mindre egenkapital

Magazine
Go Back   Computer Juice > Computer Software > Virus, Spyware & Sikkerhed
Reload this Page

Iexplorer.exe virus

Registrer Site Spy Medlem List Donate Søgning Dagens Stillinger Mark Forums Read Forum Regler

Register


 Default 

Iexplorer.exe virus




Reply
 
Thread Tools
  #1  
Old 25 marts 2008, 10:06
Ny Medlem Gruppen
  
Default Iexplorer.exe virus

Hej,
Jeg har bemærket, pop-ups begyndte popping op næsten hvert par minutter på min computer. Jeg bemærkede i Jobliste, at der er normalt tre iexplorer.exe opgaver hele tiden åben. Jeg har prøvet flere anti-virus og anti-spyware-programmer, og intet synes at slippe af med det. Jeg har lige taget en log med kapre denne ...... kan nogen hjælpe?

Tak så meget!

Logfile af Trend Micro HijackThis v2.0.2
Scan gemt på 1:10:32 PM, den 3/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Kørende processer:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programmer \ McAfee \ Administreret VirusScan \ VScan \ EngineServer.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Programmer \ McAfee \ Administreret VirusScan \ Agent \ myAgtSvc.exe
C: \ Programmer \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ PROGRA ~ 1 \ McAfee \ MANAGE ~ 1 \ VScan \ McShield.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Programmer \ Cyberlink \ PowerDVD \ DVDLauncher.exe
C: \ Programmer \ Common Files \ InstallShield \ UpdateService \ issch.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Programmer \ Adobe \ Photoshop Album Starter Edition \ 3.0 \ Apps \ apdproxy.exe
C: \ Programmer \ Brother \ ControlCenter2 \ brctrcen.exe
C: \ Programmer \ McAfee \ Administreret VirusScan \ Agent \ myAgtTry.exe
C: \ Programmer \ Analog Devices \ Core \ smax4pnp.exe
C: \ Programmer \ QuickTime \ qttask.exe
C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programmer \ Internet Explorer \ IEXPLORE.EXE
C: \ Programmer \ Internet Explorer \ IEXPLORE.EXE
C: \ Programmer \ Messenger \ msmsgs.exe
C: \ Programmer \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe
C: \ Programmer \ DNA \ btdna.exe
C: \ Programmer \ Microsoft Outlook \ Office11 \ Outlook.exe
C: \ Programmer \ Internet Explorer \ iexplore.exe
C: \ Programmer \ McAfee \ Administreret VirusScan \ Agent \ UpdDlg.exe
C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.0 \ Windows Communication Foundation \ infocard.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Programmer \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://companyweb/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://companyweb
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programmer \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Programmer \ Cyberlink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ FÆLLES ~ 1 \ installere ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-start
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Programmer \ Common Files \ InstallShield \ UpdateService \ issch.exe"-start
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [Synchronization Manager]% SystemRoot% \ system32 \ mobsync.exe / logon
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Programmer \ Adobe \ Photoshop Album Starter Edition \ 3.0 \ Apps \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [ControlCenter2.0] C: \ Programmer \ Brother \ ControlCenter2 \ brctrcen.exe / autorun
O4 - HKLM \ .. \ Run: [MVS Splash] "C: \ Programmer \ McAfee \ Administreret VirusScan \ Agent \ Splash.exe"
O4 - HKLM \ .. \ Run: [McAfee Administreret Services Tray] "C: \ Programmer \ McAfee \ Administreret VirusScan \ Agent \ StartMyagtTry.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Programmer \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Programmer \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programmer \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [MATH INDEBAERER FOERST MODE] C: \ Documents and Settings \ All Users \ Application Data \ levende 64 math betyder \ amen tray.exe
O4 - HKCU \ .. \ Run: [Roadsite] C: \ DOCUME ~ 1 \ RON \ PROGRAMMER ~ 1 \ UPLOAD ~ 1 \ surf mpeg stop.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Programmer \ Messenger \ msmsgs.exe" / baggrund
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] C: \ Programmer \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster2] C: \ Programmer \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Programmer \ DNA \ btdna.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C: \ Programmer \ Common Files \ Intuit \ QuickBooks \ QBUpdate \ qbupdate.exe
O4 - Global Startup: Wallpaper.lnk = C: \ Wallpaper \ Bginfo.exe
O8 - Extra sammenhæng menupunktet: E & ksporter til Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office11 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Ekstra knap: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office11 \ REFIEBAR.DLL
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://companyweb
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi klasse) -- http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Object) -- http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (3BA3B159-7533-4F96-A2CE-EE5894BBD3D5) (Scanner.SysScanner) -- http://i.dell.com/images/global/js/s...SYSSCANNER.cab
O16 - DPF: (406B5949-7190-4245-91A9-30A17DE16AD0) (Snapfish Activia) -- http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: (40C83AF8-FEA7-4A6A-A470-431EE84A0886) (SecureObjectFactory klasse) -- http://vs.mcafeeasap.com/MC/ENU/VS40...0504175614.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://bl108fd.blu108.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: (5C6698D9-7BE4-4122-8EC5-291D84DBD4A0) -- http://upload.facebook.com/controls/...oUploader2.cab
O16 - DPF: (5C86F808-EDD2-4E5D-9C4F-E0D1ADA859AF) (Web Conferencing) -- http://server.mymeetingcentral.com/join_a.cab
O16 - DPF: (5F8469B4-B055-49DD-83F7-62B522420ECC) (Facebook Photo Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1149363255347
O16 - DPF: (7584C670-2274-4EFB-B00B-D6AABA6D3850) (Microsoft Terminal Services Client Control (Redist)) -- http://safari-fs/tsweb/msrdp.cab
O16 - DPF: (B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD) (TSEasyInstallX Control) -- http://www.trendsecure.com/easy_inst...syInstallX.CAB
O16 - DPF: (E06E2E99-0AA1-11D4-ABA6-0060082AA75C) (GpcContainer klasse) -- https: / / ere.webex.com/client/T25L10N...nt/ieatgpc.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = safari.local
O17 - HKLM \ Software \ .. \ Telephony: DomainName = safari.local
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = safari.local
O23 - Service: Ati Genvejstast Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: EngineServer - McAfee, Inc. - C: \ Programmer \ McAfee \ Administreret VirusScan \ VScan \ EngineServer.exe
O23 - Service: McShield - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ MANAGE ~ 1 \ VScan \ McShield.exe
O23 - Service: McAfee Virus og Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C: \ Programmer \ McAfee \ Administreret VirusScan \ Agent \ myAgtSvc.exe
O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) - Intuit - C: \ Programmer \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C: \ Programmer \ Common Files \ Intuit \ QuickBooks \ FCS \ Intuit.QuickBooks.FCS. exe
O23 - Service: synspunkt Manager Service - synspunkt Corporation - C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
--
End of file - 9346 bytes
  #2  
Old 25 marts 2008, 10:27
Donor-Gruppen
  
Default Iexplorer.exe virus

Du behøver kun 1 anti-virus og spyware program andre kloge de kan konflikten, har du en firewall? en, der kan blokere for både indgående og udgående? hvis jeg ikke kan finde linket til Comodo en rigtig god gratis firewall. Også hvad spyware har du? Jeg havde en løbende dukker op i 3 måneder, at Spybot S & D sorteret ud.
  #3  
Old 25 marts 2008, 10:31
Ny Medlem Gruppen
  
Default Iexplorer.exe virus

Nuvel, dette er mit arbejde computer. Vi har McAfee. Jeg hentet og prøvet Spybot Search & Destroy, avg spyware, AVG Anti-virus, registreringsdatabasen blocker, og et par andre jeg ikke kan huske. Intet hvert kommer op, når jeg har scannet pc'en med dem er det altid siger alle clean.This har stået på i flere måneder nu.
  #4  
Old 25 marts 2008, 10:32
Administrator Gruppen
  
Default Iexplorer.exe virus

Kanoakavirus.

Lad mig gøre dette klart.

Vi har en professionel malware fjernelse procedure her i CJ.

Hvis du ikke har ønsket at følge den derefter holde sig væk fra disse tråde.

Tak.
__________________

Mit system: Hybr! D

Processor (s):
AMD Turion 64 X2 TL-64 2.2GHz
Bundkort:
HP nForce 560
RAM Hukommelse:
2GB DDR2 PC2-5300
Grafikkort (r):
Nvidia 7150M Mobilanlæg Integreret
Lydkort:
5.1 Mobilanlæg Integreret
Harddisk (e):
250 GB 5400RPM SATA300
Optisk drev (r):
18x CD / DVDRW-DL ATA
Sag / PSU:
Stock HP
Køling:
Stock HP
Network / Internet:
10/100 Nic / 10 MB Virgin Kabel
Monitor (s):
17 "WXGA + HD BrightView Widescreen
Operating System (s):
Windows 7 Ultimate 32Bit
  #5  
Old 25 marts 2008, 10:34
Donor-Gruppen
  
Default Iexplorer.exe virus

Ok.
  #6  
Old 25 marts 2008, 10:55
Redaktør Gruppen
  
Default Iexplorer.exe virus

Download NoLop til din computer fra en af nedenstående links ...
  • Luk alle programmer, du har kørt siden en genstart er nødvendig
  • Dobbeltklik NoLop.exe at køre den
  • Næste, og klik på knappen: Search and Destroy
    • Computeren vil nu blive scannet for inficerede filer
  • Når scanningen er færdig, hvis det er inficeret, bliver du bedt om at genstarte
  • Klik på OK
  • Nu skal du klikke på: Genstart
  • Et budskab bør popup fra NoLop. Hvis ikke, dobbeltklik på programmet igen, og det vil finish.
  • Post indholdet af C: \ NoLop.log i næste svar.
Bemærk: Hvis du modtager en fejl, "mscomctl.ocx eller en af dens afhængigheder er ikke korrekt registreret," du downloade mscomctl.ocx til din System32 derefter gentagelsen programmet.

----------

Du har Synspunkt installeret.

Synspunkt Media Player / Manager / Toolbar betragtes som foistware stedet for malware da det er installeret, uden at brugerne godkendelse, men ikke spion eller gøre noget "dårlige". Se Synspunkt at Plunge Into Adware

Det foreslås at fjerne programmet nu.
Gå til Start> Indstillinger> Kontrolpanel> Tilføj / fjern programmer og fjerne de følgende programmer, hvis tilstede.
  • Synspunkt
  • Synspunkt Manager
  • Synspunkt Media Player
  • Synspunkt Toolbar
  • Synspunkt Erfaringen Technology
Hvis du har problemer med at fjerne synspunkt, jeg foreslår, at du bruger ViewpointKiller

Når du har hentet ViewpointKiller, Unzip den til en praktisk sted såsom skrivebordet.
Kør ViewpointKiller, og vælg File> Do Alle drab
Følg instruktionerne, vælge Ja eller Nej, Afhængigt af hvilket valg, du er mest tryg ved.

----------

Omdøb Hijackthis og køre en ny scanning derefter sende at logge såvel.
  • Gå til C: \ Programmer \ Trend Micro \HijackThis.exe
  • Højreklik på HijackThis.exe og vælge Omdøb.
  • Skriv sniper.exe og tryk Indtast.
  • Højreklik påsniper.exe og vælge Send til > Desktop (Opret genvej)
Selv om vi har omdøbt Hijackthis til snigskytte, vil vi stadig referere til det som Hijackthis eller HJT.

----------

Næste post skal du tilføje
Nr. skære log
Ny Hijackthis log
__________________
  #7  
Old 25 marts 2008, 11:57
Ny Medlem Gruppen
  
Default Iexplorer.exe virus

NoLop Log:

NoLop! Log af Skate_Punk_21
Fix løber fra: C: \ Documents and Settings \ RON \ Desktop
[3/25/2008]
[2:21:40 PM]
--- Infection Files Found/Removed---
C: \ WINDOWS \ opgaver \ 8862BA9A82712A82.job
Begyndelse Removal ...
Genstart ...
Fjernelse skære's sidesten filer / mapper ...
Redigering Justitskontor ...
** Fix Complete! **
--- Liste AppData sub directories ---
C: \ Documents and Settings \ Administrator \ Application Data \ Identities
C: \ Documents and Settings \ Administrator \ Application Data \ Microsoft
C: \ Documents and Settings \ Administrator \ Application Data \ søndag
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Adobe
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Adobeaum
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Identities
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Microsoft
C: \ Documents and Settings \ Administrator.safari \ Application Data \ søndag
C: \ Documents and Settings \ All Users \ Application Data \ Acronis
C: \ Documents and Settings \ All Users \ Application Data \ Adobe
C: \ Documents and Settings \ All Users \ Application Data \ Aol
C: \ Documents and Settings \ All Users \ Application Data \ Aol Downloads
C: \ Documents and Settings \ All Users \ Application Data \ Aol OCP
C: \ Documents and Settings \ All Users \ Application Data \ Avg7 - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Brother
C: \ Documents and Settings \ All Users \ Application Data \ Common Files
C: \ Documents and Settings \ All Users \ Application Data \ Google
C: \ Documents and Settings \ All Users \ Application Data \ Grisoft
C: \ Documents and Settings \ All Users \ Application Data \ InstallShield
C: \ Documents and Settings \ All Users \ Application Data \ Intuit
C: \ Documents and Settings \ All Users \ Application Data \ Lavasoft
C: \ Documents and Settings \ All Users \ Application Data \ Live 64 Math Mener
C: \ Documents and Settings \ All Users \ Application Data \ Microsoft
C: \ Documents and Settings \ All Users \ Application Data \ Mumbojumbo
C: \ Documents and Settings \ All Users \ Application Data \ Protexis
C: \ Documents and Settings \ All Users \ Application Data \ Sandlot Games
C: \ Documents and Settings \ All Users \ Application Data \ Sbsi
C: \ Documents and Settings \ All Users \ Application Data \ Simply Super Software
C: \ Documents and Settings \ All Users \ Application Data \ Temp - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Trymedia
C: \ Documents and Settings \ All Users \ Application Data \ synspunkt
C: \ Documents and Settings \ All Users \ Application Data \ Windows Genuine Advantage
C: \ Documents and Settings \ All Users \ Application Data \ Yahoo!
C: \ Documents and Settings \ Allison \ Application Data \ 3m
C: \ Documents and Settings \ Allison \ Application Data \ Adobe
C: \ Documents and Settings \ Allison \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Allison \ Application Data \ Coffeecup Software
C: \ Documents and Settings \ Allison \ Application Data \ Cyberlink
C: \ Documents and Settings \ Allison \ Application Data \ GlobalSCAPE
C: \ Documents and Settings \ Allison \ Application Data \ Google
C: \ Documents and Settings \ Allison \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Allison \ Application Data \ Identities
C: \ Documents and Settings \ Allison \ Application Data \ InstallShield Installation Information
C: \ Documents and Settings \ Allison \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Allison \ Application Data \ Intuit
C: \ Documents and Settings \ Allison \ Application Data \ Ipswitch
C: \ Documents and Settings \ Allison \ Application Data \ Leadertech
C: \ Documents and Settings \ Allison \ Application Data \ Macromedia
C: \ Documents and Settings \ Allison \ Application Data \ Microsoft
C: \ Documents and Settings \ Allison \ Application Data \ Mozilla
C: \ Documents and Settings \ Allison \ Application Data \ Smartftp
C: \ Documents and Settings \ Allison \ Application Data \ Snapfish
C: \ Documents and Settings \ Allison \ Application Data \ Sonic
C: \ Documents and Settings \ Allison \ Application Data \ søndag
C: \ Documents and Settings \ Allison \ Application Data \ Symantec - EMPTY Directory
C: \ Documents and Settings \ Allison \ Application Data \ Upload opsplittet - EMPTY Directory
C: \ Documents and Settings \ Allison \ Application Data \ Webex
C: \ Documents and Settings \ Allison \ Application Data \ Yahoo!
C: \ Documents and Settings \ Allison \ Application Data \ (d4914e09-364e-480a-835b-91f1f8c21e8c)
C: \ Documents and Settings \ Application Data \ Application Data \ Microsoft
C: \ Documents and Settings \ Dana \ Application Data \ 3m
C: \ Documents and Settings \ Dana \ Application Data \ Identities
C: \ Documents and Settings \ Dana \ Application Data \ Microsoft
C: \ Documents and Settings \ Dana \ Application Data \ søndag
C: \ Documents and Settings \ Default User \ Application Data \ Identities
C: \ Documents and Settings \ Default User \ Application Data \ Microsoft
C: \ Documents and Settings \ Default User \ Application Data \ søndag
C: \ Documents and Settings \ Heather \ Application Data \ Identities
C: \ Documents and Settings \ Heather \ Application Data \ Macromedia
C: \ Documents and Settings \ Heather \ Application Data \ Microsoft
C: \ Documents and Settings \ Heather \ Application Data \ søndag
C: \ Documents and Settings \ Heather \ Application Data \ Webex
C: \ Documents and Settings \ Kellie \ Application Data \ Identities
C: \ Documents and Settings \ Kellie \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Kellie \ Application Data \ Macromedia
C: \ Documents and Settings \ Kellie \ Application Data \ Microsoft
C: \ Documents and Settings \ Kellie \ Application Data \ søndag
C: \ Documents and Settings \ LocalService \ Application Data \ Avg7 - EMPTY Directory
C: \ Documents and Settings \ LocalService \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser \ Application Data \ Identities
C: \ Documents and Settings \ Mcafeemvsuser \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser \ Application Data \ søndag
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01 \ Application Data \ Identities
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01 \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01 \ Application Data \ søndag
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01.000 \ Application Data \ Identities
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01.000 \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01.000 \ Application Data \ søndag
C: \ Documents and Settings \ Meredith \ Application Data \ Identities
C: \ Documents and Settings \ Meredith \ Application Data \ Microsoft
C: \ Documents and Settings \ Meredith \ Application Data \ Sonic
C: \ Documents and Settings \ Meredith \ Application Data \ søndag
C: \ Documents and Settings \ NetworkService \ Application Data \ Microsoft
C: \ Documents and Settings \ Ron \ Application Data \ 3m
C: \ Documents and Settings \ Ron \ Application Data \ 7wonders
C: \ Documents and Settings \ Ron \ Application Data \ Acccore
C: \ Documents and Settings \ Ron \ Application Data \ Adobe
C: \ Documents and Settings \ Ron \ Application Data \ Adobeaum
C: \ Documents and Settings \ Ron \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Formål
C: \ Documents and Settings \ Ron \ Application Data \ Avg7
C: \ Documents and Settings \ Ron \ Application Data \ BitTorrent
C: \ Documents and Settings \ Ron \ Application Data \ Cyberlink
C: \ Documents and Settings \ Ron \ Application Data \ Dňa
C: \ Documents and Settings \ Ron \ Application Data \ Gamelab
C: \ Documents and Settings \ Ron \ Application Data \ Google
C: \ Documents and Settings \ Ron \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Identities
C: \ Documents and Settings \ Ron \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Ron \ Application Data \ Intuit
C: \ Documents and Settings \ Ron \ Application Data \ Ipswitch
C: \ Documents and Settings \ Ron \ Application Data \ Leadertech
C: \ Documents and Settings \ Ron \ Application Data \ LimeWire
C: \ Documents and Settings \ Ron \ Programdata \ Macromedia
C: \ Documents and Settings \ Ron \ Application Data \ Math Funk Bash - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Microsoft
C: \ Documents and Settings \ Ron \ Application Data \ Mozilla
C: \ Documents and Settings \ Ron \ Application Data \ Playfirst
C: \ Documents and Settings \ Ron \ Application Data \ Simply Super Software - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Snapfish
C: \ Documents and Settings \ Ron \ Application Data \ Sonic
C: \ Documents and Settings \ Ron \ Application Data \ Huskesedler
C: \ Documents and Settings \ Ron \ Application Data \ søndag
C: \ Documents and Settings \ Ron \ Application Data \ Symantec - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Trojanhunter
C: \ Documents and Settings \ Ron \ Application Data \ Uniblue
C: \ Documents and Settings \ Ron \ Application Data \ Upload opsplittet
C: \ Documents and Settings \ Ron \ Application Data \ synspunkt
C: \ Documents and Settings \ Ron \ Application Data \ WinRAR - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Yahoo!
C: \ Documents and Settings \ Ron.old \ Application Data \ Acccore
C: \ Documents and Settings \ Ron.old \ Application Data \ Adobe
C: \ Documents and Settings \ Ron.old \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Ron.old \ Application Data \ Google
C: \ Documents and Settings \ Ron.old \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Ron.old \ Application Data \ Identities
C: \ Documents and Settings \ Ron.old \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Ron.old \ Application Data \ Macromedia
C: \ Documents and Settings \ Ron.old \ Application Data \ Microsoft
C: \ Documents and Settings \ Ron.old \ Application Data \ Myspace
C: \ Documents and Settings \ Ron.old \ Application Data \ søndag
C: \ Documents and Settings \ Shelli \ Application Data \ Adobe
C: \ Documents and Settings \ Shelli \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Shelli \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Shelli \ Application Data \ Identities
C: \ Documents and Settings \ Shelli \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Shelli \ Application Data \ Leadertech
C: \ Documents and Settings \ Shelli \ Application Data \ Macromedia
C: \ Documents and Settings \ Shelli \ Application Data \ Microsoft
C: \ Documents and Settings \ Shelli \ Application Data \ Sonic
C: \ Documents and Settings \ Shelli \ Application Data \ søndag
C: \ Documents and Settings \ Stephanie \ Application Data \ Adobe
C: \ Documents and Settings \ Stephanie \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Stephanie \ Application Data \ Google
C: \ Documents and Settings \ Stephanie \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Stephanie \ Application Data \ Identities
C: \ Documents and Settings \ Stephanie \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Stephanie \ Application Data \ Leadertech
C: \ Documents and Settings \ Stephanie \ Application Data \ Macromedia
C: \ Documents and Settings \ Stephanie \ Application Data \ Microsoft
C: \ Documents and Settings \ Stephanie \ Application Data \ Sonic
C: \ Documents and Settings \ Stephanie \ Application Data \ søndag
C: \ Documents and Settings \ Susan \ Application Data \ 3m
C: \ Documents and Settings \ Susan \ Application Data \ Identities
C: \ Documents and Settings \ Susan \ Application Data \ Microsoft
C: \ Documents and Settings \ Susan \ Application Data \ søndag
C: \ Documents and Settings \ Xrbs \ Application Data \ Adobe
C: \ Documents and Settings \ Xrbs \ Application Data \ Google - EMPTY Directory
C: \ Documents and Settings \ Xrbs \ Application Data \ Identities
C: \ Documents and Settings \ Xrbs \ Application Data \ Macromedia
C: \ Documents and Settings \ Xrbs \ Application Data \ Microsoft
C: \ Documents and Settings \ Xrbs \ Application Data \ søndag
C: \ Documents and Settings \ __sbs_netsetup__ \ Application Data \ Identities
C: \ Documents and Settings \ __sbs_netsetup__ \ Application Data \ Microsoft
C: \ Documents and Settings \ __sbs_netsetup__ \ Application Data \ søndag

Ny HiJackthis log:

Logfile af Trend Micro HijackThis v2.0.2
Scan gemt på 3:00:16 PM, den 3/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Kørende processer:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programmer \ McAfee \ Administreret VirusScan \ VScan \ EngineServer.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Programmer \ McAfee \ Administreret VirusScan \ Agent \ myAgtSvc.exe
C: \ Programmer \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ PROGRA ~ 1 \ McAfee \ MANAGE ~ 1 \ VScan \ McShield.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Programmer \ Cyberlink \ PowerDVD \ DVDLauncher.exe
C: \ Programmer \ Common Files \ InstallShield \ UpdateService \ issch.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Programmer \ Adobe \ Photoshop Album Starter Edition \ 3.0 \ Apps \ apdproxy.exe
C: \ Programmer \ Brother \ ControlCenter2 \ brctrcen.exe
C: \ Programmer \ McAfee \ Administreret VirusScan \ Agent \ myAgtTry.exe
C: \ Programmer \ Analog Devices \ Core \ smax4pnp.exe
C: \ Programmer \ QuickTime \ qttask.exe
C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programmer \ DNA \ btdna.exe
\ Up-3 \ c $ \ Programmer \ Microsoft Office \ Office11 \ Outlook.exe
C: \ Programmer \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Programmer \ Trend Micro \ HijackThis \ sniper.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page =
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://companyweb
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programmer \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Programmer \ Cyberlink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ FÆLLES ~ 1 \ installere ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-start
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Programmer \ Common Files \ InstallShield \ UpdateService \ issch.exe"-start
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [Synchronization Manager]% SystemRoot% \ system32 \ mobsync.exe / logon
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Programmer \ Adobe \ Photoshop Album Starter Edition \ 3.0 \ Apps \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [ControlCenter2.0] C: \ Programmer \ Brother \ ControlCenter2 \ brctrcen.exe / autorun
O4 - HKLM \ .. \ Run: [MVS Splash] "C: \ Programmer \ McAfee \ Administreret VirusScan \ Agent \ Splash.exe"
O4 - HKLM \ .. \ Run: [McAfee Administreret Services Tray] "C: \ Programmer \ McAfee \ Administreret VirusScan \ Agent \ StartMyagtTry.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Programmer \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Programmer \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programmer \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [MATH INDEBAERER FOERST MODE] C: \ Documents and Settings \ All Users \ Application Data \ levende 64 math betyder \ amen tray.exe
O4 - HKCU \ .. \ Run: [Roadsite] C: \ DOCUME ~ 1 \ RON \ PROGRAMMER ~ 1 \ UPLOAD ~ 1 \ surf mpeg stop.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] C: \ Programmer \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster2] C: \ Programmer \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Programmer \ DNA \ btdna.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C: \ Programmer \ Common Files \ Intuit \ QuickBooks \ QBUpdate \ qbupdate.exe
O4 - Global Startup: Wallpaper.lnk = C: \ Wallpaper \ Bginfo.exe
O8 - Extra sammenhæng menupunktet: E & ksporter til Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office11 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Ekstra knap: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office11 \ REFIEBAR.DLL
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://companyweb
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi klasse) -- http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Object) -- http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (3BA3B159-7533-4F96-A2CE-EE5894BBD3D5) (Scanner.SysScanner) -- http://i.dell.com/images/global/js/s...SYSSCANNER.cab
O16 - DPF: (406B5949-7190-4245-91A9-30A17DE16AD0) (Snapfish Activia) -- http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: (40C83AF8-FEA7-4A6A-A470-431EE84A0886) (SecureObjectFactory klasse) -- http://vs.mcafeeasap.com/MC/ENU/VS40...0504175614.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://bl108fd.blu108.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: (5C6698D9-7BE4-4122-8EC5-291D84DBD4A0) -- http://upload.facebook.com/controls/...oUploader2.cab
O16 - DPF: (5C86F808-EDD2-4E5D-9C4F-E0D1ADA859AF) (Web Conferencing) -- http://server.mymeetingcentral.com/join_a.cab
O16 - DPF: (5F8469B4-B055-49DD-83F7-62B522420ECC) (Facebook Photo Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1149363255347
O16 - DPF: (7584C670-2274-4EFB-B00B-D6AABA6D3850) (Microsoft Terminal Services Client Control (Redist)) -- http://safari-fs/tsweb/msrdp.cab
O16 - DPF: (B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD) (TSEasyInstallX Control) -- http://www.trendsecure.com/easy_inst...syInstallX.CAB
O16 - DPF: (E06E2E99-0AA1-11D4-ABA6-0060082AA75C) (GpcContainer klasse) -- https: / / ere.webex.com/client/T25L10N...nt/ieatgpc.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = safari.local
O17 - HKLM \ Software \ .. \ Telephony: DomainName = safari.local
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = safari.local
O23 - Service: Ati Genvejstast Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: EngineServer - McAfee, Inc. - C: \ Programmer \ McAfee \ Administreret VirusScan \ VScan \ EngineServer.exe
O23 - Service: McShield - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ MANAGE ~ 1 \ VScan \ McShield.exe
O23 - Service: McAfee Virus og Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C: \ Programmer \ McAfee \ Administreret VirusScan \ Agent \ myAgtSvc.exe
O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) - Intuit - C: \ Programmer \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C: \ Programmer \ Common Files \ Intuit \ QuickBooks \ FCS \ Intuit.QuickBooks.FCS. exe
--
End of file - 8722 bytes

Jeg har bemærket, at iexploree.exe kun popping op gang på Jobliste nu og jeg har ikke haft nogen pop-ups endnu.
  #8  
Old 25 marts 2008, 12:07
Redaktør Gruppen
  
Default Iexplorer.exe virus

Søger du bedre, men stadig mere tilbage at gøre.

Opret En Uninstall List
  • Start HijackThis
  • Klik på Åbn Misc afsnittet Værktøjer
  • Klik på Open Uninstall Manager knappen.
  • Klik på Gem listen knappen, og angive, hvor du vil gemme denne fil, og klik Gemme.
    • Når du trykker Gemme knap en notesblok åbner med indholdet af denne fil.
  • Kopier og indsæt denne liste i dit svar.
__________________
  #9  
Old 26 marts 2008, 06:57
Ny Medlem Gruppen
  
Default Iexplorer.exe virus

Beklager, men går på arbejdspladsen fik travlt. Jeg var ikke i stand til at gøre dette trin eller svar tilbage. Når jeg er logget ind på min computer pop-ups var tilbage i dag. Nedenfor er de unistall listen.

ACT!
Adobe Download Manager 2.0 (Fjern Kun)
Adobe Flash Player ActiveX
Adobe Reader 7.0.8
Adobe Shockwave Player
Adobe ® Photoshop ® Album Starter Edition 3.0
AIM 6
ATI - Software Uninstall Utility
ATI skærmdriver
Barracuda Networks Outlook Plugin 0.9d
Broadcom Advanced Control Suite
Brother MFL-Pro Suite
ClearType Tuning Kontrolpanel Applet
Compatibility Pack til Office 2007-systemet
e / pop Web Conferencing Kundeanmeldelser
Google Earth
HijackThis 2.0.2
Hotfix til Microsoft. NET Framework 3.0 (KB932471)
Hotfix til Windows Media Format 11 SDK (KB929399)
Hotfix til Windows Media Format SDK (KB902344)
Hotfix til Windows Media Player 11 (KB939683)
Hotfix til Windows XP (KB896344)
Hotfix til Windows XP (KB914440)
Hotfix til Windows XP (KB915865)
Hotfix til Windows XP (KB926239)
Intel (R) Graphics Media Accelerator Driver
Java (TM) 6 Update 2
Java (TM) 6 Update 3
Java (TM) 6 Update 5
McAfee Virus og Spyware Protection Service
Microsoft. NET Framework 1.1
Microsoft. NET Framework 1.1
Microsoft. NET Framework 1.1 Hotfix (KB928366)
Microsoft. NET Framework 2.0 Service Pack 1
Microsoft. NET Framework 3.0 Service Pack 1
Microsoft Base Smart Card Kryptografiske Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft internationaliseret Domain Names Skadebegrænsnings API'er
Microsoft National Language Support Downlevel API'er
Microsoft Office Outlook 2003
Microsoft Office Small Business Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C + + 2005 Redistributable
Mozilla Firefox (2.0.0.12)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser og SDK
MSXML 6.0 Parser (KB933579)
PowerDVD 5.5
QuickBooks Pro 2007
QuickBooks Produkt registreringstjeneste
Sikkerhedsopdatering til step by Step Interactive Training (KB898458)
Sikkerhedsopdatering til step by Step Interactive Training (KB923723)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB928090)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB929969)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB931768)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB933566)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB937143)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB938127)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB939653)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB942615)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB944533)
Sikkerhedsopdatering til Windows Media Player (KB911564)
Sikkerhedsopdatering til Windows Media Player 10 (KB917734)
Sikkerhedsopdatering til Windows Media Player 11 (KB936782)
Sikkerhedsopdatering til Windows Media Player 6.4 (KB925398)
Sikkerhedsopdatering til Windows XP (KB890046)
Sikkerhedsopdatering til Windows XP (KB893756)
Sikkerhedsopdatering til Windows XP (KB896428)
Sikkerhedsopdatering til Windows XP (KB899587)
Sikkerhedsopdatering til Windows XP (KB899589)
Sikkerhedsopdatering til Windows XP (KB900725)
Sikkerhedsopdatering til Windows XP (KB901017)
Sikkerhedsopdatering til Windows XP (KB901190)
Sikkerhedsopdatering til Windows XP (KB902400)
Sikkerhedsopdatering til Windows XP (KB905414)
Sikkerhedsopdatering til Windows XP (KB905749)
Sikkerhedsopdatering til Windows XP (KB911280)
Sikkerhedsopdatering til Windows XP (KB911562)
Sikkerhedsopdatering til Windows XP (KB911567)
Sikkerhedsopdatering til Windows XP (KB911927)
Sikkerhedsopdatering til Windows XP (KB912812)
Sikkerhedsopdatering til Windows XP (KB913446)
Sikkerhedsopdatering til Windows XP (KB913580)
Sikkerhedsopdatering til Windows XP (KB914388)
Sikkerhedsopdatering til Windows XP (KB914389)
Sikkerhedsopdatering til Windows XP (KB916281)
Sikkerhedsopdatering til Windows XP (KB917159)
Sikkerhedsopdatering til Windows XP (KB917344)
Sikkerhedsopdatering til Windows XP (KB917422)
Sikkerhedsopdatering til Windows XP (KB917953)
Sikkerhedsopdatering til Windows XP (KB918118)
Sikkerhedsopdatering til Windows XP (KB918439)
Sikkerhedsopdatering til Windows XP (KB918899)
Sikkerhedsopdatering til Windows XP (KB919007)
Sikkerhedsopdatering til Windows XP (KB920213)
Sikkerhedsopdatering til Windows XP (KB920214)
Sikkerhedsopdatering til Windows XP (KB920670)
Sikkerhedsopdatering til Windows XP (KB920683)
Sikkerhedsopdatering til Windows XP (KB920685)
Sikkerhedsopdatering til Windows XP (KB921398)
Sikkerhedsopdatering til Windows XP (KB921503)
Sikkerhedsopdatering til Windows XP (KB921883)
Sikkerhedsopdatering til Windows XP (KB922616)
Sikkerhedsopdatering til Windows XP (KB922760)
Sikkerhedsopdatering til Windows XP (KB922819)
Sikkerhedsopdatering til Windows XP (KB923191)
Sikkerhedsopdatering til Windows XP (KB923414)
Sikkerhedsopdatering til Windows XP (KB923689)
Sikkerhedsopdatering til Windows XP (KB923694)
Sikkerhedsopdatering til Windows XP (KB923980)
Sikkerhedsopdatering til Windows XP (KB924191)
Sikkerhedsopdatering til Windows XP (KB924270)
Sikkerhedsopdatering til Windows XP (KB924496)
Sikkerhedsopdatering til Windows XP (KB924667)
Sikkerhedsopdatering til Windows XP (KB925486)
Sikkerhedsopdatering til Windows XP (KB925902)
Sikkerhedsopdatering til Windows XP (KB926255)
Sikkerhedsopdatering til Windows XP (KB926436)
Sikkerhedsopdatering til Windows XP (KB927779)
Sikkerhedsopdatering til Windows XP (KB927802)
Sikkerhedsopdatering til Windows XP (KB928255)
Sikkerhedsopdatering til Windows XP (KB928843)
Sikkerhedsopdatering til Windows XP (KB929123)
Sikkerhedsopdatering til Windows XP (KB930178)
Sikkerhedsopdatering til Windows XP (KB931261)
Sikkerhedsopdatering til Windows XP (KB931784)
Sikkerhedsopdatering til Windows XP (KB932168)
Sikkerhedsopdatering til Windows XP (KB933729)
Sikkerhedsopdatering til Windows XP (KB935839)
Sikkerhedsopdatering til Windows XP (KB935840)
Sikkerhedsopdatering til Windows XP (KB936021)
Sikkerhedsopdatering til Windows XP (KB937894)
Sikkerhedsopdatering til Windows XP (KB938829)
Sikkerhedsopdatering til Windows XP (KB941202)
Sikkerhedsopdatering til Windows XP (KB941568)
Sikkerhedsopdatering til Windows XP (KB941569)
Sikkerhedsopdatering til Windows XP (KB941644)
Sikkerhedsopdatering til Windows XP (KB943055)
Sikkerhedsopdatering til Windows XP (KB943460)
Sikkerhedsopdatering til Windows XP (KB943485)
Sikkerhedsopdatering til Windows XP (KB944653)
Sikkerhedsopdatering til Windows XP (KB946026)
Shadow Copy Client
Sonic Kopier Modul
Sonic DLA
Sonic Express Labeler
Sonic RecordNow Audio
Sonic RecordNow Data
Sonic Update Manager
SoundMAX
SupportSoft Assisted Service
Opdatering til Windows XP (KB894391)
Opdatering til Windows XP (KB898461)
Opdatering til Windows XP (KB900485)
Opdatering til Windows XP (KB904942)
Opdatering til Windows XP (KB908531)
Opdatering til Windows XP (KB910437)
Opdatering til Windows XP (KB916595)
Opdatering til Windows XP (KB920342)
Opdatering til Windows XP (KB920872)
Opdatering til Windows XP (KB922582)
Opdatering til Windows XP (KB925720)
Opdatering til Windows XP (KB925876)
Opdatering til Windows XP (KB927891)
Opdatering til Windows XP (KB929338)
Opdatering til Windows XP (KB930916)
Opdatering til Windows XP (KB931836)
Opdatering til Windows XP (KB933360)
Opdatering til Windows XP (KB936357)
Opdatering til Windows XP (KB938828)
Opdatering til Windows XP (KB942763)
WebEx
Windows Defender
Windows Defender Underskrifter
Windows Imaging Component
Windows Internet Explorer 7
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
WinRAR archiver
  #10  
Old 26 marts 2008, 08:12
Redaktør Gruppen
  
Default Iexplorer.exe virus

Gå til Min Computer-> Tools-> Folder Options-> Vis TAB:
  • Under Skjulte filer og mapper position:
  • Vælg Vis skjulte filer og mapper.
  • Fjern markeringen Skjul beskyttede operativsystemfiler (anbefales) mulighed.
  • Også, så sørg for der er ingen hak ved siden af Skjul filtypenavne for kendte filtyper.
  • Klik på OK

----------

Gå til Tilføj / fjern programmer og afinstallere følgende:
  • Java (TM) 6 Update 2
  • Java (TM) 6 Update 3
----------

Åbn Hijackthis og vælg Må en systemscanning kun.

Anbringe en markering ved siden af følgende poster: (hvis der)
  • O4 - HKLM \ .. \ Run: [MATH INDEBAERER FOERST MODE] C: \ Documents and Settings \ All Users \ Application Data \ levende 64 math betyder \ amen tray.exe
  • O4 - HKCU \ .. \ Run: [Roadsite] C: \ DOCUME ~ 1 \ RON \ PROGRAMMER ~ 1 \ UPLOAD ~ 1 \ surf mpeg stop.exe
Vigtigt: Luk alle vinduer undtagen Hijackthis og klik derefter på Fix kontrolleres.

Afslut Hijackthis.

----------

Nu dobbeltklik på Denne computer på skrivebordet, og find disse mapper og slette hele mappe.

C: \ Documents and Settings \ All Users \ Application Data \live 64 math gør

C: \ Documents and Settings \ RON \ Application Data \UPLOAD ~ 1

DenUPLOAD ~ 1 er forkortet til noget, men det vil begynde med Upload.

----------

Hent Combofix af subs fra en af de nedenstående links.
(Prøv alle tre, hvis det er nødvendigt)Vigtigt! Combofix.exe SKAL gemmes på og løb fra Desktop.
  • Luk alle åbne Internet-browsere. (Firefox, Internet Explorer, osv.), før de starter Combofix.
  • Vigtigt! Midlertidigt deaktivere din antivirus, script blokering og enhver antispyware realtid beskyttelse før udførelse af en scanning.
    • Klik på dette link at se en liste over sikkerhedsprogrammer, der skal være slået fra, og hvordan du deaktivere dem.
    • Hvis din ikke er børsnoteret, og du ikke ved hvordan man deaktivere det, så spørg.
  • Advarsel: Combofix afbryder din computer fra Internettet. Forbindelsen automatisk gendannet før Combofix afslutter sit løb.
  • Dobbeltklik combofix.exe & følg instruktionerne.
    • Fra tastaturet vælge 1 og tryk Indtast
  • Når du er færdig, vil den udarbejde en log for dig.
  • Post at logge på din næste svar.
Advarsel: Må ikke mouseclick combofix vindue mens den kører. Det kan få det til at stall
  • Hvis Combofix løber ind i vanskeligheder og udtræder for tidligt, at forbindelsen kan manuelt genoprettes ved at genstarte computeren.
  • Vigtigt: Husk at genaktivere dine antivirus-og antispyware før genskabe forbindelsen til internettet.

----------

Næste post skal du tilføje
Combofix log

Også lade mig vide, hvordan tingene er nu.
__________________
Reply

Register

Bogmærker

Lignende Tråde
Tråd Thread Starter Forum Svar Last Post
Iexplorer dårlige image-HELPPPP venligst soupman23 Virus, Spyware & Sikkerhed 11 29th Dec 2008 00:52
Iexplorer.exe virus - Please help me! Giant Panda Virus, Spyware & Sikkerhed 2 6. okt 2008 14:55
IEXPLORER.EXE virus pls gennemgang Hijack log nitingaur Virus, Spyware & Sikkerhed 15 22. sep 2008 16:40
Jeg får det bone.exe virus til min iexplorer damandg Virus, Spyware & Sikkerhed 12 14 juli 2008 14:31
Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe euphotix Virus, Spyware & Sikkerhed 8 17 januar 2008 23:55
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Kontakt -- Privacy -- Sitemap -- Top

Annoncenetværk baseret på bytteøkonomi ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO ved vBSEO © 2009, websteds egnethed til webcrawling, Inc.