Iexplore.exe vīruss

kfarns00 · #1 Decembris 4, 2007, 11:10

Hi guys,
Man izskatījās apmēram šajā forumā, un daudzām citām vietām, meklējot risinājumu, lai mana problēma. Esmu sastapties daži atšķirīgi pavedieni par šo vīrusu, tāpēc atvainojamies par to, jaunu, bet es mēģināju noteikts iepriekš minētajos un nesaņēma nekādu tuvāk, lai atbrīvotos no šī lieta.
Kad atvērt uzdevumu pārvaldnieku, ir 2 "iexplore.exe" procesi darbojas, parasti izmanto aptuveni 10.000 K mem, bet otrs ir parasti ap 40.000 K. Šie procesi ir tur, lai gan es neesmu, izmantojot Internet Explorer. Ja es mēģinu izbeigt šos procesus, tie automātiski atgriežas. Es esmu arī kļūst Internet Explorer logus ik pēc dažām minūtēm, kuru es esmu pieņemot, ka tas rada.

Anyway, šeit ir mana HijackThis log.

Logfile of HijackThis v1.99.1
Scan saglabāts 2:08:19, par 12/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running procesiem:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ UAService7.exe
C: \ Windows \ Explorer.exe
C: \ WINDOWS \ system32 \ RUNDLL32.EXE
C: \ WINDOWS \ RTHDCPL.EXE
C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ ISUSPM.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Microsoft Office \ Office11 \ WINWORD.EXE
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ MSN Messenger \ msnmsgr.exe
C: \ Program Files \ MSN Messenger \ livecall.exe
C: \ Program Files \ MSN Messenger \ usnsvc.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ HijackThis \ HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - (39F7E362-828A-4B5A-BCAF-5B79BFDFEA60) - C: \ Program Files \ BitComet \ Tools \ BitCometBHO_1.1.7.4.dll
O2 - BHO: (no name) - (53.707.962-6F74-2D53-2.644-206D7942484F) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [SkyTel] SkyTel.EXE
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [LogonStudio] "C: \ Program Files \ WinCustomize \ LogonStudio \ logonstudio.exe" / RANDOM
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [ķermeņa drošs līdzeklis drv] C: \ Documents and Settings \ All Users \ Application Data \ aktīvi pārvietotos ķermeņa droši \ plašsaziņas bone.exe
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimāla
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ MSN Messenger \ MsnMsgr.Exe" / background
O4 - HKCU \ .. \ Run: [Yahoo! Peidžeri] "C: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe"-kluss
O4 - HKCU \ .. \ Run: [JoyAxis] C: \ DOCUME ~ 1 \ KENFAR ~ 1 \ Applic ~ 1 \ USERFL ~ 1 \ Vc cool.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [ISUSPM] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ ISUSPM.exe"-plānotājs
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ reader_sl.exe
Ø8 - ārpus konteksta menu item: & D & ownload & ar BitComet - res: / / C: \ Program Files \ BitComet \ BitComet.exe / AddLink.htm
Ø8 - ārpus konteksta menu item: & D & ownload visi video ar BitComet - res: / / C: \ Program Files \ BitComet \ BitComet.exe / AddVideo.htm
Ø8 - ārpus konteksta menu item: & D & ownload visiem BitComet - res: / / C: \ Program Files \ BitComet \ BitComet.exe / AddAllLink.htm
Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office11 \ EXCEL.EXE/3000
Ø9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
Ø9 - Extra button: BitComet Search - (461CC20B-FB6E-4f16-8FE8-C29359DB100E) - C: \ Program Files \ BitComet \ Tools \ BitCometBHO_1.1.7.4.dll
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office11 \ REFIEBAR.DLL
Ø9 - Extra button: Yahoo! Messenger - (E5D12C4E-7B4F-11D3-B5C9-0050045C3C96) - C: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe
Ø9 - Extra 'Tools' MENUITEM: Yahoo! Messenger - (E5D12C4E-7B4F-11D3-B5C9-0050045C3C96) - C: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe
Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø16 - DPF: (00B71CFB-6.864-4.346-A978-C0A14556272C) (Dambrete klase) -- http://messenger.zone.msn.com/binary...r.cab31267.cab
Ø16 - DPF: (20A60F0D-9AFA-4.515-A0FD-83BD84642501) (Dambrete klase) -- http://messenger.zone.msn.com/binary...r.cab56986.cab
Ø16 - DPF: (30.528.230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter klase) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
Ø16 - DPF: (4F1E5B1A-2A80-42CA-8.532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx1.mail.live.com/mail/w1/re...s/MSNPUpld.cab
Ø16 - DPF: (5F8469B4-B055-49DD-83F7-62B522420ECC) (Facebook Photo Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
Ø16 - DPF: (8E0D4DE5-3.180-4.024-A327-4DFAD1796A8D) (MessengerStatsClient klase) -- http://messenger.zone.msn.com/binary...t.cab31267.cab
Ø16 - DPF: (BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://www.shockwave.com/content/din...g.1.0.0.33.cab
Ø16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient klase) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444.553.540.000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
Ø16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.shockwave.com/content/bej...loader_v10.cab
Ø16 - DPF: (F04A8AE2-A59D-11D2-8.792-00C04F8EF29D) (Hotmail Pielikumi Control) -- http://by111fd.bay111.hotmail.msn.co...x/HMAtchmt.ocx
O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
Ø20 - Winlogon Paziņot: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
O23 - Service: Creative dienests CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1.050 \ Intel 32 \ IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Remote Packet Capture protokols v.0 (eksperimentālās) (rpcapd) - Unknown īpašnieks -% programfiles% \ WinPcap \ rpcapd.exe "-d-f"% programfiles% \ WinPcap \ rpcapd.ini (file missing)
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown īpašnieks - C: \ WINDOWS \ system32 \ UAService7.exe

**evilfantasy** · #2 Decembris 4, 2007, 12:22

Welcome to TCF.

Divi jautājumi, pirms mēs turpinām.

1. Kāpēc ir ne antivīruss darbojas?

2. Vai jums ir Windows firewall ieslēgts?

kfarns00 · #3 Decembris 4, 2007, 12:45

Windows ugunsmūris ir ieslēgts, un I dont ir anti-virus šeit tieši tagad (slikti, es zinu)

**evilfantasy** · #4 Decembris 4, 2007, 12:55

Labi, pirmais aiziet un lejupielādēt un instalēt Avast! 4 Free Home Edition no Šo saiti

Post atpakaļ, ja tas ir uzstādīts.

Neskrien skenēšanu yet.

kfarns00 · #5 Decembris 4, 2007, 13:19

ok, tā ir uzstādīta.

**evilfantasy** · #6 Decembris 4, 2007, 13:27

Enable apskati Hidden System Files & Folders

1. Right Click Sākums.
2. Izvēlēties Control Panel.
3. Izvēlieties Rīki izvēlne un noklikšķiniet uz Folder Options.
4. Izvēlieties View Tab.
5. Zem Slēptie faili un mapes virsraksta izvēlētos Rādīt slēptos failus un mapes.
6. Neatķeksējiet Paslēpt paplašinājumus zināmo failu tipu izvēle.
7. Neatķeksējiet Paslēpt aizsargātos operētājsistēmas failus (ieteicams) iespēju.
8. Click Lietot.
9. Click Labi.

--------------------

1. Reboot vērā Safe Mode

* Iekļūt Safe Mode. Restart PC, un tā kā dators ir booting sākums uzsitot "F8 Key".
* Izmantojiet bultiņu taustiņus, lai pārvietotos uz "Safe Mode" un nospiediet Enter taustiņu.

2. Open HijackThis un izvēlieties Vai sistēmas skenēšanu tikai un pēc tam ievietojiet atzīmi blakus:

O4 - HKLM \ .. \ Run: [ķermeņa drošs līdzeklis drv] C: \ Documents and Settings \ All Users \ Application Data \ aktīvi pārvietotos ķermeņa droši \ plašsaziņas bone.exe
O4 - HKCU \ .. \ Run: [JoyAxis] C: \ DOCUME ~ 1 \ KENFAR ~ 1 \ Applic ~ 1 \ USERFL ~ 1 \ Vc cool.exe

Tagad noklikšķiniet uz Labot pārbaudīt.

3. Veiciet dubultklikšķi uz My Computer uz galda un izvietot šādus failus / mapes un izdzēst tos (ja ir)

C: \ WINDOWS \ system32 \ cool.exe

C: \ Documents and Settings \ KENFAR ~ 1 \ Application Data \ USERFL ~ 1 \ Vc cool.exe ( ~ 1 ir ceļš saīsinājums)

C: \ Documents and Settings \ All Users \ Application Data \ aktīvi pārvietotos ķermeņa droši \ plašsaziņas bone.exe

C: \ WINDOWS \ system32 \ plašsaziņas bone.exe

Reboot parastām boot režīmā.

--------------------

Atinstalēt kopiju HijackThis jums ir un instalēt jaunu versiju Šo saiti

Tad pēc jaunā HijackThis log.

kfarns00 · #7 Decembris 4, 2007, 13:40

Logfile of Trend Micro HijackThis v2.0.2
Scan saglabāts 4:40:27, par 12/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running procesiem:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
C: \ Windows \ Explorer.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ WINDOWS \ system32 \ RUNDLL32.EXE
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ WINDOWS \ system32 \ CTsvcCDA.exe
C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ WINDOWS \ system32 \ UAService7.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ ISUSPM.exe
C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe
C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ reader_sl.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - (39F7E362-828A-4B5A-BCAF-5B79BFDFEA60) - C: \ Program Files \ BitComet \ Tools \ BitCometBHO_1.1.7.4.dll
O2 - BHO: (no name) - (53.707.962-6F74-2D53-2.644-206D7942484F) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [SkyTel] SkyTel.EXE
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [LogonStudio] "C: \ Program Files \ WinCustomize \ LogonStudio \ logonstudio.exe" / RANDOM
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimāla
O4 - HKLM \ .. \ Run: [Avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ MSN Messenger \ MsnMsgr.Exe" / background
O4 - HKCU \ .. \ Run: [Yahoo! Peidžeri] "C: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe"-kluss
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [ISUSPM] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ ISUSPM.exe"-plānotājs
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ reader_sl.exe
Ø8 - ārpus konteksta menu item: & D & ownload & ar BitComet - res: / / C: \ Program Files \ BitComet \ BitComet.exe / AddLink.htm
Ø8 - ārpus konteksta menu item: & D & ownload visi video ar BitComet - res: / / C: \ Program Files \ BitComet \ BitComet.exe / AddVideo.htm
Ø8 - ārpus konteksta menu item: & D & ownload visiem BitComet - res: / / C: \ Program Files \ BitComet \ BitComet.exe / AddAllLink.htm
Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office11 \ EXCEL.EXE/3000
Ø9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
Ø9 - Extra button: BitComet Search - (461CC20B-FB6E-4f16-8FE8-C29359DB100E) - C: \ Program Files \ BitComet \ Tools \ BitCometBHO_1.1.7.4.dll
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office11 \ REFIEBAR.DLL
Ø9 - Extra button: Yahoo! Messenger - (E5D12C4E-7B4F-11D3-B5C9-0050045C3C96) - C: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe
Ø9 - Extra 'Tools' MENUITEM: Yahoo! Messenger - (E5D12C4E-7B4F-11D3-B5C9-0050045C3C96) - C: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe
Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø16 - DPF: (00B71CFB-6.864-4.346-A978-C0A14556272C) (Dambrete klase) -- http://messenger.zone.msn.com/binary...r.cab31267.cab
Ø16 - DPF: (20A60F0D-9AFA-4.515-A0FD-83BD84642501) (Dambrete klase) -- http://messenger.zone.msn.com/binary...r.cab56986.cab
Ø16 - DPF: (30.528.230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter klase) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
Ø16 - DPF: (4F1E5B1A-2A80-42CA-8.532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx1.mail.live.com/mail/w1/re...s/MSNPUpld.cab
Ø16 - DPF: (5F8469B4-B055-49DD-83F7-62B522420ECC) (Facebook Photo Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
Ø16 - DPF: (8E0D4DE5-3.180-4.024-A327-4DFAD1796A8D) (MessengerStatsClient klase) -- http://messenger.zone.msn.com/binary...t.cab31267.cab
Ø16 - DPF: (BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://www.shockwave.com/content/din...g.1.0.0.33.cab
Ø16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient klase) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444.553.540.000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
Ø16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.shockwave.com/content/bej...loader_v10.cab
Ø16 - DPF: (F04A8AE2-A59D-11D2-8.792-00C04F8EF29D) (Hotmail Pielikumi Control) -- http://by111fd.bay111.hotmail.msn.co...x/HMAtchmt.ocx
O23 - Service: Avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: Avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: Avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
O23 - Service: Avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
O23 - Service: Creative dienests CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1.050 \ Intel 32 \ IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Remote Packet Capture protokols v.0 (eksperimentālās) (rpcapd) - CACE Technologies - C: \ Program Files \ WinPcap \ rpcapd.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown īpašnieks - C: \ WINDOWS \ system32 \ UAService7.exe

--
End of failu - 7.759 bytes

**evilfantasy** · #8 Decembris 4, 2007, 13:53

Log izskatās naudas sodu, kā tiek dators tagad?

kfarns00 · #9 Decembris 4, 2007, 14:15

Tā darbojas liels tagad. iexplore.exe uzdevumi nav atgriezies, man nav bijis nekādu logus, un šķiet, ka tas darbojas nedaudz ātrāk tagad too.
thanks lot par help! pēc tam, kad skatos uz dienas, lai uzzinātu, kā tikt vaļā no šī, varat atrisināt to nav laika haha, paldies vēlreiz

**evilfantasy** · #10 Decembris 4, 2007, 14:26

Nekādu problēmu.

Jums vajadzētu vadīt virus scan tagad, Avast ir instalēta.
Arī lejupielādēt un palaist Superantispyware (SAS) SUPERAntispyware Free Edition lai pārliecinātos, nekas cits nav tur, ka HijackThis nevarēja atrast.

Check out free instrumenti šo ziņu

Drošu sērfošanu ........