|
| |||||||
| Inregistrare | Site-ul Spy | Lista de stat | Doneaza | Căuta | Posturi de azi | Marchează forumurile citite | Forum Regulamentul |
 |
 |
| | Thread Tools |
|
#1
16 ianuarie 2008, 12:24
| |||
| |||
| Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe asa ca am winzix descarcat de pe Internet. Da i IM prost ştiu acum. dar am şters-o şi a făcut un scanează câteva virus. utilizat AVG şi apoi Mcafee. dar am luat 2 iexplorers deschide într-meu task manager de ferestre. şi cînd i închideţi-le sau a face copac sfârşitul procesului, Matha ~ 1.exe sau RECTBO ~ 1.exe deschide doar pentru o secundă şi a redeschide iexplorers. şi apoi le închide. Da soo i dont know ce să fac. dar am văzut o mulţime de oameni de spus pentru a utiliza acest hijack. soo Heres hijack-mi acest jurnal. orice ajutor ar fi apreciat soo Logfile de HijackThis v1.99.1 Scan saved at 1:04:01, pe 1.16.2008 Platforma: Windows XP SP2 (WINNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Rularea procese: C: \ Windows \ system32 \ smss.exe C: \ Windows \ system32 \ winlogon.exe C: \ Windows \ system32 \ services.exe C: \ Windows \ system32 \ lsass.exe C: \ Windows \ system32 \ svchost.exe C: \ Windows \ system32 \ svchost.exe C: \ Program Files \ Lavasoft \ Ad-Conştient 2007 \ aawservice.exe C: \ Windows \ system32 \ Spoolsv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Windows \ system32 \ cisvc.exe C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe C: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ mcafee \ mna \ mcnasvc.exe C: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ mcafee \ mcproxy \ mcproxy.exe C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe C: \ Windows \ system32 \ MsPMSPSv.exe C: \ PROGRA ~ 1 \ mcafee.com \ agent \ mcagent.exe C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe C: \ Program Files \ MSN Messenger \ msnmsgr.exe C: \ Program Files \ Creative \ MediaSource \ Du-te \ CTCMSGo.exe C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe C: \ Program Files \ OpenOffice.org 2.3 \ program \ soffice.exe C: \ Program Files \ OpenOffice.org 2.3 \ program \ soffice.BIN C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Windows \ system32 \ svchost.exe C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE C: \ Windows \ system32 \ Ctfmon.exe C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE C: \ WINDOWS \ explorer.exe C: \ Program Files \ HijackThis \ HijackThis.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.ca/ R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Setări, ProxyOverride = localhost O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: Spybot-S & D IE Protecţia - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O2 - BHO: scriptproxy - (7DB2D5A0-7241-4E79-B68D-6309F01C5231) - C: \ Program Files \ McAfee \ VirusScan \ scriptsn.dll O2 - BHO: Windows Live Sign-in-Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar2.dll O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalează \ cpn \ yt.dll O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [mcagent_exe] C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe / runkey O4 - HKLM \ .. \ Run: [KernelFaultCheck]% systemroot% \ system32 \ dumprep 0-k O4 - HKLM \ .. \ Run: [Bend logo-ul de Film de ceas] C: \ Documents and Settings \ All Users \ Application Data \ Frag Great Bend logo-ul \ patru tick.exe O4 - HKCU \ .. \ Run: [trustlive] C: \ DOCUME ~ 1 \ DANIEL ~ 1 \ apli ~ 1 \ RECTLO ~ 1 \ Math Mags.exe O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / fundal O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [Creative MediaSource Du-te] C: \ Program Files \ Creative \ MediaSource \ Du-te \ CTCMSGo.exe / sys O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe O4 - Startup: OpenOffice.org 2.3.lnk = C: \ Program Files \ OpenOffice.org 2.3 \ program \ quickstart.exe O8 - Extra context menu item: & Google Search - res: / / C: \ Program Files \ Google \ GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: înapoi Link-uri - res: / / C: \ Program Files \ Google \ GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot de Page - res: / / C: \ Program Files \ Google \ GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E & xportaţi la Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ milionimi ~ 3 \ OFFICE11 \ EXCEL.EXE/3000 O8 - Extra context menu item: Pagini similare - res: / / C: \ Program Files \ Google \ GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: traduce în engleză - res: / / C: \ Program Files \ Google \ GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ milionimi ~ 3 \ OFFICE11 \ REFIEBAR.DLL O9 - Extra buton: UltimateBet - (94148DB5-B42D-4915-95DA-2CBB4F7095BF) - C: \ Program Files \ UltimateBet \ UltimateBet.exe O9 - Extra 'Tools' MENUITEM: UltimateBet - (94148DB5-B42D-4915-95DA-2CBB4F7095BF) - C: \ Program Files \ UltimateBet \ UltimateBet.exe O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O9 - Extra button: Yahoo! Messenger - (E5D12C4E-7B4F-11D3-B5C9-0050045C3C96) - C: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ YPager.exe O9 - Extra 'Tools' MENUITEM: Yahoo! Messenger - (E5D12C4E-7B4F-11D3-B5C9-0050045C3C96) - C: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ YPager.exe O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O11 - Options group: [INTERNATIONAL] International * O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ Windows \ system32 \ WPDShServiceObj.dll O23 - Service: Ad-Conştient 2007 Service (aawservice) - Lavasoft AB - C: \ Program Files \ Lavasoft \ Ad-Conştient 2007 \ aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: ATI Smart - Unknown owner - C: \ Windows \ system32 \ ati2sgag.exe (fişierul lipseşte) O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe O23 - Service: McAfee reţelei de agent (McNASvc) - McAfee, Inc - C: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ mcafee \ mna \ mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc - C: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ mcafee \ mcproxy \ mcproxy.exe O23 - Service: McAfee de scanare în timp real (McShield) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc - C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe |
|
#2
16 ianuarie 2008, 13:02
| |||
| |||
| Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe Bine ati venit la TCF. Să vedem dacă putem vindeca acest lucru. Vă rugăm să descărcaţi OTMoveIt2 de Oldtimer OTMoveIt2.exe şi salvaţi-l pe desktop. Nu folosiţi-o încă. --------------- Deschide HijackThis şi selectaţi Fă-un sistem de scanare numai apoi puneţi un semn de selectare lângă: O4 - HKLM \ .. \ Run: [Bend logo-ul de Film de ceas] C: \ Documents and Settings \ All Users \ Application Data \ Frag Great Bend logo-ul \ patru tick.exe O4 - HKCU \ .. \ Run: [trustlive] C: \ DOCUME ~ 1 \ DANIEL ~ 1 \ apli ~ 1 \ RECTLO ~ 1 \ Math Mags.exe Închideţi toate ferestrele cu excepţia HijackThis şi faceţi clic pe Fix verificate Exit Hijackthis. --------------- Faceţi dublu clic OTMoveIt2.exe de a lansa o. Asiguraţi-vă că există un semn de selectare de lângă Unregister dll si ocx's
C: \ DOCUME ~ 1 \ DANIEL ~ 1 \ apli ~ 1 \ RECTLO ~ 1 \ Math Mags.exe
--------------- Next post, vă rugăm să adăugaţi OTMoveIt jurnal
__________________  |
|
#3
16 ianuarie 2008, 13:06
| |||
| |||
| Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll Este geniune dvs. de Windows?? Editare: Evilfantasy bate si pe mine aceasta |
|
#4
16 ianuarie 2008, 14:01
| |||
| |||
| Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe YAY!!!! IM destul de sigur a mers. mulþumiri foarte mult, dar eu sunt un pic perturbată de nu a reuşit mutat fişierul. Muta fişiere nu a reuşit. C: \ Documents and Settings \ All Users \ Application Data \ Frag Great Bend logo-ul \ patru tick.exe programate pentru a fi mutat pe reboot. C: \ DOCUME ~ 1 \ DANIEL ~ 1 \ apli ~ 1 \ RECTLO ~ 1 \ Math Mags.exe mutat cu succes. OTMoveIt2 v1.0.7 log create pe 01162008_145132 EDIT: IM destul de sigur că meu ferestre este autentic, i luat obiceiul meu comp făcut cu câţiva ani în spate |
|
#5
16 ianuarie 2008, 14:05
| |||
| |||
| Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe Ai reboot? Avem încă mai trebuie să facă ceva mai mult. De obicei, zonele infectate care arată sunt doar vârful a problemei. Să asiguraţi-vă că totul este plecat. Descărca SUPERAntispyware Free Edition (SAS)
A alerga un Hijackthis nouă de scanare şi post pe care, de asemenea, jurnal. --------------- Înainte post SuperAntispyware jurnal New Hijackthis jurnal
__________________ |
|
#6
17 ianuarie 2008, 02:28
| |||
| |||
| Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe Hei, hei, Imi pare rau a luat atât de mult. Eu a trebuit sa lucreze imediat dupa ultimul meu post. dar Heres jurnalele!!! Hijack acest jurnal Logfile de HijackThis v1.99.1 Scan saved at 3:26:25, pe 1.17.2008 Platforma: Windows XP SP2 (WINNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Rularea procese: C: \ Windows \ system32 \ smss.exe C: \ Windows \ system32 \ winlogon.exe C: \ Windows \ system32 \ services.exe C: \ Windows \ system32 \ lsass.exe C: \ Windows \ system32 \ svchost.exe C: \ Windows \ system32 \ svchost.exe C: \ Program Files \ Lavasoft \ Ad-Conştient 2007 \ aawservice.exe C: \ Windows \ system32 \ Spoolsv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Windows \ system32 \ cisvc.exe C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe C: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ mcafee \ mna \ mcnasvc.exe C: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ mcafee \ mcproxy \ mcproxy.exe C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe C: \ Windows \ system32 \ MsPMSPSv.exe C: \ WINDOWS \ Explorer.exe C: \ Windows \ system32 \ Ctfmon.exe C: \ PROGRA ~ 1 \ mcafee.com \ agent \ mcagent.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe C: \ Program Files \ Creative \ MediaSource \ Du-te \ CTCMSGo.exe C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe C: \ Program Files \ OpenOffice.org 2.3 \ program \ soffice.exe C: \ Program Files \ OpenOffice.org 2.3 \ program \ soffice.BIN C: \ Windows \ system32 \ wuauclt.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ BitComet \ BitComet.exe C: \ Program Files \ HijackThis \ sniper.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.ca/ R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Setări, ProxyOverride = localhost O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: Spybot-S & D IE Protecţia - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O2 - BHO: scriptproxy - (7DB2D5A0-7241-4E79-B68D-6309F01C5231) - C: \ Program Files \ McAfee \ VirusScan \ scriptsn.dll O2 - BHO: Windows Live Sign-in-Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar2.dll O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalează \ cpn \ yt.dll O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [mcagent_exe] C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe / runkey O4 - HKLM \ .. \ Run: [KernelFaultCheck]% systemroot% \ system32 \ dumprep 0-k O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / fundal O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [Creative MediaSource Du-te] C: \ Program Files \ Creative \ MediaSource \ Du-te \ CTCMSGo.exe / sys O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe O4 - Startup: OpenOffice.org 2.3.lnk = C: \ Program Files \ OpenOffice.org 2.3 \ program \ quickstart.exe O8 - Extra context menu item: & Google Search - res: / / C: \ Program Files \ Google \ GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: înapoi Link-uri - res: / / C: \ Program Files \ Google \ GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot de Page - res: / / C: \ Program Files \ Google \ GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E & xportaţi la Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ milionimi ~ 3 \ OFFICE11 \ EXCEL.EXE/3000 O8 - Extra context menu item: Pagini similare - res: / / C: \ Program Files \ Google \ GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: traduce în engleză - res: / / C: \ Program Files \ Google \ GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ milionimi ~ 3 \ OFFICE11 \ REFIEBAR.DLL O9 - Extra buton: UltimateBet - (94148DB5-B42D-4915-95DA-2CBB4F7095BF) - C: \ Program Files \ UltimateBet \ UltimateBet.exe O9 - Extra 'Tools' MENUITEM: UltimateBet - (94148DB5-B42D-4915-95DA-2CBB4F7095BF) - C: \ Program Files \ UltimateBet \ UltimateBet.exe O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O9 - Extra button: Yahoo! Messenger - (E5D12C4E-7B4F-11D3-B5C9-0050045C3C96) - C: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ YPager.exe O9 - Extra 'Tools' MENUITEM: Yahoo! Messenger - (E5D12C4E-7B4F-11D3-B5C9-0050045C3C96) - C: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ YPager.exe O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O11 - Options group: [INTERNATIONAL] International * O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ Windows \ system32 \ WPDShServiceObj.dll O23 - Service: Ad-Conştient 2007 Service (aawservice) - Lavasoft AB - C: \ Program Files \ Lavasoft \ Ad-Conştient 2007 \ aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: ATI Smart - Unknown owner - C: \ Windows \ system32 \ ati2sgag.exe (fişierul lipseşte) O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe O23 - Service: McAfee reţelei de agent (McNASvc) - McAfee, Inc - C: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ mcafee \ mna \ mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc - C: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ mcafee \ mcproxy \ mcproxy.exe O23 - Service: McAfee de scanare în timp real (McShield) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc - C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe şi Heres jurnalul meu SUPERspyware SUPERAntiSpyware Scan Log http://www.superantispyware.com AM Generated 01.17.2008 la 03:11 Application Version: 3-9-1008 Reguli de bază pentru baze de date Version: 3381 Trace Regulamentul Database Version: 1375 Scan type: Complete Scan Total Scan Ora: 04:41:27 Elemente de memorie scanate: 544 Memorie ameninţările detectate: 0 Elementele de registry scanate: 5928 Registrul ameninţările detectate: 0 Elemente Fişier scanate: 173662 Ameninţările File detectate: 71 Adware.Tracking Cookie C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@www.findagrave Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ clicksor [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight@ontarget.122.2o7 [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ eyewonder [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight @ PartyPoker [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ TOPlist [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ Daniel knight@highbeam.122.2o7 [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ Daniel knight@msnportal.112.2o7 [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@counter.inkfrog Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@community.finditquick Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight@eas.apm.emediate [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ atwola [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@ads.adengage Daniel [3]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight@ads.vlaze [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@ads.str8up Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight@adopt.euroclick [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ Overture [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight @ tacoda [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ pitchforkmedia [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight @ azjmp [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@try.starware Daniel [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ adinterax [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ Daniel knight@nhl.112.2o7 [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@ylwbook.findlinks Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@www.epilot Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight @ adultfriendfinder [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ Daniel knight@mcclatchy.112.2o7 [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@servedby.adorigin Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ cgi-bin [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@roi.admarketplace Daniel [1]. Txt C: \ şi Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ adcentriconline [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@ads.tnt Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight @ 2o7 [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ clicktorrent [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@richmedia.yahoo Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ HTML [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ findagrave [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ adorigin [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight@partygaming.122.2o7 [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ windowsmedia [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@2.go.globaladsales Daniel [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ 2o7 [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@ad1.clickhype Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ adinterax [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@ads.adengage Daniel [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@ads.realtechnetwork Daniel [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@bridge.admarketplace Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ Daniel knight@buzznet.112.2o7 [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ cpvfeed [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ Sectiuni [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ spori [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@h.starware Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ interclick [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ localhelpfinder [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ Daniel knight@nhl.112.2o7 [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ optimost [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ PartyPoker [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@publishers.clickbooth Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ smileycentral [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ tacoda [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@tremor.adbureau Daniel [2]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ Daniel knight@waterfrontmedia.112.2o7 [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@www.dealtime Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@www.geeksfind Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ knight@www.popundersupply Daniel [1]. Txt C: \ Documents and Settings \ Daniel Knight \ Cookies \ cavaler Daniel @ xiti [1]. Txt Adware.Search2Find C: \ SYSTEM VOLUM INFORMAŢII \ _Restore (9ABC731F-C847-4CA4-821A-E6D2ED1D4D39) \ RP565 \ A0305240.EXE Trojan.Downloader-ConHook C: \ WINDOWS \ System32 \ DDAYA.EXE Trojan.Downloader-Gen/BigTkt C: \ WINDOWS \ System32 \ DRVSIPR.DLL Varianta Adware.Vundo / Rel C: \ WINDOWS \ System32 \ TSTWA.BAK1 Adware.Lop DOCUMENTE C: \ _OTMOVEIT \ MOVEDFILES \ 01162008_145132 \ and Settings \ All Users \ Application Data \ frag Great Bend LOGO \ PATRU TICK.EXE |
|
#7
17 ianuarie 2008, 09:00
| |||
| |||
| Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe Buşteni arata bine acum. Cum este calculator? Timpul de a face unele curăţare şi sigure de munca pe care le-aţi făcut.
Să pleci de programe pe care le-am fost folosit pentru a pune în computerul dumneavoastră, acestea nu sunt adecvate pentru general al malware-ului îndepărtarea şi ar putea provoca daune dacă lansat accidental. Vă rugăm să descărcaţi OTMoveIt2 de Oldtimer OTMoveIt2.exe şi puneţi-l pe desktop. 1. Faceţi dublu clic OTMoveIt2.exe de a lansa o. 2. Click pe CleanUp! buton. 3. OTMoveIt2 va descărca o listă de pe Internet, în cazul în firewall sau alte programe de aparare alerte tine, îi permit accesul. 4. Faceţi clic pe YES la următoarea prompt (lista de descarcat, vrei, pentru a începe procesul de curăţare?)
Check out Păstrarea-te în siguranţă pe Internet pentru sfaturi şi instrumente gratuite, pentru a vă oferi siguranţă în viitor. De asemenea, a se vedea Slow Computer? Este posibil să nu fie Malware gratuit de curăţare / unelte de întreţinere pentru a vă păstra calculatorul să ruleze fără probleme. Lasă-mă să ştiu cum tot ce este acum.
__________________ |
|
#8
17 ianuarie 2008, 23:52
| |||
| |||
| Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe Am făcut totul ok, dar am putut face thingy Combixfix. se spune ferestre cant găsi. şi am făcut OTMoveIt2, şi din nou, ea a spus nu, o va face la pornire, dar it doesnt lansa pe de pornire I s-ar arăta u jurnalul. dar am eliminat cam prins cuz i speriat cînd u a spus cineva ar putea şterge accidental ceva pe meu compact cu ea. hohot de râs EDIT: Oh ya meu calculator este reveni la normal acum, dar se întâmplă IM pentru a verifica aruncat calculator lent, nu poate fi thread malware-ului BTW THANKS A LOT SĂ AWESOME persoană de Awesomeness |
|
#9
17 ianuarie 2008, 23:55
| |||
| |||
| Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe Nici o problemă Sunt sigur că totul este bine. Este computer care execută încă OK?
__________________ |
|
| |
| Marcaje |
Similar Threads | ||||
| Fir | Thread Starter | Forum | Răspunsurile | Ultimul mesaj |
| Iexplorer Bad image-HELPPPP Vă rugăm să | soupman23 | Nume, Spyware & Securitate | 11 | 29 decembrie 2008 00:52 |
| Iexplorer.exe virus - te rog ajută-mă!! | Giant Panda | Nume, Spyware & Securitate | 2 | 6 octombrie 2008 14:55 |
| IEXPLORER.EXE virus pls revizuire hijack log | nitingaur | Nume, Spyware & Securitate | 15 | 22 Sep 2008 16:40 |
| Sunt obtinerea bone.exe virus pentru meu iexplorer | damandg | Nume, Spyware & Securitate | 12 | 14 iulie 2008 14:31 |
| Iexplorer.exe virus | iuboy2006 | Nume, Spyware & Securitate | 9 | 26 martie 2008 08:12 |
| Thread Tools | |
| |
