eScan löysi vaikka mitä

Eli eScan löysi kaverin koneesta seuraavia:

File C:\WINDOWS\system32\scvchost.exe infected by "Backdoor.Win32.Cakl.a" Virus. Action Taken: File Renamed.
File C:\WINDOWS\drcwin32.exe infected by "Backdoor.Win32.Cakl.b" Virus. Action Taken: File Renamed.
File C:\WINDOWS\Program.EXE infected by "Backdoor.Win32.Cakl.a" Virus. Action Taken: File Renamed.
File C:\WINDOWS\TRIODS.0XE infected by "Trojan.Win32.Zapchast" Virus. Action Taken: File Deleted.
File C:\WINDOWS\system32\ldapi32.exe infected by "Backdoor.Win32.Cakl.a" Virus. Action Taken: File Renamed.
File C:\WINDOWS\system32\ntswrl32.dll infected by "Backdoor.Win32.Cakl.a" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\Raimo\Application Data\Bike Glue\OBJ EXTRA.0XE infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Raimo\Application Data\Bike Glue\STOPRDR.0XE infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Raimo\Application Data\Bike Glue\STOPRDR.1XE tagged as not-a-virus:AdWare.Win32.Lop.ag. No Action Taken.
File C:\Documents and Settings\Raimo_2\Local Settings\Temp\ShprRprt.exe tagged as not-a-virus:AdWare.Win32.HotBar.be. No Action Taken.
File C:\Documents and Settings\Raimo_2\Local Settings\Temporary Internet Files\Content.IE5\GXYBOPEZ\ShprRprt[1].exe tagged as not-a-virus:AdWare.Win32.HotBar.be. No Action Taken.
File C:\Ohjelmia\MSN-Winks.exe tagged as not-a-virus:AdWare.Win32.180Solutions. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP212\A0038119.dll tagged as not-a-virus:AdWare.Win32.Shopper.g. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP212\A0038121.exe tagged as not-a-virus:AdWare.Win32.Hotbar.as. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP214\A0038276.exe tagged as not-a-virus:AdWare.Win32.Lop.ai. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP214\A0038277.exe tagged as not-a-virus:AdWare.Win32.Shopper.g. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP218\A0038400.exe infected by "Backdoor.Win32.IRCBot.jf" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP243\A0042148.exe tagged as not-a-virusownloader.Win32.WinFixer.d. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP254\A0044930.exe tagged as not-a-virus:AdWare.Win32.Lop.z. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP254\A0044931.exe tagged as not-a-virus:AdWare.Win32.Lop.ag. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP254\A0044932.exe tagged as not-a-virus:AdWare.Win32.Lop.ag. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP254\A0044933.exe tagged as not-a-virus:AdWare.Win32.Lop.z. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP254\A0044934.exe tagged as not-a-virus:AdWare.Win32.Lop.z. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP254\A0044935.exe tagged as not-a-virus:AdWare.Win32.Lop.ag. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP254\A0044936.exe tagged as not-a-virus:AdWare.Win32.Lop.z. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP257\A0045133.exe tagged as not-a-virus:RiskTool.Win32.PsKill.n. No Action Taken.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP297\A0051790.exe infected by "Backdoor.Win32.Cakl.a" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{0B41B20C-1260-4726-9A65-44E8B77C1BFF}\RP297\A0051791.exe infected by "Backdoor.Win32.Cakl.a" Virus. Action Taken: File Renamed.

Mitäs noille pitää tehdä vai onko tuo nyt sillä selvä?

Edit: työpöydälle ilmaantui niitä kuvakkeita (esim.worm.avc), niin mitäs niille pitää tehdä?

 

Tyhjennä system restore -> http://support.f-secure.fi/fin/home/virusproblem/howtoclean/cleansystemrestore.shtml

Aja ewido -> Hae täältä -> http://www.ewido.net/en/download
ewido, asenna, päivitä ja skannaa. Anna poistaa mitä löytää, tallenna raportti. Lähetä ewidon raportti.

 

@Disa-: Se järjestelmän palautus putsataan viimeiseksi eikä ensimmäiseksi

@TeleHell: Laita HjT-loki,ohjeet -> http://keskustelu.afterdawn.com/thread_view.cfm/316714

Tuon voit myös poistaa:

C:\Ohjelmia\MSN-Winks.exe

Tyhjennä myös IE:n väliaikaistiedostot ja muut tempit.

 

Eli tässä on HJT loki:

Logfile of HijackThis v1.99.1
Scan saved at 16:13:36, on 16.5.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\VM_STI.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\RDSHOST.exe
C:\WINDOWS\system32\sessmgr.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpCtr.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Reboot.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


Ja tässä Ewido:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 17:43:13, 16.5.2006
+ Report-Checksum: FC5EE4E8

+ Scan result:

:mozilla.84:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned without backup
:mozilla.85:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned without backup
:mozilla.97:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned without backup
:mozilla.102:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.103:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.104:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.105:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.107:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Trafic : Cleaned without backup
:mozilla.112:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.114:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.115:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.116:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.118:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.119:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.120:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.121:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.122:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.124:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.125:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.133:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned without backup
:mozilla.134:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.135:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.136:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.137:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Adtech : Cleaned without backup
:mozilla.138:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Adtech : Cleaned without backup
:mozilla.173:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned without backup
:mozilla.176:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned without backup
:mozilla.193:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Weborama : Cleaned without backup
:mozilla.197:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.198:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.200:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned without backup
:mozilla.239:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.240:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.241:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.242:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.243:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.244:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.271:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned without backup
:mozilla.272:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned without backup
:mozilla.277:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.278:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.279:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.285:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned without backup
:mozilla.286:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned without backup
:mozilla.287:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned without backup
:mozilla.288:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned without backup
:mozilla.291:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned without backup
:mozilla.313:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Revenue : Cleaned without backup
:mozilla.318:C:\Documents and Settings\Raimo\Application Data\Mozilla\Firefox\Profiles\gp0nfggf.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned without backup
C:\WINDOWS\drcwin32.exe.mwt -> Backdoor.Cakl.b : Cleaned without backup
C:\WINDOWS\Program.EXE.mwt -> Backdoor.Cakl.a : Cleaned without backup
C:\WINDOWS\system32\ldapi32.exe.mwt -> Backdoor.Dosia : Cleaned without backup
C:\WINDOWS\system32\ntswrl32.dll.mwt -> Backdoor.Cakl.a : Cleaned without backup
C:\WINDOWS\system32\scvchost.exe.mwt -> Backdoor.Cakl.a : Cleaned without backup


::Report End

Siellä työpöydällä on edelleen ne kuvakkeet jotka tulivat sen eScan ohjelman viruslöytöjen myötä, voiko ne poistaa?

 

Ahaa eli siis ilmeisesti eScan on tallennettu työpöydälle?
Worm.avc on näet yksi eScanin tunnistefilu. Voi poistaa tai paremminkin siirtää johonkin toiseen hakemistoon, jos haluaa.

Tietoa mikä tämä on ? ->

O4 - Startup: Reboot.exe

Jos ei niin tarkista se täällä ->

http://www.virustotal.com/flash/index_en.html

Poista:

C:\Documents and Settings\Raimo\Application Data\Bike Glue

Fixaa nämä:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

Muuten on ok

Nyt voit putsata sen järjestelmän palautuksen Disa-:n ohjeiden mukaan

 

ei ilmoittanut viruksia tuossa reboot.exe;ssä. En tiedä mikä se on kylläkään..
Kiitoksia neuvoista/ohjeista!

 

sanoo tuossa Järjestelmän palauttamisen pois oton kohdalla näin:

"Järjestelmän palauttaminen kohtasi ongelmia yhden tai useamman aseman käyttöönotossa tai käytöstä poistamisessa. Käynnistä tietokone uudelleen."

Sitten kun käynnisti uudelleen nii ei se raksi enää ollut siinä kohdin.

 

Kokeiles sitä järjestelmän palautus-juttua uudestaan. Se pitää tyhjätä kun siellä on örkkejä pesimässä.

 

Tuota samaa se vaan sanoo, pari kertaa käynnistänyt uudelleen. Mutta, kun menen: käynnistä -> apuohjelmat -> järjestelmätyökalut -> järjestelmän palautus, niin sanoo että:

"Järjestelmän palauttaminen ei voi suojata tietokonetta. Käynnistä tietokone uudelleen ja suorita Järjestelmän palauttaminen uudelleen."

Eli kyllä se varmaan nollasi palautuspisteet, koska esim. winxp ei enää niitä löydä. Uusiutuvathan ne automaattisesti? Käsittääkseni ainakin

 

Uusiutuvat, jos se järjestelmän palautus on nyt päällä