Backdoor Berbew -mato

Discussion in 'Virukset ja haittaohjelmat' started by LeLu10, Sep 20, 2005.

Page 1 of 3
  1. LeLu10

    LeLu10 Regular member

    Joined:
    Jan 18, 2005
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    26
    Adware away löytää vähintään kerran vuorokauteen madon nimeltään Backdoor Berbew, paikasta
    HKCU:\Software\Microsoft\Internet Explorer\Main Form\FormSugget PW Ask

    Ohjelma kyllä poistaa madon, mutta sama ongelma ilmenee heti seuraavana päivänä. Mitähän tälle olisi tehtävissä. HJT-logissa ei ilmeisesti ole epäselvyyksiä, Eniro poisti jo mitä poistettavissa oli, Norton on käytössä ja noita spybot/adware-ohjelmia on ajettu läpi useampiakin.
     
    LeLu10, Sep 20, 2005
    #1
  2. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Kokeiles eScania -> http://koti.mbnet.fi/pattaya1/escanmwav.htm
    Asenna, päivitä se ja skannaa sillä. Sitten lähetä sen loki tänne (siitä skannausikkunan alaosasta ne rivit Virus Log Information-kohdasta, ihan maalaa, leikkaa/liimaa).
     
    -kemisti-, Sep 20, 2005
    #2
  3. LeLu10

    LeLu10 Regular member

    Joined:
    Jan 18, 2005
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    26
    No löytyihän tuolla vähän sitä sun tätä.

    Tässä logi:

    File C:\Program Files\Canon\MP Navigator 1.1\mpn.exe tagged as not-a-virus:NetTool.Win32.Calc-DNet.d. No Action Taken.
    File C:\Program Files\GIANT Company Software\GIANT AntiSpyware\Quarantine\D5A975E6-2EB4-421F-9F61-69D630\186E754D-FFC1-4911-B824-57AD2F infected by "Trojan-Downloader.Win32.Keenval.f" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\114C1EF0 tagged as not-a-virus:AdWare.WinAD.b. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\114F48EC tagged as not-a-virus:AdWare.WinAD. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\16035BE5 tagged as not-a-virus:AdWare.WinAD.b. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\18CD0755 infected by "Trojan-Dropper.Win32.Delf.z" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\23260231 infected by "Trojan-Downloader.Win32.IstBar.er" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\2C046F01 infected by "Trojan-Clicker.Win32.Delf.r" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\2C0818FD tagged as not-a-virus:AdWare.WinAD.b. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\2C0B42FA tagged as not-a-virus:AdWare.WinAD. No Action Taken.
    File C:\Program Files\Norton AntiVirus\Quarantine\39B55484 infected by "Trojan-Downloader.Win32.Keenval.g" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\6F2B643E infected by "Trojan-Dropper.Win32.Delf.z" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton AntiVirus\Quarantine\7ABB203C tagged as not-a-virus:AdWare.WinAD. No Action Taken.
    File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\107A0295.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\18A92FB1.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\18AC59AD.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\18AF03AA.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1CF61F2C.exe tagged as not-a-virus:AdWare.Lop.p. No Action Taken.
    File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1D456621.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\341F1831.exe infected by "Trojan-Downloader.Win32.Swizzor.di" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3422422D.exe infected by "Trojan-Downloader.Win32.Swizzor.di" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4AB12495.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\74AB0FD5.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7A2D032F.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP278\A0022518.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP287\A0023102.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP287\A0023103.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP287\A0023104.exe infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP287\A0023105.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP288\A0023119.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP288\A0023120.exe tagged as not-a-virus:AdWare.Lop.p. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP288\A0023121.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP288\A0023122.exe infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP288\A0023123.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP289\A0023166.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP289\A0023169.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP289\A0023170.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP289\A0023174.exe infected by "Trojan-Downloader.Win32.Keenval.f" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP289\A0024037.exe infected by "Trojan-Downloader.Win32.Swizzor.dc" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP289\A0024038.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP289\A0024039.exe tagged as not-a-virus:AdWare.Lop.p. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP289\A0024040.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP289\A0024041.exe infected by "Trojan-Downloader.Win32.Swizzor.di" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP289\A0024042.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP295\A0025200.exe infected by "Trojan-Downloader.Win32.Swizzor.dc" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP295\A0025201.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP295\A0025202.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP295\A0025203.exe tagged as not-a-virus:AdWare.Lop.p. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP295\A0025204.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP295\A0025205.exe infected by "Trojan-Downloader.Win32.Swizzor.dj" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP295\A0025206.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP296\A0026127.exe infected by "Trojan-Downloader.Win32.Swizzor.dg" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP296\A0026128.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP296\A0026129.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP296\A0026130.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP296\A0026131.exe tagged as not-a-virus:AdWare.Lop.p. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP296\A0026132.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP296\A0026133.exe infected by "Trojan-Downloader.Win32.Swizzor.di" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP296\A0026134.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP300\A0026316.exe infected by "Trojan-Downloader.Win32.Swizzor.dg" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP300\A0026317.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP300\A0026318.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP300\A0026319.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP300\A0026320.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP300\A0026321.exe tagged as not-a-virus:AdWare.Lop.p. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP300\A0026322.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP300\A0026323.exe infected by "Trojan-Downloader.Win32.Swizzor.dj" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP300\A0026324.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP301\A0026386.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP301\A0026387.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP301\A0026388.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP301\A0026389.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP301\A0026390.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP301\A0026391.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP301\A0026392.exe tagged as not-a-virus:AdWare.Lop.p. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP301\A0026393.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP301\A0026394.exe infected by "Trojan-Downloader.Win32.Swizzor.dr" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP301\A0026395.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP302\A0027000.exe infected by "Trojan-Downloader.Win32.Swizzor.di" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP302\A0027001.exe infected by "Trojan-Downloader.Win32.Swizzor.di" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028291.exe tagged as not-a-virus:AdWare.Lop.m. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028320.exe infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028321.exe tagged as not-a-virus:AdWare.Lop.p. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028322.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028323.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028324.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028325.exe infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028326.exe infected by "Trojan-Downloader.Win32.Swizzor.dj" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028327.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028328.exe infected by "Trojan-Downloader.Win32.Swizzor.dh" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028329.exe infected by "Trojan-Downloader.Win32.Swizzor.di" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028330.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028331.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028332.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP311\A0028333.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP318\A0029121.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP318\A0029122.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP318\A0029123.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP318\A0029124.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP318\A0029125.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP318\A0029126.exe tagged as not-a-virus:AdWare.Lop.p. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP318\A0029127.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP318\A0029128.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP318\A0029129.exe tagged as not-a-virus:AdWare.Lop.z. No Action Taken.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP332\A0029642.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP332\A0029643.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP332\A0029644.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP332\A0029645.exe infected by "Trojan-Downloader.Win32.Swizzor.di" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP332\A0029646.exe infected by "Trojan-Downloader.Win32.Swizzor.di" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP332\A0029647.exe infected by "Trojan-Downloader.Win32.Swizzor.df" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP332\A0029648.exe infected by "Trojan-Downloader.Win32.Swizzor.de" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{A862470A-8850-4F4C-8547-1C0E42DD4B6F}\RP332\A0029649.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
     
    LeLu10, Sep 20, 2005
    #3
  4. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Näköjään löytyi, joo :) Hävisikö toi Backdoor Berbew-ongelma?

    Nämä tiedostot voisit poistaa käsin(eScan ei poista adwarea):

    C:\Program Files\Norton AntiVirus\Quarantine\==>114C1EF0<==
    C:\Program Files\Norton AntiVirus\Quarantine\==>114F48EC<==
    C:\Program Files\Norton AntiVirus\Quarantine\==>16035BE5<==
    C:\Program Files\Norton AntiVirus\Quarantine\==>2C0818FD<==
    C:\Program Files\Norton AntiVirus\Quarantine\==>2C0B42FA<==
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\==>18AF03AA.exe<==
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\==>1CF61F2C.exe<==
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\==>1D456621.exe<==

    Lisäksi sulla on järjestelmän palautus-kansiossa muutama "lop", jotka voit halutessasi poistaa vaikka ottamalla järjestelmän palautuksen pois päältä, käynnistämällä koneen uudestaan ja tekemällä uuden palautuspisteen tai sitten noiden ohjeiden mukaan -> http://support.microsoft.com/default.aspx?scid=kb;en-us;309531
     
    -kemisti-, Sep 21, 2005
    #4
  5. LeLu10

    LeLu10 Regular member

    Joined:
    Jan 18, 2005
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    26
    Sama mato löytyi jälleen samasta paikasta samalla ohjelmalla!

    Tuo lop'ien (mitä lie...) poistamista en osannut :(

    System Volume Information-kansionkäyttö oli estetty, mutta kun äsken kävin parilla sivulla netissä, poistin sen madon Adware Awaylla, niin hups heijaa pääsin sittenkin tuonne kansioon sisälle! Ovatko sitten yhteydessä toisiinsa, tiedä häntä, mutta näin kävi. Tästäkään huolimatta, ei onnannut...

    Ja tuossa resurssienhallinnassa on kaiken lisäksi ongelmia, jota koetan selvittää tuolla toisella palstalla ;)


     
    LeLu10, Sep 21, 2005
    #5
  6. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Löysin ehkä fixin tolle Backdoor Berbewille täältä (eka linkki)->http://www.mahidol.ac.th/download/application/antivirus.html
    , mutta en sitten tiedä tosta, että onko joku pöpö itsekin :D Kokeile omalla vastuulla ;)

    EDIT: Tai tarkista se ennen käyttöä täällä -> http://virusscan.jotti.org
    Sieltä ylhäältä selaa... ja submit.
     
    Last edited: Sep 21, 2005
    -kemisti-, Sep 21, 2005
    #6
  7. LeLu10

    LeLu10 Regular member

    Joined:
    Jan 18, 2005
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    26
    Ohjelma tuntuu toimivan ihan hyvin ja turvallisesti. Symantecin tekemä, ilmeisesti... Ainoa ongelma on, ettei se poista tuota Adware awayn löytämää matoa!

    Mistähän vikaa etsisi? Voiko tuota "tukkia" jotenkin, ettei sama mato pääse samaan paikkaan? Vai onko tuossa ohjelmassa vika?

    En ymmärrä...
     
    LeLu10, Sep 22, 2005
    #7
  8. heikki71

    heikki71 Regular member

    Joined:
    May 7, 2005
    Messages:
    658
    Likes Received:
    0
    Trophy Points:
    26
    poista ylimääräiset system volume informationista.
     
    heikki71, Sep 22, 2005
    #8
  9. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Tai voi olla, ettei se vaan poista tuota varianttia (Symantecin sivujen mukaan niitä on A-T-variantit).
     
    -kemisti-, Sep 22, 2005
    #9
  10. LeLu10

    LeLu10 Regular member

    Joined:
    Jan 18, 2005
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    26
    Mikä kaikki on ylimääräistä tuolla system volume informationissa?!

    Voi olla, että ko. variantti ei poistu. Mutta tuo Adware Away näyttää sen poistavan, koska heti perään sitä ei tuolla näy. Vaan annas olla seuraavana päivänä...
     
    LeLu10, Sep 22, 2005
    #10
  11. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Ainakin ne lopit.
     
    -kemisti-, Sep 22, 2005
    #11
  12. LeLu10

    LeLu10 Regular member

    Joined:
    Jan 18, 2005
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    26
    Mmkay'... Mutta saisinko nyt ohjeet lopien poistoon selkokielellä ;) Ohjelmankin löysin, mutta siinähän ol viirus itessään.

    En löydä mitään "Sharing and Security" -tiedostoa.
     
    LeLu10, Sep 24, 2005
    #12
  13. heikki71

    heikki71 Regular member

    Joined:
    May 7, 2005
    Messages:
    658
    Likes Received:
    0
    Trophy Points:
    26
    onko Nortonissa käytönaikainen tarkastus?
    ...jos on niin pistä päälle.
     
    heikki71, Sep 24, 2005
    #13
  14. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    -kemisti-, Sep 25, 2005
    #14
  15. LeLu10

    LeLu10 Regular member

    Joined:
    Jan 18, 2005
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    26
    Nortonissa on kyllä käytössä lähestulkoon kaikki mahdollinen, en sitten tiedä jos tuokin löytyy jostain helvetinmoisen mutkan takaa...

    No nyt on tuolla ohjelmalla lopit poistettu. Pitää sitä ajaa tasaseen, niin kai ne sitten pysyykin poissa. Kiitos.

    Ja kas kummaa, itse matoa ei ole pariin päivään näkynyt. Jospa joku näistä tempuista on auttanut! :)
     
    LeLu10, Sep 26, 2005
    #15
  16. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Mukava kuulla :)
     
    -kemisti-, Sep 26, 2005
    #16
  17. LeLu10

    LeLu10 Regular member

    Joined:
    Jan 18, 2005
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    26
    Nonnin! Ja nyt se tul takasin! Tai onko ollut jo minkä aikaa, kun en viikkoon ole tuota AdwareAwayta ajanut läpi...

    Eikö tuota voi millään blokata, kun tulee joka ikinen kerta tuohon yhteen ja samaan paikkaan?
     
    LeLu10, Oct 4, 2005
    #17
  18. heikki71

    heikki71 Regular member

    Joined:
    May 7, 2005
    Messages:
    658
    Likes Received:
    0
    Trophy Points:
    26
    heikki71, Oct 4, 2005
    #18
  19. LeLu10

    LeLu10 Regular member

    Joined:
    Jan 18, 2005
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    26
    Nyt en kyllä valitettavasti tuosta threadista osannut sitä minun oloani helpottavaa onkia esille... :/

    Jos tiivistelmän saisi rautalangasta väännettynä? ;D
     
    LeLu10, Oct 4, 2005
    #19
  20. heikki71

    heikki71 Regular member

    Joined:
    May 7, 2005
    Messages:
    658
    Likes Received:
    0
    Trophy Points:
    26
    toi on vaan sitä varten jos et pääse jostain syystä system volume informationiin. ei muuta, roger and out
     
    heikki71, Oct 4, 2005
    #20
Page 1 of 3

Share This Page