus found
Symantec 8.0 07.26.2006 no virus found
TheHacker 5.9.8.181 07.25.2006 no virus found
UNA 1.83 07.25.2006 no virus found
VBA32 3.11.0 07.26.2006 Trojan.Starter.65
VirusBuster 4.3.7:9 07.25.2006 no virus found

Aditional Information
File size: 131072 bytes
MD5: 56615860fde60e74d9d57c77aa45e1b4
SHA1: d2ca76f19ece32f4c0acee492b9c68750d95cbcb

-kemisti- · Jul 26, 2006

Niin kumman tiedoston tulos tuo oli? Lähetä niiden molempien tulos, kiitos

djteme · Jul 26, 2006

Joo sorry....kämmäsin hiukan..

Tässä on ton C:\Program Files\Common Files\{04D6D603-07DA-1035-1021-051025050166}\Update.exe tulos.

Antivirus Version Update Result
AntiVir 6.35.1.0 07.26.2006 no virus found
Authentium 4.93.8 07.26.2006 no virus found
Avast 4.7.844.0 07.26.2006 no virus found
AVG 386 07.25.2006 no virus found
BitDefender 7.2 07.26.2006 no virus found
CAT-QuickHeal 8.00 07.25.2006 no virus found
ClamAV devel-20060426 07.26.2006 Trojan.Starter-7
DrWeb 4.33 07.26.2006 Trojan.Starter.65
eTrust-InoculateIT 23.72.78 07.25.2006 no virus found
eTrust-Vet 12.6.2309 07.26.2006 no virus found
Ewido 4.0 07.26.2006 Trojan.Starter.65
Fortinet 2.77.0.0 07.26.2006 no virus found
F-Prot 3.16f 07.26.2006 no virus found
F-Prot4 4.2.1.29 07.26.2006 no virus found
Ikarus 0.2.65.0 07.26.2006 no virus found
Kaspersky 4.0.2.24 07.26.2006 no virus found
McAfee 4814 07.25.2006 no virus found
Microsoft 1.1508 07.26.2006 no virus found
NOD32v2 1.1679 07.26.2006 no virus found
Norman 5.90.23 07.26.2006 W32/Smalltroj.HEH
Panda 9.0.0.4 07.25.2006 Spyware/Virtumonde
Sophos 4.07.0 07.26.2006 no virus found
Symantec 8.0 07.26.2006 no virus found
TheHacker 5.9.8.181 07.25.2006 no virus found
UNA 1.83 07.25.2006 no virus found
VBA32 3.11.0 07.26.2006 Trojan.Starter.65
VirusBuster 4.3.7:9 07.25.2006 no virus found

Aditional Information
File size: 131072 bytes
MD5: 56615860fde60e74d9d57c77aa45e1b4
SHA1: d2ca76f19ece32f4c0acee492b9c68750d95cbcb

Ja tässä on ton C:\WINDOWS\system32\olthwado.exe tulos.

Aditional Information
File size: 65556 bytes
MD5: c5cfaa7d7ea2986f364acf743b27803a
SHA1: e8b05ad2b14c9a57f5584a4708a0169e23036c27

djteme · Jul 26, 2006

Tässä vielä ton C:\WINDOWS\system32\olthwado.exe tulos....(eiköhän se nyt)

Antivirus Version Update Result
AntiVir 6.35.1.0 07.26.2006 no virus found
Authentium 4.93.8 07.26.2006 no virus found
Avast 4.7.844.0 07.26.2006 no virus found
AVG 386 07.25.2006 no virus found
BitDefender 7.2 07.26.2006 no virus found
CAT-QuickHeal 8.00 07.25.2006 no virus found
ClamAV devel-20060426 07.26.2006 no virus found
DrWeb 4.33 07.26.2006 no virus found
eTrust-InoculateIT 23.72.78 07.25.2006 no virus found
eTrust-Vet 12.6.2309 07.26.2006 no virus found
Ewido 4.0 07.26.2006 no virus found
Fortinet 2.77.0.0 07.26.2006 no virus found
F-Prot 3.16f 07.26.2006 no virus found
F-Prot4 4.2.1.29 07.26.2006 no virus found
Ikarus 0.2.65.0 07.26.2006 no virus found
Kaspersky 4.0.2.24 07.26.2006 no virus found
McAfee 4814 07.25.2006 no virus found
Microsoft 1.1508 07.26.2006 no virus found
NOD32v2 1.1679 07.26.2006 no virus found
Norman 5.90.23 07.26.2006 no virus found
Panda 9.0.0.4 07.25.2006 no virus found
Sophos 4.07.0 07.26.2006 no virus found
Symantec 8.0 07.26.2006 no virus found
TheHacker 5.9.8.181 07.25.2006 no virus found
UNA 1.83 07.25.2006 no virus found
VBA32 3.11.0 07.26.2006 no virus found
VirusBuster 4.3.7:9 07.25.2006 no virus found

Aditional Information
File size: 65556 bytes
MD5: c5cfaa7d7ea2986f364acf743b27803a
SHA1: e8b05ad2b14c9a57f5584a4708a0169e23036c27

-kemisti- · Jul 26, 2006

Poista tämä:

C:\Program Files\Common Files\{04D6D603-07DA-1035-1021-051025050166}

Jos oireet jatkuu, niin poista myös tämä -> C:\WINDOWS\system32\olthwado.exe

djteme · Jul 30, 2006

Back to back..... Koneesta on tullut todella hidas sen service pack 2 asennuksen jälkeen..... Mitä Pitäis tehä?

-kemisti- · Jul 30, 2006

Jaa-a. Levyn eheytys, temppien putsaus, käynnistyvien ohjelmien karsiminen ja rekisterin putsaus voisi olla hyvä idea näin alkuun.

Noita voi karsia maun mukaan:

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe

djteme · Aug 3, 2006

Öhöm.....Kone hidastelee edelleen....Katoin Windows Tehtävienhallinnasta Suoritin käytön, niin se on koko ajan 100%.... Mitä teen?

-kemisti- · Aug 3, 2006

Niin mikä prosessi/mitkä prosessit vie 100% suoritinkäyttöä?

Log in or Sign up

Mainoksia virustorjunnoista, Troijan Hevonen yrittää tulla koko ajan!!!

djteme Member

-kemisti- Active member

djteme Member

-kemisti- Active member

djteme Member

-kemisti- Active member

djteme Member

djteme Member

-kemisti- Active member

djteme Member

-kemisti- Active member

djteme Member

-kemisti- Active member

Share This Page

Log in or Sign up

Mainoksia virustorjunnoista, Troijan Hevonen yrittää tulla koko ajan!!!

djteme Member

-kemisti- Active member

djteme Member

-kemisti- Active member

djteme Member

-kemisti- Active member

djteme Member

djteme Member

-kemisti- Active member

djteme Member

-kemisti- Active member

djteme Member

-kemisti- Active member

Share This Page

Useful Searches