1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

Mesen saastumisen jälkeen ongelmia

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi Krafu 31.07.2007.

Sivu 2 / 2
  1. Krafu

    Krafu Member

    Liittynyt:
    31.07.2007
    Viestejä:
    24
    Kiitokset:
    0
    Pisteet:
    11
    Ensin Combo:
    =====
    ComboFix 07-08-09.3 - "esiasennettu" 2007-08-10 22:11:47.2 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.684 [GMT 3:00]
    Command switches used :: C:\Documents and Settings\esiasennettu\Ty”p”yt„\CFScript.txt
    * Created a new restore point

    FILE::
    C:\DOCUME~1\ESIASE~1\tcijpg.exe


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\DOCUME~1\ESIASE~1\tcijpg.exe


    ((((((((((((((((((((((((( Files Created from 2007-07-10 to 2007-08-10 )))))))))))))))))))))))))))))))


    2007-08-10 21:32 51,200 --a------ C:\WINDOWS\nircmd.exe
    2007-08-10 21:20 <KANSIO> d-------- C:\WINDOWS\ERUNT
    2007-08-09 21:43 524,288 --ah----- C:\DOCUME~1\JRJEST~1\NTUSER.DAT
    2007-08-09 21:43 <KANSIO> dr------- C:\DOCUME~1\JRJEST~1\K„ynnist„-valikko
    2007-08-09 21:43 <KANSIO> d--h----- C:\DOCUME~1\JRJEST~1\Verkkoymp„rist”
    2007-08-09 21:43 <KANSIO> d--h----- C:\DOCUME~1\JRJEST~1\Tulostinymp„rist”
    2007-08-09 21:43 <KANSIO> d--h----- C:\DOCUME~1\JRJEST~1\Mallit
    2007-08-09 21:43 <KANSIO> d-------- C:\DOCUME~1\JRJEST~1\Ty”p”yt„
    2007-08-09 21:43 <KANSIO> d-------- C:\DOCUME~1\JRJEST~1\Suosikit
    2007-08-09 21:43 <KANSIO> d-------- C:\DOCUME~1\JRJEST~1\Application DataPDFcreator
    2007-08-09 20:58 <KANSIO> d-------- C:\Deckard
    2007-08-02 11:03 <KANSIO> d-------- C:\DOCUME~1\LOCALS~1\Application DataPDFcreator
    2007-08-01 09:48 <KANSIO> d-------- C:\MSNFix
    2007-07-31 12:37 <KANSIO> d-------- C:\Program Files\Spyware Terminator
    2007-07-31 12:37 <KANSIO> d-------- C:\DOCUME~1\ESIASE~1\APPLIC~1\Spyware Terminator
    2007-07-31 12:37 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
    2007-07-31 10:39 <KANSIO> d-------- C:\Program Files\Trend Micro
    2007-07-31 10:10 <KANSIO> d-------- C:\Program Files\RegCure
    2007-07-31 10:06 2,498 --a------ C:\WINDOWS\system32\tmp.reg
    2007-07-31 10:04 <KANSIO> d-------- C:\torjunta
    2007-07-30 23:22 <KANSIO> d-------- C:\WINDOWS\system32\LogFiles
    2007-07-25 20:59 <KANSIO> d-------- C:\Jalkapallokuvia


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-08-09 20:31 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-07-23 19:00 --------- d-------- C:\Program Files\Winamp
    2007-05-16 18:14 86528 -----c--- C:\WINDOWS\system32\dllcache\directdb.dll
    2007-05-16 18:14 85504 -----c--- C:\WINDOWS\system32\dllcache\wabimp.dll
    2007-05-16 18:14 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
    2007-05-16 18:14 683520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
    2007-05-16 18:14 510976 -----c--- C:\WINDOWS\system32\dllcache\wab32.dll
    2007-05-16 18:14 1314816 -----c--- C:\WINDOWS\system32\dllcache\msoe.dll
    2007-05-13 21:35 48448 --a------ C:\WINDOWS\system32\perfc00B.dat
    2007-05-13 21:35 283024 --a------ C:\WINDOWS\system32\perfh00B.dat


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "PRONoMgr.exe"="C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe" [2003-03-11 17:24]
    "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2001-10-18 23:26]
    "nwiz"="nwiz.exe" [2001-10-18 23:26 C:\WINDOWS\system32\nwiz.exe]
    "F-Secure Manager"="C:\Program Files\F-Secure\Common\FSM32.exe" [2002-12-05 16:24]
    "SoundMan"="SOUNDMAN.EXE" [2003-08-15 10:34 C:\WINDOWS\SOUNDMAN.EXE]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-07-07 18:13]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-07 19:33]
    "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 02:12]
    "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "NoFind"=0 (0x0)
    "NoRun"=0 (0x0)
    "NoDesktop"=0 (0x0)
    "NoClose"=0 (0x0)
    "StartMenuLogOff"=0 (0x0)
    "HideClock"=0 (0x0)

    R2 F-Secure Filter;F-Secure File System Filter;\??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys
    R2 F-Secure Gatekeeper;F-Secure Gatekeeper;\??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSgk.sys
    R2 F-Secure Recognizer;F-Secure File System Recognizer;\??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys
    R2 FSpm;F-Secure Policy Manager;\??\C:\Program Files\F-Secure\Common\FSPM.SYS
    S2 BackWeb Client - 7681197;F-Secure BackWeb;C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE


    Contents of the 'Scheduled Tasks' folder
    2007-08-10 18:51:36 C:\WINDOWS\Tasks\RegCure Program Check.job
    2007-08-09 14:24:25 C:\WINDOWS\Tasks\RegCure.job - C:\Program Files\RegCure\RegCure.exe

    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-08-10 22:13:58
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden registry entries ...

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x00ffc\xd3w\2]
    "b049C053C7D38EE4AB9A00CB3B5D2472"="C?\Program Files\Common Files\Microsoft Shared\Web Folders\PUBPLACE.HTT"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
    "TracesProcessed"=dword:00000151
    "TracesSuccessful"=dword:00000043

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-08-10 22:14:42
    C:\ComboFix-quarantined-files.txt ... 2007-08-10 22:14
    C:\ComboFix2.txt ... 2007-08-10 21:34

    --- E O F ---
    ====


    Sitten HiJack:

    =====

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:18:59, on 10.8.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\F-Secure\Common\FNRB32.EXE
    C:\Program Files\F-Secure\Common\FIH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    N3 - Netscape 7: # Mozilla User Preferences

    /* Do not edit this file.
    *
    * If you make changes to this file while the browser is running,
    * the changes will be overwritten when the browser exits.
    *
    * To make a manual change to preferences, you can visit the URL about:config
    * For more information, see http://www.mozilla.org/unix/customizing.html#prefs
    */

    user_pref("__000.aim.general.im.enterCR", false);
    user_pref("__000.aim.general.im.tabKey", false);
    user_pref("__000.aim.general.im.timeStamp", false);
    user_pref("__000.aim.session.listonly", false);
    user_pref("__sys.aim.filexfer.location", "");
    user_pref("__sys.aim.general.im.enterCR", false);
    user_pref("__sys.aim.general.im.smilies", false);
    user_pref("__sys.aim.general.im.tabKey", false);
    user_pref("__sys.aim.general.im.timeStamp", false);
    user_pref("__sys.aim.general.snsautosignon", false);
    user_pref("__sys.aim.general.today", false);
    user_pref("aim.session.firsttime", false);
    user_pref("browser.activation.checkedNNFlag", true);
    user_pref("browser.
    N3 - Netscape 7: # Mozilla User Preferences

    /* Do not edit this file.
    *
    * If you make changes to this file while the browser is running,
    * the changes will be overwritten when the browser exits.
    *
    * To make a manual change to preferences, you can visit the URL about:config
    * For more information, see http://www.mozilla.org/unix/customizing.html#prefs
    */

    user_pref("__000.aim.general.im.enterCR", false);
    user_pref("__000.aim.general.im.tabKey", false);
    user_pref("__000.aim.general.im.timeStamp", false);
    user_pref("__000.aim.session.listonly", false);
    user_pref("__sys.aim.filexfer.location", "");
    user_pref("__sys.aim.general.im.enterCR", false);
    user_pref("__sys.aim.general.im.smilies", false);
    user_pref("__sys.aim.general.im.tabKey", false);
    user_pref("__sys.aim.general.im.timeStamp", false);
    user_pref("__sys.aim.general.snsautosignon", false);
    user_pref("__sys.aim.general.today", false);
    user_pref("aim.session.firsttime", false);
    user_pref("browser.activation.checkedNNFlag", true);
    user_pref("browser.
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28177.cab
    O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab27571.cab
    O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://www.ipswitch.com/_installs/wsftp_le/setup.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136533040625
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/files/installers/cab/WinAntiVirusPro2006FreeInstall.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
    O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

    --
    End of file - 8503 bytes

    ====

    Jännityksellä jään odottamaan, onko tullut (ei kesä, vaan) uusia örkkejä

    terv Krafu
     
    Krafu, 10.08.2007
    #21
  2.  
  3. Auttaja

    Auttaja Guest

    Tutkastaa viel jollain :)

    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/file...FreeInstall.cab

    Fixaa tuo haittaohjelma hijackthissilla :)

    ========
    Kaspersky online-skanneri

    Skannaa koneesi Kaspersky Online Skannerilla

    Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.
    [*] Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.
    [*] Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.
    [*] Klikkaa nyt asetuksia, Scan Settings
    [*] Tarkista asetuksista, että seuraavat ovat valittuina:

    o Scan using the following Anti-Virus database:

    + Extended (Jos valittavissa, muuten valitse Standard)

    o Scan Options:

    + Scan Archives
    + Scan Mail Bases

    [*] Klikkaa OK
    [*] Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer
    [*] Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.
    [*] Klikkaa nyt Save as Text-painiketta.
    [*] Tallenna tiedosto työpöydällesi.
    [*] Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi.
     
    Moderaattorin viimeksi muokkaama: 10.08.2007
    Auttaja, 10.08.2007
    #22
  4. Krafu

    Krafu Member

    Liittynyt:
    31.07.2007
    Viestejä:
    24
    Kiitokset:
    0
    Pisteet:
    11
    Ensin Kaspersky, joka kertoi löytäneensä viruksia

    =====

    -------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER REPORT
    Friday, August 10, 2007 11:40:02 PM
    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.93.0
    Kaspersky Anti-Virus database last update: 10/08/2007
    Kaspersky Anti-Virus database records: 378346
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: extended
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    A:\
    C:\
    D:\
    E:\

    Scan Statistics:
    Total number of scanned objects: 60808
    Number of viruses found: 3
    Number of infected objects: 9
    Number of suspicious objects: 0
    Duration of the scan process: 00:57:40

    Infected Object Name / Virus Name / Last Action
    C:\Documents and Settings\esiasennettu\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\esiasennettu\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\esiasennettu\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\esiasennettu\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\esiasennettu\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\esiasennettu\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\esiasennettu\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\Program Files\F-Secure\Common\policy.ipf Object is locked skipped
    C:\Program Files\irc\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
    C:\Program Files\irc\mirc616.exe/data0001.bin Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
    C:\Program Files\irc\mirc616.exe mIRC: infected - 1 skipped
    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    C:\System Volume Information\_restore{C9459769-5584-4660-8788-CC2A42E9F783}\RP4\change.log Object is locked skipped
    C:\torjunta\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
    C:\torjunta\SmitfraudFix\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
    C:\torjunta\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
    C:\torjunta\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
    C:\torjunta\SmitfraudFix.exe RarSFX: infected - 2 skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\Sti_Trace.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\default Object is locked skipped
    C:\WINDOWS\system32\config\default.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SAM Object is locked skipped
    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\system32\config\software Object is locked skipped
    C:\WINDOWS\system32\config\software.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\system Object is locked skipped
    C:\WINDOWS\system32\config\system.LOG Object is locked skipped
    C:\WINDOWS\system32\h323log.txt Object is locked skipped
    C:\WINDOWS\system32\nsj2D9.dll Infected: not-a-virus:AdWare.Win32.EZula.cc skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\wiadebug.log Object is locked skipped
    C:\WINDOWS\wiaservc.log Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    Scan process completed.
    =====

    Sitten vielä em. jälkeen ajettu Hijackthis

    ======
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:42:07, on 10.8.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\F-Secure\Common\FNRB32.EXE
    C:\Program Files\F-Secure\Common\FIH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    N3 - Netscape 7: # Mozilla User Preferences

    /* Do not edit this file.
    *
    * If you make changes to this file while the browser is running,
    * the changes will be overwritten when the browser exits.
    *
    * To make a manual change to preferences, you can visit the URL about:config
    * For more information, see http://www.mozilla.org/unix/customizing.html#prefs
    */

    user_pref("__000.aim.general.im.enterCR", false);
    user_pref("__000.aim.general.im.tabKey", false);
    user_pref("__000.aim.general.im.timeStamp", false);
    user_pref("__000.aim.session.listonly", false);
    user_pref("__sys.aim.filexfer.location", "");
    user_pref("__sys.aim.general.im.enterCR", false);
    user_pref("__sys.aim.general.im.smilies", false);
    user_pref("__sys.aim.general.im.tabKey", false);
    user_pref("__sys.aim.general.im.timeStamp", false);
    user_pref("__sys.aim.general.snsautosignon", false);
    user_pref("__sys.aim.general.today", false);
    user_pref("aim.session.firsttime", false);
    user_pref("browser.activation.checkedNNFlag", true);
    user_pref("browser.
    N3 - Netscape 7: # Mozilla User Preferences

    /* Do not edit this file.
    *
    * If you make changes to this file while the browser is running,
    * the changes will be overwritten when the browser exits.
    *
    * To make a manual change to preferences, you can visit the URL about:config
    * For more information, see http://www.mozilla.org/unix/customizing.html#prefs
    */

    user_pref("__000.aim.general.im.enterCR", false);
    user_pref("__000.aim.general.im.tabKey", false);
    user_pref("__000.aim.general.im.timeStamp", false);
    user_pref("__000.aim.session.listonly", false);
    user_pref("__sys.aim.filexfer.location", "");
    user_pref("__sys.aim.general.im.enterCR", false);
    user_pref("__sys.aim.general.im.smilies", false);
    user_pref("__sys.aim.general.im.tabKey", false);
    user_pref("__sys.aim.general.im.timeStamp", false);
    user_pref("__sys.aim.general.snsautosignon", false);
    user_pref("__sys.aim.general.today", false);
    user_pref("aim.session.firsttime", false);
    user_pref("browser.activation.checkedNNFlag", true);
    user_pref("browser.
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28177.cab
    O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab27571.cab
    O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://www.ipswitch.com/_installs/wsftp_le/setup.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136533040625
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
    O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

    --
    End of file - 8525 bytes
    ===

    Jotta sellaista.

    Äsken saunan lauteilla istuessani mietin, että ilmeisesti pitää aloittaa Hijackthissillä myös ruutterini päässä oleva toinen kone, silläkin on kuulemma mesetetty....

    ====
    Miltä tämä eka kone näyttää nyt?

    terv Krafu

     
    Krafu, 10.08.2007
    #23
  5. Auttaja

    Auttaja Guest

    Joo... eli tää eka kone pitäisi olla lokejen mukaan kunnossa.. :) mutta logeissa ei tosiaan aina näy kaikki haittaohjelmat.. mutta melko suurella todennäkösyydellä on :)

    Tää tiedosto viel

    C:\WINDOWS\system32\nsj2D9.dll

    Laita piilotiedostot näkyviin ja tarkistuksen jälkeen piiloon takaisin

    http://www.virustotal.com/

    Mene tuonne sivulle ja lataa tiedosto käyttämällä "selaa" toimintoa.

    Jos palvelu on ruuhkautunut käytä http://virusscan.jotti.org/

    Laita tulos seuraavaan vastaukseen

    =======

    eli seuraava kone vaan kurkaukseen :D
     
    Auttaja, 10.08.2007
    #24
  6. Krafu

    Krafu Member

    Liittynyt:
    31.07.2007
    Viestejä:
    24
    Kiitokset:
    0
    Pisteet:
    11
    Hei!

    Ohessapa Virustotalin tulos!
    On hieman hyppivä, mutta en aamutuimaan löytänyt raporttigeneraattoria, vaan otin leikkaa ja liimaa-memetelmällä sivulta suoraan...

    =================
    File nsj2D9.dll received on 08.11.2007 04:53:30 (CET)
    Current status: finished
    Result: 11/32 (34.38%)
    Compact
    Print results
    Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.
    You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.

    Email:

    Antivirus Version Last Update Result
    AhnLab-V3 2007.8.9.2 2007.08.10 Win-AppCare/Ezula.81408
    AntiVir 7.4.0.60 2007.08.10 ADSPY/EZula.CC.9
    Authentium 4.93.8 2007.08.10 -
    Avast 4.7.1029.0 2007.08.10 -
    AVG 7.5.0.476 2007.08.10 Adware Generic2.ADR
    BitDefender 7.2 2007.08.11 -
    CAT-QuickHeal 9.00 2007.08.10 -
    ClamAV 0.91 2007.08.11 -
    DrWeb 4.33 2007.08.11 -
    eSafe 7.0.15.0 2007.08.10 -
    eTrust-Vet 31.1.5050 2007.08.11 -
    Ewido 4.0 2007.08.10 -
    FileAdvisor 1 2007.08.11 -
    Fortinet 2.91.0.0 2007.08.11 -
    F-Prot 4.3.2.48 2007.08.10 -
    F-Secure 6.70.13030.0 2007.08.11 -
    Ikarus T3.1.1.12 2007.08.10 -
    Kaspersky 4.0.2.24 2007.08.11 not-a-virus:AdWare.Win32.EZula.cc
    McAfee 5095 2007.08.10 potentially unwanted program Adware-BitLocker
    Microsoft 1.2704 2007.08.11 BrowserModifier:Win32/Fotomoto
    NOD32v2 2450 2007.08.10 -
    Norman 5.80.02 2007.08.10 -
    Panda 9.0.0.4 2007.08.10 Adware/eZula
    Prevx1 V2 2007.08.11 Generic.Malware
    Rising 19.35.42.00 2007.08.10 -
    Sophos 4.19.0 2007.08.01 Mal/Heuri-E
    Sunbelt 2.2.907.0 2007.08.11 -
    Symantec 10 2007.08.11 Adware.Ezula
    TheHacker 6.1.7.166 2007.08.10 -
    VBA32 3.12.2.2 2007.08.10 -
    VirusBuster 4.3.26:9 2007.08.10 -
    Webwasher-Gateway 6.0.1 2007.08.10 Ad-Spyware.EZula.CC.9
    Additional information
    File size: 81408 bytes
    MD5: 77cc9bd2c38414d1c64573031fb51aa3
    SHA1: 54553b39a9c94f7240843d2f1ba77d36132c20d2
    packers: UPX
    packers: UPX
    packers: UPX
    Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5=6C5339B5005C64A33E1301043133DB001EEF5873
    ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

    =============

    Kiitos tähänastisesta!

    Joudun taas poistumaan päiväksi, mutta jatketaan (joko tämän tai) toisen koneen kanssa.


    terv Krafu
     
    Krafu, 11.08.2007
    #25
  7. Auttaja

    Auttaja Guest

    Poistetaan tää tiedosto C:\WINDOWS\system32\nsj2D9.dll

    Lataa Killbox Option^Explicitiltä.

    Huomaa: Jos sinulla on jo Killbox, tämä on uusi versio joka sinun tulee asentaa. Poista aikaisempi.

    [*]Tallenna työpöydällesi.
    [*] Tupla-klikkaa Killbox.exe ajaaksesi ohjelman.
    [*] Valitse: [*]Delete on Reboot[*] sitten klikkaa All Files valintaa.
    [*]Kopioi ja liitä alapuolella olevat tiedostopolut leikepöydälle mustaamalla KAIKKI ne ja painamalla CTRL + C (tai, mustaamisen jälkeen, oikea klikki hiirellä ja valitse kopioi):

    C:\WINDOWS\system32\nsj2D9.dll

    [*] Palaa Killboxiin, mene File valikkoon, ja valitse Paste from Clipboard.

    [*]Klikkaa puna-valkoista Delete File valintaa. Klikkaa Yes "Delete on Reboot" pyyntöön. Klikkaa OK mihin vain PendingFileRenameOperations pyyntöön (ja anna fixaajan tietää jos jokin tälläinen tulee!).
    Käynnistä koneesi itse jos se ei sitä automaattisesti tee

    Jos saat tälläisen viestin: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." Kun yrität ajaa KillBoxia, klikkaa tätä ladataksesi ja ajaaksesi Missingfilessetup.exe;n. Sitten koita KillBoxia uudestaan.

    Laita sitten logi toisesta koneesta... :)
     
    Moderaattorin viimeksi muokkaama: 11.08.2007
    Auttaja, 11.08.2007
    #26
  8. Krafu

    Krafu Member

    Liittynyt:
    31.07.2007
    Viestejä:
    24
    Kiitokset:
    0
    Pisteet:
    11

    Joo, toimi ihan OK, reboottauksessa ei ollut rongelmia, eikä muitakaan virheilmoja tullut.
    Tosin täytyy sanoa, etten (vielä) ole tarkastranut, että poistuiko....

    Tässä meinasin ihan oikeasti pudota kärryiltä ;-)
    Ensin luulin, että em. killauksen logi pitää "varmuuden vuoksi" laittaa toiselta koneelta, mutta "löytää se sokeakin kana jyvän" eli ymmärsin.

    Toisen koneen tarkastuksen aloitin uudella threadilla...

    terv Krafu
     
    Krafu, 11.08.2007
    #27
Sivu 2 / 2

Jaa tämä sivu