vähemmän oman pääoman

Magazine
Go Back   Tietokone Juice > Computer Software > Virusten, vakoiluohjelmien & Security
Reload this Page

Iexplorer.exe virus

Rekisteröidy Sivustokartta Spy Käyttäjälista Lahjoita Haku Today's Posts Mark Forums Read Foorumin säännöt

Register


 Default 

Iexplorer.exe virus




Reply
 
Thread Tools
  #1  
Old 25 maaliskuu 2008, 10:06
Uusi Jäsen
  
Default Iexplorer.exe virus

Hei,
Huomasin ponnahdusikkunoilta alkoi popping lähes jokainen pari minuuttia minun tietokone. Huomasin siinä tehtävässä johtaja, että on tavallisesti kolmen iexplorer.exe tehtävät avoinna kaikkina aikoina. Olen yrittänyt useita anti-virus-ja vakoiluohjelmien poisto-ohjelmat ja mitään tuntuu päästä siitä eroon. Minä vain kesti log kanssa kaappaamaan tämän ...... Voiko kukaan auttaa?

Kiitos paljon!

Logfile ja Trend Micro HijackThis v2.0.2
Scan tallennettu klo 1:10:32 PM, annettu 3.25.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Käynnissä olevista prosesseista:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ McAfee \ Managed VirusScan \ VScan \ EngineServer.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ McAfee \ Managed VirusScan \ Agent \ myAgtSvc.exe
C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Program Files \ näkökulmasta \ Common \ ViewpointService.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ PROGRA ~ 1 \ McAfee \ MANAGE ~ 1 \ VScan \ McShield.exe
C: \ WINDOWS \ Explorer.exe
C: \ Program Files \ Cyberlink \ PowerDVD \ DVDLauncher.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3.0 \ Apps \ apdproxy.exe
C: \ Program Files \ Brother \ ControlCenter2 \ brctrcen.exe
C: \ Program Files \ McAfee \ Managed VirusScan \ Agent \ myAgtTry.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ Program Files \ QuickTime \ qttask.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE
C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe
C: \ Program Files \ DNA \ btdna.exe
C: \ Program Files \ Microsoft Outlook \ Office11 \ Outlook.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ McAfee \ Managed VirusScan \ Agent \ UpdDlg.exe
C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.0 \ Windows Communication Foundation \ infocard.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://companyweb/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://companyweb
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ Cyberlink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ Common ~ 1 \ INSTAL ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-käynnistyksen
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe"-start
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [Synchronization Manager]% SystemRoot% \ system32 \ mobsync.exe / kirjautumisen
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3.0 \ Apps \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [ControlCenter2.0] C: \ Program Files \ Brother \ ControlCenter2 \ brctrcen.exe / autorun
O4 - HKLM \ .. \ Run: [MVS Splash] "C: \ Program Files \ McAfee \ Managed VirusScan \ Agent \ Splash.exe"
O4 - HKLM \ .. \ Run: [McAfee Managed Services Tray] "C: \ Program Files \ McAfee \ Managed VirusScan \ Agent \ StartMyagtTry.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-piilota
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Math ei ENSIMMÄISEN MODE] C: \ Documents and Settings \ All Users \ Application Data \ elää 64 matematiikka ei \ aamen tray.exe
O4 - HKCU \ .. \ Run: [Roadsite] C: \ DOCUME ~ 1 \ ron \ Sov ~ 1 \ UPLOAD ~ 1 \ selauspalveluita mpeg stop.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / tausta
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNA \ btdna.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBUpdate \ qbupdate.exe
O4 - Global Startup: Wallpaper.lnk = C: \ Taustakuvat \ Bginfo.exe
O8 - Extra yhteydessä valikkotoimintoa: E & Vie Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikros ~ 3 \ Office11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ mikros ~ 3 \ Office11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://companyweb
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Object) -- http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (3BA3B159-7533-4F96-A2CE-EE5894BBD3D5) (Scanner.SysScanner) -- http://i.dell.com/images/global/js/s...SYSSCANNER.cab
O16 - DPF: (406B5949-7190-4245-91A9-30A17DE16AD0) (Snapfish Activia) -- http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: (40C83AF8-FEA7-4A6A-A470-431EE84A0886) (SecureObjectFactory Class) -- http://vs.mcafeeasap.com/MC/ENU/VS40...0504175614.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://bl108fd.blu108.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: (5C6698D9-7BE4-4122-8EC5-291D84DBD4A0) -- http://upload.facebook.com/controls/...oUploader2.cab
O16 - DPF: (5C86F808-EDD2-4E5D-9C4F-E0D1ADA859AF) (Web Conferencing) -- http://server.mymeetingcentral.com/join_a.cab
O16 - DPF: (5F8469B4-B055-49DD-83F7-62B522420ECC) (Facebook Photo Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1149363255347
O16 - DPF: (7584C670-2274-4EFB-B00B-D6AABA6D3850) (Microsoft Terminal Services Client Control (Redist)) -- http://safari-fs/tsweb/msrdp.cab
O16 - DPF: (B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD) (TSEasyInstallX Control) -- http://www.trendsecure.com/easy_inst...syInstallX.CAB
O16 - DPF: (E06E2E99-0AA1-11D4-ABA6-0060082AA75C) (GpcContainer Class) -- https: / / ere.webex.com/client/T25L10N...nt/ieatgpc.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = safari.local
O17 - HKLM \ Software \ .. \ Telephony: Toimialuenimi = safari.local
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = safari.local
O23 - Service: Ati Pikanäppäin Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: EngineServer - McAfee, Inc. - C: \ Program Files \ McAfee \ Managed VirusScan \ VScan \ EngineServer.exe
O23 - Service: McShield - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ MANAGE ~ 1 \ VScan \ McShield.exe
O23 - Service: McAfee Virus ja Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C: \ Program Files \ McAfee \ Managed VirusScan \ Agent \ myAgtSvc.exe
O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) - Intuit - C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ FCS \ Intuit.QuickBooks.FCS. exe
O23 - Service: näkökulmasta Manager Service - näkökulmasta Corporation - C: \ Program Files \ näkökulmasta \ Common \ ViewpointService.exe
--
End of file - 9346 bytes
  #2  
Old 25 maaliskuu 2008, 10:27
Rahoittajien ryhmän
  
Default Iexplorer.exe virus

Tarvitset vain 1 anti-virus-ja vakoiluohjelmien ohjelma otherwise he voivat joutua ristiriitaan, sinulla on palomuuri? joka voi estää sekä saapuvan ja lähtevän? jos en voi löytää linkkiä Comodo erittäin hyvä ilmainen palomuuri. Myös mitä vakoiluohjelmista sinulla on? Minulla oli käynnissä pop enintään 3 kuukautta, että Spybot-S & D selvitettävä.
  #3  
Old 25 maaliskuu 2008, 10:31
Uusi Jäsen
  
Default Iexplorer.exe virus

No, tämä on minun työtä tietokoneella. Olemme McAfee. Olen ladannut ja yrittänyt Spybot Search & Destroy, avg spyware, avg anti-virus-, rekisteri-estäjä, ja muutamia muita en voi muistaa. Mikään joka tulee esiin, kun skannataan tietokoneen kanssa, se on aina sanoo kaikki clean.This on jatkunut jo useiden kuukausien ajan.
  #4  
Old 25 maaliskuu 2008, 10:32
Administrator Group
  
Default Iexplorer.exe virus

Kanoakavirus.

Haluan tehdä tämän selväksi.

Meillä on ammatillinen haittaohjelmien ulosmaksu täällä CJ.

Jos sinulla ei ole halu seurata sitä sitten pysyä poissa näistä kierteet.

Kiitos.
__________________

My System: Hybr! D

Processor (s):
AMD Turion 64 X2 TL-64 2.2GHz
Emolevy:
HP nForce 560
RAM-muisti:
2GB DDR2 PC2-5300
Graphics Card (s):
Nvidia 7150M Laivaostoksista Yhdennetty
Äänikortti:
5.1 Laivaostoksista Yhdennetty
Kiintolevy (t):
250GB 5400RPM SATA300
Optinen asema (t):
18x CD / DVDRW-DL ATA
Asia / PSU:
Kanta HP
Jäähdytys:
Kanta HP
Network / Internet:
10/100 Nic / 10 Mt Virgin Kaapeli
Monitor (t):
17 "WXGA + HD BrightView Widescreen
Operating System (s):
Windows 7 Ultimate 32Bit
  #5  
Old 25 maaliskuu 2008, 10:34
Rahoittajien ryhmän
  
Default Iexplorer.exe virus

Ok.
  #6  
Old 25 maaliskuu 2008, 10:55
Moderator Group
  
Default Iexplorer.exe virus

Lataa NoLop omalle työpöydälle jotakin alla olevista linkeistä ...
  • Sulje kaikki ohjelmat, joita et ole käynnissä, koska uudelleenkäynnistys tarvitaan
  • Kaksoisnapsauta NoLop.exe suorittaa se
  • Napsauta painiketta: Search and Destroy
    • Tietokone on nyt skannataan saastuneita tiedostoja
  • Kun skannaus on valmis, jos tartunta, sinua pyydetään reboot
  • Klikkaa OK
  • Nyt klikkaa: REBOOT
  • Viesti tulee popup alkaen NoLop. Jos ei ole, kaksoisnapsauta ohjelman uudelleen, ja se päättyy.
  • Post sisältö C: \ NoLop.log vuonna seuraavan vastauksen.
Huom: Jos saat virheilmoituksen, "mscomctl.ocx tai jokin sen riippuvuudet eivät ole oikein rekisteröity," lataa mscomctl.ocx teidän system32 kansioon sitten uusintana ohjelmaan.

----------

Olette Näkökulmasta asennettu.

Näkökulmasta Media Player / Manager / työkalupalkki on pidettävä foistware sijaan haittaohjelmien koska se on asennettu ilman käyttäjien hyväksyntä, mutta se ei vakooja tai tehdä mitään "huonoja". Katsoa Näkökulman Plunge Into Adware

On ehdotettu ohjelman poistaminen nyt.
Siirry Käynnistä> Asetukset> Ohjauspaneeli> Lisää / poista sovellus - ja poista seuraavat ohjelmat, mikäli läsnä.
  • Näkökulmasta
  • Näkökulmasta Manager
  • Näkökulmasta Media Player
  • Näkökulmasta Toolbar
  • Näkökulmasta Kokemus Technology
Jos sinulla on ongelmia poistamalla näkökulmasta, ehdotan, että käytät ViewpointKiller

Kun olet ladannut ViewpointKiller, pura se sopivaan paikkaan, esimerkiksi työpöydälle.
Suorita ViewpointKiller ja valitse Tiedosto> Do All kaatoja
Seuraa ohjeita, valitsemalla Kyllä tai EiRiippuen siitä, kumpi valinta olet eniten mukava.

----------

Nimeä Hijackthis ja käyttää uusia scan sitten postitse että log samoin.
  • Siirry C: \ Program Files \ Trend Micro \HijackThis.exe
  • Napsauta hiiren kakkospainikkeella HijackThis.exe ja valitse Nimeä.
  • Kirjoita sniper.exe ja paina Anna.
  • Napsauta hiiren kakkospainikkeella päällä sniper.exe ja valitse Lähetä > Desktop (luo pikakuvake)
Vaikka olemme uudelleennimettyjä Hijackthis on ampuja, me vielä viitata se Hijackthis tai HJT.

----------

Seuraava post lisää
N: o Lop log
Uusi Hijackthis loki
__________________
  #7  
Old 25 maaliskuu 2008, 11:57
Uusi Jäsen
  
Default Iexplorer.exe virus

NoLop Lokinhallinta:

NoLop! Loki on Skate_Punk_21
Korjaa alkaen: C: \ Documents and Settings \ ron \ Desktop
[3.25.2008]
[2:21:40 PM]
--- Infection Files Found/Removed---
C: \ WINDOWS \ tehtävät \ 8862BA9A82712A82.job
Beginning Removal ...
Käynnistystä ...
Removing Lop's jäänne tiedostot / kansiot ...
Editing Registry ...
** Fix Complete! **
--- Listing AppData sub directories ---
C: \ Documents and Settings \ Administrator \ Application Data \ Identities
C: \ Documents and Settings \ Administrator \ Application Data \ Microsoft
C: \ Documents and Settings \ Administrator \ Application Data \ Sun
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Adobe
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Adobeaum
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Identities
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Microsoft
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Sun
C: \ Documents and Settings \ All Users \ Application Data \ Acronis
C: \ Documents and Settings \ All Users \ Application Data \ Adobe
C: \ Documents and Settings \ All Users \ Application Data \ Aol
C: \ Documents and Settings \ All Users \ Application Data \ Aol Downloads
C: \ Documents and Settings \ All Users \ Application Data \ Aol Ocp
C: \ Documents and Settings \ All Users \ Application Data \ Avg7 - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Brother
C: \ Documents and Settings \ All Users \ Application Data \ Common Files
C: \ Documents and Settings \ All Users \ Application Data \ Google
C: \ Documents and Settings \ All Users \ Application Data \ Grisoft
C: \ Documents and Settings \ All Users \ Application Data \ InstallShield
C: \ Documents and Settings \ All Users \ Application Data \ Intuit
C: \ Documents and Settings \ All Users \ Application Data \ Lavasoft
C: \ Documents and Settings \ All Users \ Application Data \ Live 64 Math Onko
C: \ Documents and Settings \ All Users \ Application Data \ Microsoft
C: \ Documents and Settings \ All Users \ Application Data \ Mumbojumbo
C: \ Documents and Settings \ All Users \ Application Data \ Protexis
C: \ Documents and Settings \ All Users \ Application Data \ Sandlot Pelit
C: \ Documents and Settings \ All Users \ Application Data \ Sbsi
C: \ Documents and Settings \ All Users \ Application Data \ Simply Super Software
C: \ Documents and Settings \ All Users \ Application Data \ Temp - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Trymedia
C: \ Documents and Settings \ All Users \ Application Data \ näkökulmasta
C: \ Documents and Settings \ All Users \ Application Data \ Windows Genuine Advantage
C: \ Documents and Settings \ All Users \ Application Data \ Yahoo!
C: \ Documents and Settings \ Allison \ Application Data \ 3m
C: \ Documents and Settings \ Allison \ Application Data \ Adobe
C: \ Documents and Settings \ Allison \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Allison \ Application Data \ Coffeecup Software
C: \ Documents and Settings \ Allison \ Application Data \ Cyberlink
C: \ Documents and Settings \ Allison \ Application Data \ GlobalSCAPE
C: \ Documents and Settings \ Allison \ Application Data \ Google
C: \ Documents and Settings \ Allison \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Allison \ Application Data \ Identities
C: \ Documents and Settings \ Allison \ Application Data \ InstallShield Installation Information
C: \ Documents and Settings \ Allison \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Allison \ Application Data \ Intuit
C: \ Documents and Settings \ Allison \ Application Data \ Ipswitch
C: \ Documents and Settings \ Allison \ Application Data \ Leadertech
C: \ Documents and Settings \ Allison \ Application Data \ Macromedia
C: \ Documents and Settings \ Allison \ Application Data \ Microsoft
C: \ Documents and Settings \ Allison \ Application Data \ Mozilla
C: \ Documents and Settings \ Allison \ Application Data \ Smartftp
C: \ Documents and Settings \ Allison \ Application Data \ Snapfish
C: \ Documents and Settings \ Allison \ Application Data \ Sonic
C: \ Documents and Settings \ Allison \ Application Data \ Sun
C: \ Documents and Settings \ Allison \ Application Data \ Symantec - EMPTY Directory
C: \ Documents and Settings \ Allison \ Application Data \ Upload Frag - EMPTY Directory
C: \ Documents and Settings \ Allison \ Application Data \ Webex
C: \ Documents and Settings \ Allison \ Application Data \ Yahoo!
C: \ Documents and Settings \ Allison \ Application Data \ (d4914e09-364e-480a-835b-91f1f8c21e8c)
C: \ Documents and Settings \ Application Data \ Application Data \ Microsoft
C: \ Documents and Settings \ Dana \ Application Data \ 3m
C: \ Documents and Settings \ Dana \ Application Data \ Identities
C: \ Documents and Settings \ Dana \ Application Data \ Microsoft
C: \ Documents and Settings \ Dana \ Application Data \ Sun
C: \ Documents and Settings \ Default User \ Application Data \ Identities
C: \ Documents and Settings \ Default User \ Application Data \ Microsoft
C: \ Documents and Settings \ Default User \ Application Data \ Sun
C: \ Documents and Settings \ Heather \ Application Data \ Identities
C: \ Documents and Settings \ Heather \ Application Data \ Macromedia
C: \ Documents and Settings \ Heather \ Application Data \ Microsoft
C: \ Documents and Settings \ Heather \ Application Data \ Sun
C: \ Documents and Settings \ Heather \ Application Data \ Webex
C: \ Documents and Settings \ Kellie \ Application Data \ Identities
C: \ Documents and Settings \ Kellie \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Kellie \ Application Data \ Macromedia
C: \ Documents and Settings \ Kellie \ Application Data \ Microsoft
C: \ Documents and Settings \ Kellie \ Application Data \ Sun
C: \ Documents and Settings \ LocalService \ Application Data \ Avg7 - EMPTY Directory
C: \ Documents and Settings \ LocalService \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser \ Application Data \ Identities
C: \ Documents and Settings \ Mcafeemvsuser \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser \ Application Data \ Sun
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01 \ Application Data \ Identities
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01 \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01 \ Application Data \ Sun
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01.000 \ Application Data \ Identities
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01.000 \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01.000 \ Application Data \ Sun
C: \ Documents and Settings \ Meredith \ Application Data \ Identities
C: \ Documents and Settings \ Meredith \ Application Data \ Microsoft
C: \ Documents and Settings \ Meredith \ Application Data \ Sonic
C: \ Documents and Settings \ Meredith \ Application Data \ Sun
C: \ Documents and Settings \ NetworkService \ Application Data \ Microsoft
C: \ Documents and Settings \ Ron \ Application Data \ 3m
C: \ Documents and Settings \ Ron \ Application Data \ 7wonders
C: \ Documents and Settings \ Ron \ Application Data \ Acccore
C: \ Documents and Settings \ Ron \ Application Data \ Adobe
C: \ Documents and Settings \ Ron \ Application Data \ Adobeaum
C: \ Documents and Settings \ Ron \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Tavoite
C: \ Documents and Settings \ Ron \ Application Data \ Avg7
C: \ Documents and Settings \ Ron \ Application Data \ BitTorrent
C: \ Documents and Settings \ Ron \ Application Data \ Cyberlink
C: \ Documents and Settings \ Ron \ Application Data \ Dňa
C: \ Documents and Settings \ Ron \ Application Data \ GameLab
C: \ Documents and Settings \ Ron \ Application Data \ Google
C: \ Documents and Settings \ Ron \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Identities
C: \ Documents and Settings \ Ron \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Ron \ Application Data \ Intuit
C: \ Documents and Settings \ Ron \ Application Data \ Ipswitch
C: \ Documents and Settings \ Ron \ Application Data \ Leadertech
C: \ Documents and Settings \ Ron \ Application Data \ Limewire
C: \ Documents and Settings \ Ron \ Application Data \ Macromedia
C: \ Documents and Settings \ Ron \ Application Data \ Math Funk Bash - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Microsoft
C: \ Documents and Settings \ Ron \ Application Data \ Mozilla
C: \ Documents and Settings \ Ron \ Application Data \ Playfirst
C: \ Documents and Settings \ Ron \ Application Data \ Simply Super Software - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Snapfish
C: \ Documents and Settings \ Ron \ Application Data \ Sonic
C: \ Documents and Settings \ Ron \ Application Data \ Tarralaput
C: \ Documents and Settings \ Ron \ Application Data \ Sun
C: \ Documents and Settings \ Ron \ Application Data \ Symantec - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Trojanhunter
C: \ Documents and Settings \ Ron \ Application Data \ Uniblue
C: \ Documents and Settings \ Ron \ Application Data \ Upload Frag
C: \ Documents and Settings \ Ron \ Application Data \ näkökulmasta
C: \ Documents and Settings \ Ron \ Application Data \ WinRAR - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Yahoo!
C: \ Documents and Settings \ Ron.old \ Application Data \ Acccore
C: \ Documents and Settings \ Ron.old \ Application Data \ Adobe
C: \ Documents and Settings \ Ron.old \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Ron.old \ Application Data \ Google
C: \ Documents and Settings \ Ron.old \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Ron.old \ Application Data \ Identities
C: \ Documents and Settings \ Ron.old \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Ron.old \ Application Data \ Macromedia
C: \ Documents and Settings \ Ron.old \ Application Data \ Microsoft
C: \ Documents and Settings \ Ron.old \ Application Data \ Myspace
C: \ Documents and Settings \ Ron.old \ Application Data \ Sun
C: \ Documents and Settings \ Shelli \ Application Data \ Adobe
C: \ Documents and Settings \ Shelli \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Shelli \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Shelli \ Application Data \ Identities
C: \ Documents and Settings \ Shelli \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Shelli \ Application Data \ Leadertech
C: \ Documents and Settings \ Shelli \ Application Data \ Macromedia
C: \ Documents and Settings \ Shelli \ Application Data \ Microsoft
C: \ Documents and Settings \ Shelli \ Application Data \ Sonic
C: \ Documents and Settings \ Shelli \ Application Data \ Sun
C: \ Documents and Settings \ Stephanie \ Application Data \ Adobe
C: \ Documents and Settings \ Stephanie \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Stephanie \ Application Data \ Google
C: \ Documents and Settings \ Stephanie \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Stephanie \ Application Data \ Identities
C: \ Documents and Settings \ Stephanie \ Application Data \ Interact Commerce
C: \ Documents and Settings \ Stephanie \ Application Data \ Leadertech
C: \ Documents and Settings \ Stephanie \ Application Data \ Macromedia
C: \ Documents and Settings \ Stephanie \ Application Data \ Microsoft
C: \ Documents and Settings \ Stephanie \ Application Data \ Sonic
C: \ Documents and Settings \ Stephanie \ Application Data \ Sun
C: \ Documents and Settings \ Susan \ Application Data \ 3m
C: \ Documents and Settings \ Susan \ Application Data \ Identities
C: \ Documents and Settings \ Susan \ Application Data \ Microsoft
C: \ Documents and Settings \ Susan \ Application Data \ Sun
C: \ Documents and Settings \ Xrbs \ Application Data \ Adobe
C: \ Documents and Settings \ Xrbs \ Application Data \ Google - EMPTY Directory
C: \ Documents and Settings \ Xrbs \ Application Data \ Identities
C: \ Documents and Settings \ Xrbs \ Application Data \ Macromedia
C: \ Documents and Settings \ Xrbs \ Application Data \ Microsoft
C: \ Documents and Settings \ Xrbs \ Application Data \ Sun
C: \ Documents and Settings \ __sbs_netsetup__ \ Application Data \ Identities
C: \ Documents and Settings \ __sbs_netsetup__ \ Application Data \ Microsoft
C: \ Documents and Settings \ __sbs_netsetup__ \ Application Data \ Sun

Uusi HiJackthis log:

Logfile ja Trend Micro HijackThis v2.0.2
Scan tallennettu klo 3:00:16 PM, annettu 3.25.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Käynnissä olevista prosesseista:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ McAfee \ Managed VirusScan \ VScan \ EngineServer.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ McAfee \ Managed VirusScan \ Agent \ myAgtSvc.exe
C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ PROGRA ~ 1 \ McAfee \ MANAGE ~ 1 \ VScan \ McShield.exe
C: \ WINDOWS \ Explorer.exe
C: \ Program Files \ Cyberlink \ PowerDVD \ DVDLauncher.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3.0 \ Apps \ apdproxy.exe
C: \ Program Files \ Brother \ ControlCenter2 \ brctrcen.exe
C: \ Program Files \ McAfee \ Managed VirusScan \ Agent \ myAgtTry.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ Program Files \ QuickTime \ qttask.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ DNA \ btdna.exe
\ Up-3 \ c $ \ Program Files \ Microsoft Office \ Office11 \ Outlook.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page =
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://companyweb
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ Cyberlink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ Common ~ 1 \ INSTAL ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-käynnistyksen
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe"-start
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [Synchronization Manager]% SystemRoot% \ system32 \ mobsync.exe / kirjautumisen
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3.0 \ Apps \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [ControlCenter2.0] C: \ Program Files \ Brother \ ControlCenter2 \ brctrcen.exe / autorun
O4 - HKLM \ .. \ Run: [MVS Splash] "C: \ Program Files \ McAfee \ Managed VirusScan \ Agent \ Splash.exe"
O4 - HKLM \ .. \ Run: [McAfee Managed Services Tray] "C: \ Program Files \ McAfee \ Managed VirusScan \ Agent \ StartMyagtTry.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-piilota
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Math ei ENSIMMÄISEN MODE] C: \ Documents and Settings \ All Users \ Application Data \ elää 64 matematiikka ei \ aamen tray.exe
O4 - HKCU \ .. \ Run: [Roadsite] C: \ DOCUME ~ 1 \ ron \ Sov ~ 1 \ UPLOAD ~ 1 \ selauspalveluita mpeg stop.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNA \ btdna.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBUpdate \ qbupdate.exe
O4 - Global Startup: Wallpaper.lnk = C: \ Taustakuvat \ Bginfo.exe
O8 - Extra yhteydessä valikkotoimintoa: E & Vie Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikros ~ 3 \ Office11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ mikros ~ 3 \ Office11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://companyweb
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Object) -- http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (3BA3B159-7533-4F96-A2CE-EE5894BBD3D5) (Scanner.SysScanner) -- http://i.dell.com/images/global/js/s...SYSSCANNER.cab
O16 - DPF: (406B5949-7190-4245-91A9-30A17DE16AD0) (Snapfish Activia) -- http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: (40C83AF8-FEA7-4A6A-A470-431EE84A0886) (SecureObjectFactory Class) -- http://vs.mcafeeasap.com/MC/ENU/VS40...0504175614.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://bl108fd.blu108.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: (5C6698D9-7BE4-4122-8EC5-291D84DBD4A0) -- http://upload.facebook.com/controls/...oUploader2.cab
O16 - DPF: (5C86F808-EDD2-4E5D-9C4F-E0D1ADA859AF) (Web Conferencing) -- http://server.mymeetingcentral.com/join_a.cab
O16 - DPF: (5F8469B4-B055-49DD-83F7-62B522420ECC) (Facebook Photo Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1149363255347
O16 - DPF: (7584C670-2274-4EFB-B00B-D6AABA6D3850) (Microsoft Terminal Services Client Control (Redist)) -- http://safari-fs/tsweb/msrdp.cab
O16 - DPF: (B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD) (TSEasyInstallX Control) -- http://www.trendsecure.com/easy_inst...syInstallX.CAB
O16 - DPF: (E06E2E99-0AA1-11D4-ABA6-0060082AA75C) (GpcContainer Class) -- https: / / ere.webex.com/client/T25L10N...nt/ieatgpc.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = safari.local
O17 - HKLM \ Software \ .. \ Telephony: Toimialuenimi = safari.local
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = safari.local
O23 - Service: Ati Pikanäppäin Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: EngineServer - McAfee, Inc. - C: \ Program Files \ McAfee \ Managed VirusScan \ VScan \ EngineServer.exe
O23 - Service: McShield - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ MANAGE ~ 1 \ VScan \ McShield.exe
O23 - Service: McAfee Virus ja Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C: \ Program Files \ McAfee \ Managed VirusScan \ Agent \ myAgtSvc.exe
O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) - Intuit - C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ FCS \ Intuit.QuickBooks.FCS. exe
--
End of file - 8722 bytes

Huomasin, että iexploree.exe on vain kääntyvät kerran tehtävänä johtaja nyt ja minulla ei ole ollut mitään ponnahdusikkunoilta vielä.
  #8  
Old 25 maaliskuu 2008, 12:07
Moderator Group
  
Default Iexplorer.exe virus

HAKU parempi, mutta vielä enemmän vasemmalle tehdä.

Luo Uninstall Luettelo
  • Alku HijackThis
  • Klikkaa Avaa Misc Työkalut osa
  • Klikkaa Avaa Uninstall Manager painiketta.
  • Klikkaa Tallenna luettelo painiketta ja määrittää, minne haluat tallentaa tiedoston ja napsauta Tallentaa.
    • Kun painat Tallentaa painiketta Muistio avaa sisällön kanssa, että tiedosto.
  • Kopioi ja liitä luetteloa vastauksenne.
__________________
  #9  
Old 26 maaliskuu 2008, 06:57
Uusi Jäsen
  
Default Iexplorer.exe virus

Anteeksi, eilen töissä sai varattu. En voinut tehdä tässä vaiheessa tai vastata takaisin. Kun olen kirjautunut kiinni minun tietokone ponnahdusikkunat takaisin tänään. Alla on unistall luettelosta.

ACT!
Adobe Download Manager 2.0 (Poista Vain)
Adobe Flash Player ActiveX
Adobe Reader 7.0.8
Adobe Shockwave Player
Adobe ® Photoshop ® Album Starter Edition 3.0
TAVOITE 6
ATI - Software Uninstall Utility
ATI Display Driver
Barracuda Networks Outlook Plugin 0.9d
Broadcom Advanced Control Suite
Brother MFL-Pro Suite
ClearType Tuning Ohjauspaneeli Applet
Compatibility Pack vuoden 2007 Office system
e / pop Web Conferencing Client
Google Earth
HijackThis 2.0.2
Korjaustiedoston Microsoft. NET Framework 3.0 (KB932471)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Intel (R) Graphics Media Accelerator Driver
Java (TM) 6 Update 2
Java (TM) 6 Update 3
Java (TM) 6 Update 5
McAfee Virus ja Spyware Protection Service
Microsoft. NET Framework 1.1
Microsoft. NET Framework 1.1
Microsoft. NET Framework 1.1 Hotfix (KB928366)
Microsoft. NET Framework 2.0 Service Pack 1
Microsoft. NET Framework 3.0 Service Pack 1
Microsoft Base Smart Card Salauslaitteet Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft kansainvälistyä Domain Names Lieventämis API
Microsoft National Language Support Downlevel API
Microsoft Office Outlook 2003
Microsoft Office Small Business Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C + + 2005 Redistributable
Mozilla Firefox (2.0.0.12)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser ja SDK
MSXML 6.0 Parser (KB933579)
PowerDVD 5.5
QuickBooks Pro 2007
QuickBooks Product Listing Service
Security Update for Step-by-Step Interactive Training (KB898458)
Security Update for Step-by-Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB946026)
Shadow Copy Client
Sonic Copy Module
Sonic DLA
Sonic Express Labeler
Sonic RecordNow Audio
Sonic RecordNow Data
Sonic Update Manager
SoundMAX
SupportSoft Assisted Service
Windows XP-päivitys (KB894391)
Windows XP-päivitys (KB898461)
Windows XP-päivitys (KB900485)
Windows XP-päivitys (KB904942)
Windows XP-päivitys (KB908531)
Windows XP-päivitys (KB910437)
Windows XP-päivitys (KB916595)
Windows XP-päivitys (KB920342)
Windows XP-päivitys (KB920872)
Windows XP-päivitys (KB922582)
Windows XP-päivitys (KB925720)
Windows XP-päivitys (KB925876)
Windows XP-päivitys (KB927891)
Windows XP-päivitys (KB929338)
Windows XP-päivitys (KB930916)
Windows XP-päivitys (KB931836)
Windows XP-päivitys (KB933360)
Windows XP-päivitys (KB936357)
Windows XP-päivitys (KB938828)
Windows XP-päivitys (KB942763)
WebEx
Windows Defender
Windows Defender Allekirjoitukset
Windows Imaging Component
Windows Internet Explorer 7
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
WinRAR Archiver
  #10  
Old 26 maaliskuu 2008, 08:12
Moderator Group
  
Default Iexplorer.exe virus

Siirry Oma tietokone-> Työkalut-> Kansion asetukset-> Näytä -välilehti:
  • Nojalla Piilotetut tiedostot ja kansiot otsikko:
  • Valitse Näytä piilotetut tiedostot ja kansiot.
  • Poista Piilota suojatut käyttöjärjestelmätiedostot (suositus)-vaihtoehto.
  • Varmista myös, ei ole tarkistusmerkkiä vieressä Piilota tiedostopäätteitä tunnettujen tiedostotyyppien tunnisteet -.
  • Valitse OK

----------

Mene lisää / poista sovellus ja poista seuraavat:
  • Java (TM) 6 Update 2
  • Java (TM) 6 Update 3
----------

Avaa Hijackthis ja valitse Tee järjestelmän tarkistus vain.

Aseta valintamerkki vieressä seuraavista maininnoista: (jos on)
  • O4 - HKLM \ .. \ Run: [Math ei ENSIMMÄISEN MODE] C: \ Documents and Settings \ All Users \ Application Data \ elää 64 matematiikka ei \ aamen tray.exe
  • O4 - HKCU \ .. \ Run: [Roadsite] C: \ DOCUME ~ 1 \ ron \ Sov ~ 1 \ UPLOAD ~ 1 \ selauspalveluita mpeg stop.exe
Tärkeää: Sulje kaikki ikkunat lukuun ottamatta Hijackthis ja valitse sitten Korjaa tarkastetaan.

Poistu Hijackthis.

----------

Nyt kaksoisnapsauta Oma tietokone sen työpöydän ja etsi näitä kansiot ja poistaa koko kansio.

C: \ Documents and Settings \ All Users \ Application Data \live 64 matematiikka ei

C: \ Documents and Settings \ ron \ Application Data \UPLOAD ~ 1

TheUPLOAD ~ 1 on lyhennetty jotain, mutta se alkaa Lähetä.

----------

Ole hyvä ja lataa Combofix jonka Subs jonkin alle linkkejä.
(Yritä kaikki kolme tarvittaessa)Tärkeää! Combofix.exe MUST tallennetaan ja juoksi alkaen Desktop.
  • Sulje kaikki avoimet Internet-selaimissa. (Firefox, Internet Explorer jne.) ennen Combofix.
  • Tärkeää! Väliaikaisesti poistaa käytöstä sinun antivirus, komentosarjojen esto ja kaikki AntiSpyware reaaliaikainen suoja ennen suorittamalla skannata.
    • Valitse linkki nähdä luettelon tietoturvaohjelmia, että otetaan huomioon myös vammaisten ja miten poistaa ne käytöstä.
    • Jos koneesi ei ole luettelossa ja et tiedä miten sen pois, kysy.
  • Varoitus: Combofix katkaisee tietokonetta Internetissä. Yhteyden automaattisesti palauttaa ennen Combofix päättää aikavälillä.
  • Kaksoisnapsauta combofix.exe ja seuraa ohjeita.
    • From näppäimistön valitse 1 ja paina Anna
  • Kun olet valmis, se tuottaa lokin sinulle.
  • Post, että kirjaudut sisään seuraavan vastauksen.
Varoitus: Älä mouseclick combofix ikkunassa, kun se on käynnissä. Tämä saattaa aiheuttaa sen, pilttuu
  • Jos Combofix joutuu vaikeuksissa ja päättyy ennenaikaisesti, yhteys voidaan manuaalisesti palauttaa tietokoneen käynnistämistä uudelleen.
  • Tärkeää: Muista uudelleen käyttöön virustentorjuntaohjelmasi ja antispyware ennen uuden yhteyden Internetiin.

----------

Seuraava post lisää
Combofix log

Lisäksi haluaisin tietää, miten asiat ovat nyt.
__________________
Reply

Register

Kirjanmerkit

Samanlaisia Threads
Kierre Thread Starter Forum Vastaukset Last Post
Iexplorer huono imago-HELPPPP Please soupman23 Virusten, vakoiluohjelmien & Security 11 29. Joulukuu 2008 00:52
Iexplorer.exe virus - ole hyvä ja auta minua! Giant Panda Virusten, vakoiluohjelmien & Security 2 6. lokakuu 2008 14:55
IEXPLORER.EXE virus pls tarkistaa Hijack loki nitingaur Virusten, vakoiluohjelmien & Security 15 22. Sep 2008 16:40
Saan sen bone.exe virus minun iexplorer damandg Virusten, vakoiluohjelmien & Security 12 14. Jul 2008 14:31
Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe euphotix Virusten, vakoiluohjelmien & Security 8 17th Jan 2008 23:55
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Yhteydenotto -- Yksityisyydensuoja -- Sivukartta -- Ylös

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO on vBSEO © 2009, indeksoitavuutta, Inc.