PCHealthCenter, Trojaneita jne.

Discussion in 'Virukset ja haittaohjelmat' started by jvjv, Sep 24, 2008.

  1. jvjv

    jvjv Member

    Joined:
    Sep 24, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    11
    Iski tuon niminen pöpö ja Trojaneita sun muita, ja uhka on windowsin mukaan suuri. AVG olevinaan poistaa kaikki löytämänsä uhat skannauksen yhteydessä, mutta ongelma uusiutuu pian. Saan kohta hermoromahduksen!

    Skannasin myös HijackThisillä mutta itse en logeista älyä mitään, niin apu olisi tarpeen. Paraikaa myös skannaan Malwarebytes' Anti-Malwarella, mutta siinä on kestänyt jo yli 4 h ja loppua ei näy, eli postaan sen login myöhemmin.

    Kiitos!

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:27:33, on 24.9.2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16711)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Windows\System32\YUR7438.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\AVG\AVG8\avgui.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: QXK Olive - {54A2190F-6F53-4D30-83DD-292BC8DF4F7E} - C:\Windows\dfmlxbpkgls.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {97B74645-645A-4E65-86C4-3735B8122F46} - C:\Windows\system32\ddcDtQhg.dll (file missing)
    O2 - BHO: {1b4375ec-d342-ee6b-5934-045e913eebf9} - {9fbee319-e540-4395-b6ee-243dce5734b1} - C:\Windows\system32\gceuceoj.dll (file missing)
    O2 - BHO: (no name) - {ACED1C9F-2718-4512-9F69-F4E28C1F484F} - C:\Windows\system32\nnnkLbxw.dll (file missing)
    O3 - Toolbar: (no name) - {E5ACC10D-16BD-42DB-9AAB-283DF9B3A4EA} - (no file)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [tvjbmonitor] C:\Program Files\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [8a7fb615] rundll32.exe "C:\Windows\system32\oiexgsgl.dll",b
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [\YUR724.exe] C:\Windows\system32\YUR724.exe
    O4 - HKLM\..\Run: [\YUR7438.exe] C:\Windows\system32\YUR7438.exe
    O4 - HKLM\..\Run: [\YUR2E46.exe] C:\Windows\system32\YUR2E46.exe
    O4 - HKLM\..\Run: [\YURC9D1.exe] C:\Windows\system32\YURC9D1.exe
    O4 - HKLM\..\Run: [\YUR4939.exe] C:\Windows\system32\YUR4939.exe
    O4 - HKLM\..\Run: [\YUR90EE.exe] C:\Windows\system32\YUR90EE.exe
    O4 - HKLM\..\Run: [\YUR9330.exe] C:\Windows\system32\YUR9330.exe
    O4 - HKLM\..\Run: [\YUR96CA.exe] C:\Windows\system32\YUR96CA.exe
    O4 - HKLM\..\Run: [\YUR9776.exe] C:\Windows\system32\YUR9776.exe
    O4 - HKLM\..\Run: [\YUR982.exe] C:\Windows\system32\YUR982.exe
    O4 - HKLM\..\Run: [\YUR87B1.exe] C:\Windows\system32\YUR87B1.exe
    O4 - HKLM\..\Run: [\YUR317.exe] C:\Windows\system32\YUR317.exe
    O4 - HKLM\..\Run: [\YUR9DD.exe] C:\Windows\system32\YUR9DD.exe
    O4 - HKLM\..\Run: [\YUR1F59.exe] C:\Windows\system32\YUR1F59.exe
    O4 - HKLM\..\Run: [\YUR2852.exe] C:\Windows\system32\YUR2852.exe
    O4 - HKLM\..\Run: [\YUR70DF.exe] C:\Windows\system32\YUR70DF.exe
    O4 - HKLM\..\Run: [\YURAA92.exe] C:\Windows\system32\YURAA92.exe
    O4 - HKLM\..\Run: [\YURAD61.exe] C:\Windows\system32\YURAD61.exe
    O4 - HKLM\..\Run: [\YURBAA0.exe] C:\Windows\system32\YURBAA0.exe
    O4 - HKLM\..\Run: [\YURBEE6.exe] C:\Windows\system32\YURBEE6.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [\YUR724.exe] C:\Windows\system32\YUR724.exe
    O4 - HKCU\..\Run: [\YUR7438.exe] C:\Windows\system32\YUR7438.exe
    O4 - HKCU\..\Run: [\YUR2E46.exe] C:\Windows\system32\YUR2E46.exe
    O4 - HKCU\..\Run: [\YURC9D1.exe] C:\Windows\system32\YURC9D1.exe
    O4 - HKCU\..\Run: [\YUR4939.exe] C:\Windows\system32\YUR4939.exe
    O4 - HKCU\..\Run: [\YUR90EE.exe] C:\Windows\system32\YUR90EE.exe
    O4 - HKCU\..\Run: [\YUR9330.exe] C:\Windows\system32\YUR9330.exe
    O4 - HKCU\..\Run: [\YUR96CA.exe] C:\Windows\system32\YUR96CA.exe
    O4 - HKCU\..\Run: [\YUR9776.exe] C:\Windows\system32\YUR9776.exe
    O4 - HKCU\..\Run: [\YUR982.exe] C:\Windows\system32\YUR982.exe
    O4 - HKCU\..\Run: [\YUR87B1.exe] C:\Windows\system32\YUR87B1.exe
    O4 - HKCU\..\Run: [\YUR317.exe] C:\Windows\system32\YUR317.exe
    O4 - HKCU\..\Run: [\YUR9DD.exe] C:\Windows\system32\YUR9DD.exe
    O4 - HKCU\..\Run: [\YUR1F59.exe] C:\Windows\system32\YUR1F59.exe
    O4 - HKCU\..\Run: [\YUR2852.exe] C:\Windows\system32\YUR2852.exe
    O4 - HKCU\..\Run: [\YUR70DF.exe] C:\Windows\system32\YUR70DF.exe
    O4 - HKCU\..\Run: [\YURAA92.exe] C:\Windows\system32\YURAA92.exe
    O4 - HKCU\..\Run: [\YURAD61.exe] C:\Windows\system32\YURAD61.exe
    O4 - HKCU\..\Run: [\YURBAA0.exe] C:\Windows\system32\YURBAA0.exe
    O4 - HKCU\..\Run: [\YURBEE6.exe] C:\Windows\system32\YURBEE6.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: hbuuiwfg.dll,avgrsstx.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Automaattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
    O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe

    --
    End of file - 10798 bytes
     
    Last edited: Sep 24, 2008
    jvjv, Sep 24, 2008
    #1
  2. jvjv

    jvjv Member

    Joined:
    Sep 24, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    11
    Tässä myös Malware logit:

    Malwarebytes' Anti-Malware 1.28
    Tietokantaversio: 1202
    Windows 6.0.6000

    25.9.2008 1:22:22
    mbam-log-2008-09-25 (01-22-22).txt

    Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
    Tarkistetut kohteet: 212486
    Kulunut aika: 5 hour(s), 16 minute(s), 31 second(s)

    Saastuneita muistiprosesseja: 1
    Saastuneita muistimoduuleja: 0
    Saastuneita rekisteriavaimia: 20
    Saastuneita rekisteriarvoja: 51
    Saastuneita rekisterikohteita: 0
    Saastuneita hakemistoja: 2
    Saastuneita tiedostoja: 48

    Saastuneita muistiprosesseja:
    C:\Windows\System32\YUR7438.exe (Trojan.FakeAlert) -> Unloaded process successfully.

    Saastuneita muistimoduuleja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriavaimia:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9fbee319-e540-4395-b6ee-243dce5734b1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9fbee319-e540-4395-b6ee-243dce5734b1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{aced1c9f-2718-4512-9f69-f4e28c1f484f} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aced1c9f-2718-4512-9f69-f4e28c1f484f} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{bbd343fd-c9cb-43cd-846e-a9fe0f72a978} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{91c52841-3162-496f-87b8-d44e22acd101} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{df70f9ed-2ab1-49dc-a51f-3bb28f84073c} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{54a2190f-6f53-4d30-83dd-292bc8df4f7e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54a2190f-6f53-4d30-83dd-292bc8df4f7e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\peltodgx.bxgd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\peltodgx.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

    Saastuneita rekisteriarvoja:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur7438.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur7438.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2e46.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2e46.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yurc9d1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yurc9d1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur4939.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur4939.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur982.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur982.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur87b1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur87b1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur70df.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur70df.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yurf43.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yurf43.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur724.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur90ee.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur9330.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur96ca.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur9776.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur317.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur9dd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur1f59.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2852.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yuraa92.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yurad61.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yurbaa0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yurbee6.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2ea8.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur3176.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur48b7.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur4aea.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur724.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur90ee.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur9330.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur96ca.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur9776.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur317.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur9dd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur1f59.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2852.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yuraa92.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yurad61.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yurbaa0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yurbee6.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur2ea8.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur3176.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur48b7.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur4aea.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8a7fb615 (Trojan.Vundo) -> Quarantined and deleted successfully.

    Saastuneita rekisterikohteita:
    (Haitallisia kohteita ei löydetty)

    Saastuneita hakemistoja:
    C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\MicroAV (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.

    Saastuneita tiedostoja:
    C:\Windows\system32\gceuceoj.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR7438.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR2E46.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\System32\YURC9D1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR4939.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR982.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR87B1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\emxe.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR70DF.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\System32\YURF43.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\0.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\1.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\2.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\3.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\4.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\5.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\7.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\MicroAV\MicroAV.ooo (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
    C:\Program Files\MicroAV\MicroAV0.dat (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
    C:\Program Files\MicroAV\MicroAV1.dat (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
    C:\Windows\System32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Windows\System32\1.ico (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Windows\System32\2.ico (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR90EE.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR9330.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR96CA.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR9776.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR317.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR9DD.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR1F59.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR2852.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YURAA92.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YURAD61.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YURBAA0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YURBEE6.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR2EA8.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR3176.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR48B7.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\YUR4AEA.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Windows\dfmlxbpkgls.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\x (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Users\Jirka\Desktop\Micro Antivirus 2009.lnk (Rogue.XPertAntivirus) -> Quarantined and deleted successfully.
     
    jvjv, Sep 24, 2008
    #2

Share This Page