viruksia ja haittaohjelmia koneella

voisiko joku opastaa tyhmempää kun kaspersky online scanner löysi koneeltani RiskTool.Win32.Reboot.f ja jotain muuta roinaa mutta oma virus ohjelma ei löydä enkä täten saa niitä poistettua..
SUURET KIITOKSET JO ETUKÄTEEN VAIVAN NÄÖSTÄ!!!

 

moi!
oletko käyttänyt koneessa Smitfraudfixiä ??
Kaspersky tunnistaa Smitfraud fixin RiskTool.Win32.Reboot.f :s

 

olen käyttänyt kerran mutta se kaspersky löysi myös jonkun viiruksen ja kolme jotain muuta

 

jos säästit kasperskyn loki niin lähetä se tänne

 

en mutta jos skannaan koneen uudelleen ja tallennan sen ni laitan sen tänne mahdollisimman pian ja kiitokset että vaivauduit

 

Tässä olis tää skannaus logi!

KASPERSKY ONLINE SCANNER REPORT
Saturday, September 29, 2007 9:29:09 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 29/09/2007
Kaspersky Anti-Virus database records: 425176


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target Folders
C:\

Scan Statistics
Total number of scanned objects 98762
Number of viruses found 1
Number of infected objects 4
Number of suspicious objects 0
Duration of the scan process 01:59:13

Infected Object Name Virus Name Last Action
C:\21fa84f14665806204f8\msxml4-KB927978-enu.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log Object is locked skipped

C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_1914945827_1245184_4475 Object is locked skipped

C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_1914945827_9437184_2878 Object is locked skipped

C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE2.tmp Object is locked skipped

C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE3.tmp Object is locked skipped

C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{6CD7C04F-2B45-45DB-9375-52D5F23A5370}.TmpSBE Object is locked skipped

C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{C9361294-6AEC-40C5-A847-C4C911ECE7D0}.TmpSBE Object is locked skipped

C:\Documents and Settings\All Users\DRM\drmstore.hds Object is locked skipped

C:\Documents and Settings\HP_Administrator\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_219.wmdb Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Messenger\ananias250@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Messenger\ananias250@hotmail.com\SharingMetadata\pending.dat Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Messenger\ananias250@hotmail.com\SharingMetadata\Working\database_2E29_3BB1_7223_C123\dfsr.db Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Messenger\ananias250@hotmail.com\SharingMetadata\Working\database_2E29_3BB1_7223_C123\fsr.log Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Messenger\ananias250@hotmail.com\SharingMetadata\Working\database_2E29_3BB1_7223_C123\fsrtmp.log Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Messenger\ananias250@hotmail.com\SharingMetadata\Working\database_2E29_3BB1_7223_C123\tmp.edb Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Windows Live Contacts\ananias250@hotmail.com\real\members.stg Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Windows Live Contacts\ananias250@hotmail.com\shadow\members.stg Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\History\History.IE5\MSHist012007092920070930\index.dat Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Perflib_Perfdata_2b4.dat Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Perflib_Perfdata_d60.dat Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Temp\~DFADB0.tmp Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Temp\~DFADE5.tmp Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Temp\~DFB8C1.tmp Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Temp\~DFB8DA.tmp Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\HP_Administrator\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\HP_Administrator\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\HP_Administrator\UserData\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Nero\Nero8\Nero BackItUp\BIU1.txt Object is locked skipped

C:\Program Files\PokerStars\Notes.txt Object is locked skipped

C:\Program Files\PokerStars\PokerStars.log.0 Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP24\A0008166.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP24\A0008177.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP24\A0008177.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP24\A0008177.exe RarSFX: infected - 2 skipped

C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP41\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{63DFB875-29EE-4BFA-9CDB-7CD8E9611058}.crmlog Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped

C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped

C:\WINDOWS\system32\config\OSession.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Tasks\SCHEDLGU.TXT Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

 

Ok ne örkit on kaikki järjestelmän palautuksessa
ja se yksi niistä on just se smitfraudfixi
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP24\A0008177.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped


Putsaa järjestelmän palautus:
1. Klikkaa oikealla käynnistävalikon My Computer- tai oma tietokone-kuvaketta
2. Valitse Properties/ominaisuudet
3. Valitse System Restore/järjestelmän palauttaminen välilehti
4. Valitse "Turn off System Restore"/poista järjestelmän palauttaminen kaikissa asemissa
5. Paina Apply/käytä
6. Paina OK
7. Käynnistä kone uudelleen
8. Palauta asetukset takaisin

 

Tuhannet kiitokset tästä!!!

olisi vielä yksi kysymys mahdatko tietää mikä on kun kone uudelleen-
käynnistyy ja sen jälkeen tulee teksti (kernel fault check systemroot
system32 dumprep 0 -k)? jos et niin koitan löytää täältä sivuilta vastaavuuksia ja vielä kerran kiitokset welho

 

moi
pitäis pystyä poistaa käynnistyksestä tätä kautta

Mene Käynnistä --> Suorita -->kirjoita msconfig -->valitse välilehti Käynnistys
ota täppi pois seuraavan ohjelman edestä
kernel fault check systemroot system32 dumprep 0 -k)

Paina Käytä ja sitten Sulje
Käynnistä kone uudelleen jonka jälkeen tulee ilmoitus ruutu(en muista mitä siinä lukee )
Siihen laita raksi/täppi ruutuun ja paina OK

 

ei löydy sellaista kuin kernel fault check listalt ollenkaan

 

ok ei se haittaa tai tuleeko se joka käynnistyksen yhteydessä

 

ei onneksi joka kerta mutta jos se ei oo mikään vakava juttu ni ei sillä oo niinkään väliä..
kiitokset ja hywää syksyn jatkoa sulle!!!