IEXPLORER.EXE virusas

iuboy2006 · #1 Kovas 25, 2008, 10:06

Labas,
Aš pastebėjau, pop-up prasidėjo Popping beveik kas porą minučių į savo kompiuterį. Aš pastebėjau, į Task Manager, kad paprastai yra trys IEXPLORER.EXE užduotis atidaryti visą laiką. Aš išbandžiau keletą antivirusinių ir anti-spyware programas ir nieko atrodo, kad atsikratyti jos. Aš tiesiog paėmė Prisijungti su Perimti šią ...... Can anyone help?

Thanks so much!

Logfile Trend Micro HijackThis v2.0.2
Skaitymo išsaugotas 1:10:32 dėl 3/25/2008
Platforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Veikia procesus:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ McAfee \ Tvarko VirusScan \ VScan \ EngineServer.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ McAfee \ Tvarko VirusScan \ Agent \ myAgtSvc.exe
C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Požiūris \ Common \ ViewpointService.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ PROGRA ~ 1 \ McAfee \ KONTROLĖ ~ 1 \ VScan \ mcshield.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3.0 \ Apps \ apdproxy.exe
C: \ Program Files \ Brother \ ControlCenter2 \ brctrcen.exe
C: \ Program Files \ McAfee \ Tvarko VirusScan \ Agent \ myAgtTry.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ Program Files \ QuickTime \ qttask.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE
C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe
C: \ Program Files \ DNA \ btdna.exe
C: \ Program Files \ Outlook \ Office11 \ Outlook.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ McAfee \ Tvarko VirusScan \ Agent \ UpdDlg.exe
C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.0 \ Windows Communication Foundation \ infocard.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://companyweb/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://Companyweb
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-startup
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe" pradžios
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [Synchronization Manager]% SystemRoot% \ System32 \ mobsync.exe / logon
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3.0 \ Apps \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [ControlCenter2.0] C: \ Program Files \ Brother \ ControlCenter2 \ brctrcen.exe / autorun
O4 - HKLM \ .. \ Run: [MVS Splash] "C: \ Program Files \ McAfee \ Tvarko VirusScan \ Agent \ Splash.exe"
O4 - HKLM \ .. \ Run: [McAfee Tvarko Paslaugos Tray] "C: \ Program Files \ McAfee \ Tvarko VirusScan \ Agent \ StartMyagtTry.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [MATH YRA PIRMASIS MODE] C: \ Documents and Settings \ All Users \ Application Data \ Live 64 Math veikia \ amen tray.exe
O4 - HKCU \ .. \ Run: [Roadsite] C: \ DOCUME ~ 1 \ RON \ applic ~ 1 \ PERDAVIMAS ~ 1 \ naršyti MPEG stop.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNA \ btdna.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: QuickBooks Atnaujinti Agent.lnk = C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBUpdate \ qbupdate.exe
O4 - Global Startup: Wallpaper.lnk = C: \ Fono \ Bginfo.exe
O8 - Extra kontekstinio meniu punktą: E & Eksportuoti į "Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ Xpsp3res.dll, -20.001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://Companyweb
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi klasė) -- http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Object) -- http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (3BA3B159-7533-4F96-A2CE-EE5894BBD3D5) (Scanner.SysScanner) -- http://i.dell.com/images/global/js/s...SYSSCANNER.cab
O16 - DPF: (406B5949-7190-4245-91A9-30A17DE16AD0) (Snapfish Activia) -- http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: (40C83AF8-FEA7-4A6A-A470-431EE84A0886) (SecureObjectFactory klasė) -- http://vs.mcafeeasap.com/MC/ENU/VS40...0504175614.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://bl108fd.blu108.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: (5C6698D9-7BE4-4122-8EC5-291D84DBD4A0) -- http://upload.facebook.com/controls/...oUploader2.cab
O16 - DPF: (5C86F808-EDD2-4E5D-9C4F-E0D1ADA859AF) (Web conferencing) -- http://server.mymeetingcentral.com/join_a.cab
O16 - DPF: (5F8469B4-49DD-B055-83F7-62B522420ECC) (Facebook Nuotraukų Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klasė) -- http://update.microsoft.com/microsof...?1149363255347
O16 - DPF: (7584C670-2274-4EFB-B00B-D6AABA6D3850) (Microsoft Terminal Services Client Control (Redist)) -- http://safari-fs/tsweb/msrdp.cab
O16 - DPF: (B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD) (TSEasyInstallX Control) -- http://www.trendsecure.com/easy_inst...syInstallX.CAB
O16 - DPF: (E06E2E99-0AA1-11D4-ABA6-0060082AA75C) (GpcContainer klasė) -- https: / / ere.webex.com/client/T25L10N...nt/ieatgpc.cab
Ø17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = safari.local
Ø17 - HKLM \ Software \ .. \ Telephony: domain = safari.local
Ø17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = safari.local
O23 - Service: ATI HotKey Rinkėjas - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: EngineServer - McAfee, Inc - C: \ Program Files \ McAfee \ Tvarko VirusScan \ VScan \ EngineServer.exe
O23 - Service: McShield - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ KONTROLĖ ~ 1 \ VScan \ mcshield.exe
O23 - Service: McAfee virusų ir šnipinėjimo programų apsaugos tarnybos (myAgtSvc) - McAfee, Inc - C: \ Program Files \ McAfee \ Tvarko VirusScan \ Agent \ myAgtSvc.exe
O23 - Service: QuickBooks duomenų valdytojo tarnybos (QBCFMonitorService) - Intuit - C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc - C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ FCS \ Intuit.QuickBooks.FCS. exe
O23 - Service: Požiūris vadybininkas Paslaugos - Požiūris Corporation - C: \ Program Files \ Požiūris \ Common \ ViewpointService.exe
--
End of file - 9.346 baitų

**KanoakaVirus** · #2 Kovas 25, 2008, 10:27

Jums reikia tik 1 antivirusinę ir šnipinėjimo programą, bet Išminčius jos gali prieštarauti, ar turite užkardą? vienas, kad gali blokuoti tiek įeinantis ir išeinantis? jei ne galiu rasti už Comodo labai gera nemokama ugniasienė nuorodą. Be to, kas šnipinėjimo turite? turėjau nuolatinį pop iki 3 mėnesių, kad Spybot S & D išspręstos.

iuboy2006 · #3 Kovas 25, 2008, 10:31

Na, tai mano darbo kompiuteryje. Mes McAfee. I downloaded ir bandė Spybot Search & Destroy, avg spyware, AVG Anti-Virus, registro blokatorių, ir keletą kitų negaliu prisiminti. Nieko kas pasirodo, kai aš su jais nuskaityta kompiuteryje, jis visada sako visi clean.This vyksta jau keletą mėnesių.

**Hybr! D** · #4 Kovas 25, 2008, 10:32

Kanoakavirus.

Leiskite man pasakyti tai aiškiai.

Mes turime profesionalių kenkėjiškų programų šalinimo procedūra čia ne CJ.

Jei neturite noro toliau ji ten likti iš šių siūlų.

Ačiū.

**KanoakaVirus** · #5 Kovas 25, 2008, 10:34

Gerai.

**evilfantasy** · #6 Kovas 25, 2008, 10:55

Atsisiųsti NoLop į darbalaukį į žemiau esančią nuorodą viena iš ...

Uždarykite visas programas, kurios veikia nuo perkrauti reikia
Dukart spustelėkite NoLop.exe paleisti
Kitas, spauskite mygtuką: Search and Destroy
- Jūsų kompiuteryje dabar bus nuskaityta infekuotų failų
Kai nuskaito apdailai, jeigu infekuota, esate raginami iš naujo paleisti
Spustelėkite Gerai
Dabar spauskite: Reboot
Pranešimas turėtų iššokantį nuo NoLop. Jei ne, dukart spustelėkite programos ir vėl jį baigs.
Rašyti turinys C: \ NoLop.log į kitą atsakymą.

Pastaba Jei gaunate klaidos pranešimą "mscomctl.ocx arba vienas iš jo priklausomybės nėra tinkamai įregistruotas," atsisiųskite mscomctl.ocx į aplanką System32 tada Pakartotinas programa.

----------

Jūs Požiūris įdiegta.

Viewpoint Media Player "/ Manager / įrankių juosta yra laikomas foistware vietoj kenkėjiškų programų nes ji yra įdiegiama be vartotojai patvirtinimo, bet ne šnipinėjimo ar daryti ką nors "blogo". Matyti Požiūris pasinerti į Adware

Manoma, kad pašalintumėte programą dabar.
Pereiti į Pradėti> Parametrai> Valdymo skydas> Add / Remove Programs ir panaikinti šias programas, jeigu dabar.

Požiūris
Požiūris vadybininkas
Viewpoint Media Player "
Požiūris juosta
Požiūris Patirtis Technologijos

Jei turite problemų šalinimo požiūriu Siūlyčiau naudoti ViewpointKiller

Kai turite atsisiųsti ViewpointKiller, išpakuokite jį į patogią vietą, pavyzdžiui, kompiuteryje.
Pradėti ViewpointKiller, ir pasirinkite File> Ar visi žudymams
Vykdykite ekrane, pasirinkite Taip arba Ne, Priklausomai nuo to, kuris pasirinkimas jums labiausiai tinka.

----------

Pervadinti HijackThis ir paleisti naują skenavimas tada rašyti, kad žurnalas taip pat.

Eikite į C: \ Program Files \ Trend Micro \HijackThis.exe
Dešiniuoju pelės mygtuku spustelėkite HijackThis.exe pasirinkite Pervadinti.
Įveskite sniper.exe paspauskite Registracija.
Dešiniuoju pelės mygtuku spustelėkite ant sniper.exe pasirinkite Siųsti > Desktop (Sukurti nuorodą)

Nors mes pervadintas HijackThis Snaiperis, mes vis dar galime kreiptis į jį kaip HijackThis arba HJT.

----------

Sekantis prašome pridėti
Nr Lop Prisijungti
Naujas HijackThis

iuboy2006 · #7 Kovas 25, 2008, 11:57

NoLop Prisijungti:

NoLop! Prisijungti by Skate_Punk_21
Fix skaičiuojamas nuo: C: \ Documents and Settings \ RON \ Desktop
[3/25/2008]
[2:21:40]
--- Infekcija Failai Found/Removed---
C: \ WINDOWS \ užduočių \ 8862BA9A82712A82.job
Pradžia šalinimo ...
Paleista ...
Šalinama Lop's Leftover files / folders ...
Taisomas registro ...
** Fix Complete! **
--- Sąrašas AppData sub katalogų ---
C: \ Documents and Settings \ Administrator \ Application Data \ Identities
C: \ Documents and Settings \ Administrator \ Application Data \ Microsoft
C: \ Documents and Settings \ Administrator \ Application Data \ Sun
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Adobe
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Adobeaum
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Adobeum - tuščią katalogą
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Identities
C: \ Documents and Settings \ Administrator.safari \ Application Data \ INTERACT komercija
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Microsoft
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Sun
C: \ Documents and Settings \ All Users \ Application Data \ Acronis
C: \ Documents and Settings \ All Users \ Application Data \ Adobe
C: \ Documents and Settings \ All Users \ Application Data \ Aol
C: \ Documents and Settings \ All Users \ Application Data \ Aol Atsisiuntimai
C: \ Documents and Settings \ All Users \ Application Data \ Aol OCP
C: \ Documents and Settings \ All Users \ Application Data \ Avg7 - tuščią katalogą
C: \ Documents and Settings \ All Users \ Application Data \ brolis
C: \ Documents and Settings \ All Users \ Application Data \ Common Files
C: \ Documents and Settings \ All Users \ Application Data \ Google
C: \ Documents and Settings \ All Users \ Application Data \ Grisoft
C: \ Documents and Settings \ All Users \ Application Data \ InstallShield
C: \ Documents and Settings \ All Users \ Application Data \ Intuit
C: \ Documents and Settings \ All Users \ Application Data \ Lavasoft
C: \ Documents and Settings \ All Users \ Application Data \ Matematika Ar Live 64
C: \ Documents and Settings \ All Users \ Application Data \ Microsoft
C: \ Documents and Settings \ All Users \ Application Data \ Mumbojumbo
C: \ Documents and Settings \ All Users \ Application Data \ Protexis
C: \ Documents and Settings \ All Users \ Application Data \ Dykuma Žaidimai
C: \ Documents and Settings \ All Users \ Application Data \ Sbsi
C: \ Documents and Settings \ All Users \ Application Data \ Tiesiog super Software
C: \ Documents and Settings \ All Users \ Application Data \ Temp - tuščią katalogą
C: \ Documents and Settings \ All Users \ Application Data \ Trymedia
C: \ Documents and Settings \ All Users \ Application Data \ Požiūris
C: \ Documents and Settings \ All Users \ Application Data \ Windows Genuine Advantage
C: \ Documents and Settings \ All Users \ Application Data \ Yahoo!
C: \ Documents and Settings \ Allison \ Application Data \ 3M
C: \ Documents and Settings \ Allison \ Application Data \ Adobe
C: \ Documents and Settings \ Allison \ Application Data \ Adobeum - tuščią katalogą
C: \ Documents and Settings \ Allison \ Application Data \ CoffeeCup Software
C: \ Documents and Settings \ Allison \ Application Data \ CyberLink
C: \ Documents and Settings \ Allison \ Application Data \ Global
C: \ Documents and Settings \ Allison \ Application Data \ Google
C: \ Documents and Settings \ Allison \ Application Data \ Pagalba - tuščią katalogą
C: \ Documents and Settings \ Allison \ Application Data \ Identities
C: \ Documents and Settings \ Allison \ Application Data \ InstallShield įrengimas Informacija
C: \ Documents and Settings \ Allison \ Application Data \ INTERACT komercija
C: \ Documents and Settings \ Allison \ Application Data \ Intuit
C: \ Documents and Settings \ Allison \ Application Data \ Ipswitch
C: \ Documents and Settings \ Allison \ Application Data \ Leadertech
C: \ Documents and Settings \ Allison \ Application Data \ Macromedia
C: \ Documents and Settings \ Allison \ Application Data \ Microsoft
C: \ Documents and Settings \ Allison \ Application Data \ Mozilla
C: \ Documents and Settings \ Allison \ Application Data \ SmartFTP
C: \ Documents and Settings \ Allison \ Application Data \ Snapfish
C: \ Documents and Settings \ Allison \ Application Data \ Sonic
C: \ Documents and Settings \ Allison \ Application Data \ Sun
C: \ Documents and Settings \ Allison \ Application Data \ Symantec - tuščią katalogą
C: \ Documents and Settings \ Allison \ Application Data \ open Frag - tuščią katalogą
C: \ Documents and Settings \ Allison \ Application Data \ WebEx
C: \ Documents and Settings \ Allison \ Application Data \ Yahoo!
C: \ Documents and Settings \ Allison \ Application Data \ (d4914e09-364e-480A-835b-91f1f8c21e8c)
C: \ Documents and Settings \ Application Data \ Application Data \ Microsoft
C: \ Documents and Settings \ Dana \ Application Data \ 3M
C: \ Documents and Settings \ Dana \ Application Data \ Identities
C: \ Documents and Settings \ Dana \ Application Data \ Microsoft
C: \ Documents and Settings \ Dana \ Application Data \ Sun
C: \ Documents and Settings \ Default User \ Application Data \ Identities
C: \ Documents and Settings \ Default User \ Application Data \ Microsoft
C: \ Documents and Settings \ Default User \ Application Data \ Sun
C: \ Documents and Settings \ Heather \ Application Data \ Identities
C: \ Documents and Settings \ Heather \ Application Data \ Macromedia
C: \ Documents and Settings \ Heather \ Application Data \ Microsoft
C: \ Documents and Settings \ Heather \ Application Data \ Sun
C: \ Documents and Settings \ Heather \ Application Data \ WebEx
C: \ Documents and Settings \ Kellie \ Application Data \ Identities
C: \ Documents and Settings \ Kellie \ Application Data \ INTERACT komercija
C: \ Documents and Settings \ Kellie \ Application Data \ Macromedia
C: \ Documents and Settings \ Kellie \ Application Data \ Microsoft
C: \ Documents and Settings \ Kellie \ Application Data \ Sun
C: \ Documents and Settings \ Localservice \ Application Data \ Avg7 - tuščią katalogą
C: \ Documents and Settings \ Localservice \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser \ Application Data \ Identities
C: \ Documents and Settings \ Mcafeemvsuser \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser \ Application Data \ Sun
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01 \ Application Data \ Identities
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01 \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01 \ Application Data \ Sun
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01.000 \ Application Data \ Identities
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01.000 \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01.000 \ Application Data \ Sun
C: \ Documents and Settings \ Meredith \ Application Data \ Identities
C: \ Documents and Settings \ Meredith \ Application Data \ Microsoft
C: \ Documents and Settings \ Meredith \ Application Data \ Sonic
C: \ Documents and Settings \ Meredith \ Application Data \ Sun
C: \ Documents and Settings \ NetworkService \ Application Data \ Microsoft
C: \ Documents and Settings \ Ron \ Application Data \ 3M
C: \ Documents and Settings \ Ron \ Application Data \ 7wonders
C: \ Documents and Settings \ Ron \ Application Data \ Acccore
C: \ Documents and Settings \ Ron \ Application Data \ Adobe
C: \ Documents and Settings \ Ron \ Application Data \ Adobeaum
C: \ Documents and Settings \ Ron \ Application Data \ Adobeum - tuščią katalogą
C: \ Documents and Settings \ Ron \ Application Data \ Tikslas
C: \ Documents and Settings \ Ron \ Application Data \ Avg7
C: \ Documents and Settings \ Ron \ Application Data \ Bittorrent
C: \ Documents and Settings \ Ron \ Application Data \ CyberLink
C: \ Documents and Settings \ Ron \ Application Data \ Dna
C: \ Documents and Settings \ Ron \ Application Data \ Gamelab
C: \ Documents and Settings \ Ron \ Application Data \ Google
C: \ Documents and Settings \ Ron \ Application Data \ Pagalba - tuščią katalogą
C: \ Documents and Settings \ Ron \ Application Data \ Identities
C: \ Documents and Settings \ Ron \ Application Data \ INTERACT komercija
C: \ Documents and Settings \ Ron \ Application Data \ Intuit
C: \ Documents and Settings \ Ron \ Application Data \ Ipswitch
C: \ Documents and Settings \ Ron \ Application Data \ Leadertech
C: \ Documents and Settings \ Ron \ Application Data \ Limewire
C: \ Documents and Settings \ Ron \ Application Data \ Macromedia
C: \ Documents and Settings \ Ron \ Application Data \ Matematika Funk Bash - tuščią katalogą
C: \ Documents and Settings \ Ron \ Application Data \ Microsoft
C: \ Documents and Settings \ Ron \ Application Data \ Mozilla
C: \ Documents and Settings \ Ron \ Application Data \ Playfirst
C: \ Documents and Settings \ Ron \ Application Data \ Tiesiog super Software - tuščią katalogą
C: \ Documents and Settings \ Ron \ Application Data \ Snapfish
C: \ Documents and Settings \ Ron \ Application Data \ Sonic
C: \ Documents and Settings \ Ron \ Application Data \ Stickies
C: \ Documents and Settings \ Ron \ Application Data \ Sun
C: \ Documents and Settings \ Ron \ Application Data \ Symantec - tuščią katalogą
C: \ Documents and Settings \ Ron \ Application Data \ Trojanhunter
C: \ Documents and Settings \ Ron \ Application Data \ Uniblue
C: \ Documents and Settings \ Ron \ Application Data \ open Frag
C: \ Documents and Settings \ Ron \ Application Data \ Požiūris
C: \ Documents and Settings \ Ron \ Application Data \ WinRAR - tuščią katalogą
C: \ Documents and Settings \ Ron \ Application Data \ Yahoo!
C: \ Documents and Settings \ Ron.old \ Application Data \ Acccore
C: \ Documents and Settings \ Ron.old \ Application Data \ Adobe
C: \ Documents and Settings \ Ron.old \ Application Data \ Adobeum - tuščią katalogą
C: \ Documents and Settings \ Ron.old \ Application Data \ Google
C: \ Documents and Settings \ Ron.old \ Application Data \ Pagalba - tuščią katalogą
C: \ Documents and Settings \ Ron.old \ Application Data \ Identities
C: \ Documents and Settings \ Ron.old \ Application Data \ INTERACT komercija
C: \ Documents and Settings \ Ron.old \ Application Data \ Macromedia
C: \ Documents and Settings \ Ron.old \ Application Data \ Microsoft
C: \ Documents and Settings \ Ron.old \ Application Data \ MySpace
C: \ Documents and Settings \ Ron.old \ Application Data \ Sun
C: \ Documents and Settings \ Shelli \ Application Data \ Adobe
C: \ Documents and Settings \ Shelli \ Application Data \ Adobeum - tuščią katalogą
C: \ Documents and Settings \ Shelli \ Application Data \ Pagalba - tuščią katalogą
C: \ Documents and Settings \ Shelli \ Application Data \ Identities
C: \ Documents and Settings \ Shelli \ Application Data \ INTERACT komercija
C: \ Documents and Settings \ Shelli \ Application Data \ Leadertech
C: \ Documents and Settings \ Shelli \ Application Data \ Macromedia
C: \ Documents and Settings \ Shelli \ Application Data \ Microsoft
C: \ Documents and Settings \ Shelli \ Application Data \ Sonic
C: \ Documents and Settings \ Shelli \ Application Data \ Sun
C: \ Documents and Settings \ Stephanie \ Application Data \ Adobe
C: \ Documents and Settings \ Stephanie \ Application Data \ Adobeum - tuščią katalogą
C: \ Documents and Settings \ Stephanie \ Application Data \ Google
C: \ Documents and Settings \ Stephanie \ Application Data \ Pagalba - tuščią katalogą
C: \ Documents and Settings \ Stephanie \ Application Data \ Identities
C: \ Documents and Settings \ Stephanie \ Application Data \ INTERACT komercija
C: \ Documents and Settings \ Stephanie \ Application Data \ Leadertech
C: \ Documents and Settings \ Stephanie \ Application Data \ Macromedia
C: \ Documents and Settings \ Stephanie \ Application Data \ Microsoft
C: \ Documents and Settings \ Stephanie \ Application Data \ Sonic
C: \ Documents and Settings \ Stephanie \ Application Data \ Sun
C: \ Documents and Settings \ Susan \ Application Data \ 3M
C: \ Documents and Settings \ Susan \ Application Data \ Identities
C: \ Documents and Settings \ Susan \ Application Data \ Microsoft
C: \ Documents and Settings \ Susan \ Application Data \ Sun
C: \ Documents and Settings \ Xrbs \ Application Data \ Adobe
C: \ Documents and Settings \ Xrbs \ Application Data \ Google - tuščią katalogą
C: \ Documents and Settings \ Xrbs \ Application Data \ Identities
C: \ Documents and Settings \ Xrbs \ Application Data \ Macromedia
C: \ Documents and Settings \ Xrbs \ Application Data \ Microsoft
C: \ Documents and Settings \ Xrbs \ Application Data \ Sun
C: \ Documents and Settings \ __sbs_netsetup__ \ Application Data \ Identities
C: \ Documents and Settings \ __sbs_netsetup__ \ Application Data \ Microsoft
C: \ Documents and Settings \ __sbs_netsetup__ \ Application Data \ Sun

Naujas HijackThis:

Logfile Trend Micro HijackThis v2.0.2
Skaitymo išsaugotas 3:00:16 dėl 3/25/2008
Platforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Veikia procesus:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ McAfee \ Tvarko VirusScan \ VScan \ EngineServer.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ McAfee \ Tvarko VirusScan \ Agent \ myAgtSvc.exe
C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ PROGRA ~ 1 \ McAfee \ KONTROLĖ ~ 1 \ VScan \ mcshield.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3.0 \ Apps \ apdproxy.exe
C: \ Program Files \ Brother \ ControlCenter2 \ brctrcen.exe
C: \ Program Files \ McAfee \ Tvarko VirusScan \ Agent \ myAgtTry.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ Program Files \ QuickTime \ qttask.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ DNA \ btdna.exe
\ Up-3 \ c $ \ Program Files \ Microsoft Office \ Office11 \ Outlook.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page =
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://Companyweb
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-startup
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe" pradžios
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [Synchronization Manager]% SystemRoot% \ System32 \ mobsync.exe / logon
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3.0 \ Apps \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [ControlCenter2.0] C: \ Program Files \ Brother \ ControlCenter2 \ brctrcen.exe / autorun
O4 - HKLM \ .. \ Run: [MVS Splash] "C: \ Program Files \ McAfee \ Tvarko VirusScan \ Agent \ Splash.exe"
O4 - HKLM \ .. \ Run: [McAfee Tvarko Paslaugos Tray] "C: \ Program Files \ McAfee \ Tvarko VirusScan \ Agent \ StartMyagtTry.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [MATH YRA PIRMASIS MODE] C: \ Documents and Settings \ All Users \ Application Data \ Live 64 Math veikia \ amen tray.exe
O4 - HKCU \ .. \ Run: [Roadsite] C: \ DOCUME ~ 1 \ RON \ applic ~ 1 \ PERDAVIMAS ~ 1 \ naršyti MPEG stop.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNA \ btdna.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: QuickBooks Atnaujinti Agent.lnk = C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBUpdate \ qbupdate.exe
O4 - Global Startup: Wallpaper.lnk = C: \ Fono \ Bginfo.exe
O8 - Extra kontekstinio meniu punktą: E & Eksportuoti į "Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ Xpsp3res.dll, -20.001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://Companyweb
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi klasė) -- http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Object) -- http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (3BA3B159-7533-4F96-A2CE-EE5894BBD3D5) (Scanner.SysScanner) -- http://i.dell.com/images/global/js/s...SYSSCANNER.cab
O16 - DPF: (406B5949-7190-4245-91A9-30A17DE16AD0) (Snapfish Activia) -- http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: (40C83AF8-FEA7-4A6A-A470-431EE84A0886) (SecureObjectFactory klasė) -- http://vs.mcafeeasap.com/MC/ENU/VS40...0504175614.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://bl108fd.blu108.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: (5C6698D9-7BE4-4122-8EC5-291D84DBD4A0) -- http://upload.facebook.com/controls/...oUploader2.cab
O16 - DPF: (5C86F808-EDD2-4E5D-9C4F-E0D1ADA859AF) (Web conferencing) -- http://server.mymeetingcentral.com/join_a.cab
O16 - DPF: (5F8469B4-49DD-B055-83F7-62B522420ECC) (Facebook Nuotraukų Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klasė) -- http://update.microsoft.com/microsof...?1149363255347
O16 - DPF: (7584C670-2274-4EFB-B00B-D6AABA6D3850) (Microsoft Terminal Services Client Control (Redist)) -- http://safari-fs/tsweb/msrdp.cab
O16 - DPF: (B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD) (TSEasyInstallX Control) -- http://www.trendsecure.com/easy_inst...syInstallX.CAB
O16 - DPF: (E06E2E99-0AA1-11D4-ABA6-0060082AA75C) (GpcContainer klasė) -- https: / / ere.webex.com/client/T25L10N...nt/ieatgpc.cab
Ø17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = safari.local
Ø17 - HKLM \ Software \ .. \ Telephony: domain = safari.local
Ø17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = safari.local
O23 - Service: ATI HotKey Rinkėjas - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: EngineServer - McAfee, Inc - C: \ Program Files \ McAfee \ Tvarko VirusScan \ VScan \ EngineServer.exe
O23 - Service: McShield - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ KONTROLĖ ~ 1 \ VScan \ mcshield.exe
O23 - Service: McAfee virusų ir šnipinėjimo programų apsaugos tarnybos (myAgtSvc) - McAfee, Inc - C: \ Program Files \ McAfee \ Tvarko VirusScan \ Agent \ myAgtSvc.exe
O23 - Service: QuickBooks duomenų valdytojo tarnybos (QBCFMonitorService) - Intuit - C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc - C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ FCS \ Intuit.QuickBooks.FCS. exe
--
End of file - 8.722 baitų

Aš pastebėjau, kad iexploree.exe tik Popping kartą apie Task Manager dabar ir aš neturėjo jokių iššokančių langų dar.

**evilfantasy** · #8 Kovas 25, 2008, 12:07

Ieškote geriau, bet dar daugiau liko padaryti.

Sukurti Pašalinti sąrašą

Pradžia HijackThis
Spauskite Atidaryti Misc Tools Section
Spauskite Atidaryti Uninstall Manager mygtuką.
Spauskite Išsaugoti sąrašą mygtuką ir nurodykite, kur norite išsaugoti failą ir paspauskite Saugoti.
- Paspaudus Saugoti mygtuką Notepad bus atidaryti nurodyto failo turinį.
Nukopijuokite ir įklijuokite šį sąrašą savo atsakymą.

iuboy2006 · #9 Kovas 26, 2008, 06:57

Atsiprašome, vakar darbe gavau užimtas. Aš negalėjo atlikti šį veiksmą, arba atsakyti atgal. Kai esate prisijungę prie "My Computer" pop-up buvo atgal ir šiandien. Žemiau yra unistall sąrašą.

ACT!
Adobe Download Manager 2.0 (pašalinti tik)
Adobe Flash Player "ActiveX
Adobe Reader 7.0.8
Adobe Shockwave Player
Adobe ® Photoshop ® Album Starter Edition 3,0
TIKSLAS 6
ATI - Software Pašalinti Naudingumas
ATI Display Driver
Barracuda Networks "Outlook plugin 0.9d
Broadcom Išplėstinė kontrolės Suite
Brother mfl-PRO SUITE
Tiuningas ClearType Control Panel applet
Suderinamumo paketas, skirtas 2007 Microsoft Office sistemos
e / pop Web conferencing klientas
Google Earth
HijackThis 2.0.2
Karštųjų Microsoft. NET Framework 3.0 (KB932471)
Karštųjų Windows Media Format 11 SDK (KB929399)
Karštųjų Windows Media Format SDK (KB902344)
Karštųjų Windows Media Player 11 "(KB939683)
Karštųjų Windows XP (KB896344)
Karštųjų Windows XP (KB914440)
Karštųjų Windows XP (KB915865)
Karštųjų Windows XP (KB926239)
Intel (R) Graphics Media Accelerator Driver
Java (TM) 6 Update 2
Java (TM) 6 Update 3
Java (TM) 6 Update 5
McAfee virusų ir šnipinėjimo programų apsaugos tarnyba
Microsoft. NET Framework 1.1
Microsoft. NET Framework 1.1
Microsoft. NET Framework 1.1 Hotfix (KB928366)
Microsoft. NET Framework 2.0 Service Pack 1
Microsoft. NET Framework 3.0 Service Pack 1
Microsoft bazėje Smart Card Cryptographic Service Provider kodo
Microsoft Compression Client Pack 1.0 for Windows XP
"Microsoft" Domenų vardai minkštinimo API
Microsoft "National Language Support Downlevel API
Office Microsoft Outlook 2003 "
Microsoft Office Small Business Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C + + 2005 Redistributable
Mozilla Firefox (2.0.0.12)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser SDK ir
MSXML 6.0 Parser (KB933579)
PowerDVD 5,5
QuickBooks Pro 2007
QuickBooks Produktų sąrašas tarnyba
Naujinimas, skirtas Step by Step Interactive Training (KB898458)
Naujinimas, skirtas Step by Step Interactive Training (KB923723)
Naujinimas skirtas "Windows Internet Explorer 7" (KB928090)
Naujinimas skirtas "Windows Internet Explorer 7" (KB929969)
Naujinimas skirtas "Windows Internet Explorer 7" (KB931768)
Naujinimas skirtas "Windows Internet Explorer 7" (KB933566)
Naujinimas skirtas "Windows Internet Explorer 7" (KB937143)
Naujinimas skirtas "Windows Internet Explorer 7" (KB938127)
Naujinimas skirtas "Windows Internet Explorer 7" (KB939653)
Naujinimas skirtas "Windows Internet Explorer 7" (KB942615)
Naujinimas skirtas "Windows Internet Explorer 7" (KB944533)
Naujinimas skirtas "Windows Media Player (KB911564)
Naujinimas skirtas "Windows Media Player 10" (KB917734)
Naujinimas skirtas "Windows Media Player 11" (KB936782)
Naujinimas skirtas "Windows Media Player 6.4 (KB925398)
Naujinimas skirtas "Windows XP (KB890046)
Naujinimas skirtas "Windows XP (KB893756)
Naujinimas skirtas "Windows XP (KB896428)
Naujinimas skirtas "Windows XP (KB899587)
Naujinimas skirtas "Windows XP (KB899589)
Naujinimas skirtas "Windows XP (KB900725)
Naujinimas skirtas "Windows XP (KB901017)
Naujinimas skirtas "Windows XP (KB901190)
Naujinimas skirtas "Windows XP (KB902400)
Naujinimas skirtas "Windows XP (KB905414)
Naujinimas skirtas "Windows XP (KB905749)
Naujinimas skirtas "Windows XP (KB911280)
Naujinimas skirtas "Windows XP (KB911562)
Naujinimas skirtas "Windows XP (KB911567)
Naujinimas skirtas "Windows XP (KB911927)
Naujinimas skirtas "Windows XP (KB912812)
Naujinimas skirtas "Windows XP (KB913446)
Naujinimas skirtas "Windows XP (KB913580)
Naujinimas skirtas "Windows XP (KB914388)
Naujinimas skirtas "Windows XP (KB914389)
Naujinimas skirtas "Windows XP (KB916281)
Naujinimas skirtas "Windows XP (KB917159)
Naujinimas skirtas "Windows XP (KB917344)
Naujinimas skirtas "Windows XP (KB917422)
Naujinimas skirtas "Windows XP (KB917953)
Naujinimas skirtas "Windows XP (KB918118)
Naujinimas skirtas "Windows XP (KB918439)
Naujinimas skirtas "Windows XP (KB918899)
Naujinimas skirtas "Windows XP (KB919007)
Naujinimas skirtas "Windows XP (KB920213)
Naujinimas skirtas "Windows XP (KB920214)
Naujinimas skirtas "Windows XP (KB920670)
Naujinimas skirtas "Windows XP (KB920683)
Naujinimas skirtas "Windows XP (KB920685)
Naujinimas skirtas "Windows XP (KB921398)
Naujinimas skirtas "Windows XP (KB921503)
Naujinimas skirtas "Windows XP (KB921883)
Naujinimas skirtas "Windows XP (KB922616)
Naujinimas skirtas "Windows XP (KB922760)
Naujinimas skirtas "Windows XP (KB922819)
Naujinimas skirtas "Windows XP (KB923191)
Naujinimas skirtas "Windows XP (KB923414)
Naujinimas skirtas "Windows XP (KB923689)
Naujinimas skirtas "Windows XP (KB923694)
Naujinimas skirtas "Windows XP (KB923980)
Naujinimas skirtas "Windows XP (KB924191)
Naujinimas skirtas "Windows XP (KB924270)
Naujinimas skirtas "Windows XP (KB924496)
Naujinimas skirtas "Windows XP (KB924667)
Naujinimas skirtas "Windows XP (KB925486)
Naujinimas skirtas "Windows XP (KB925902)
Naujinimas skirtas "Windows XP (KB926255)
Naujinimas skirtas "Windows XP (KB926436)
Naujinimas skirtas "Windows XP (KB927779)
Naujinimas skirtas "Windows XP (KB927802)
Naujinimas skirtas "Windows XP (KB928255)
Naujinimas skirtas "Windows XP (KB928843)
Naujinimas skirtas "Windows XP (KB929123)
Naujinimas skirtas "Windows XP (KB930178)
Naujinimas skirtas "Windows XP (KB931261)
Naujinimas skirtas "Windows XP (KB931784)
Naujinimas skirtas "Windows XP (KB932168)
Naujinimas skirtas "Windows XP (KB933729)
Naujinimas skirtas "Windows XP (KB935839)
Naujinimas skirtas "Windows XP (KB935840)
Naujinimas skirtas "Windows XP (KB936021)
Naujinimas skirtas "Windows XP (KB937894)
Naujinimas skirtas "Windows XP (KB938829)
Naujinimas skirtas "Windows XP (KB941202)
Naujinimas skirtas "Windows XP (KB941568)
Naujinimas skirtas "Windows XP (KB941569)
Naujinimas skirtas "Windows XP (KB941644)
Naujinimas skirtas "Windows XP (KB943055)
Naujinimas skirtas "Windows XP (KB943460)
Naujinimas skirtas "Windows XP (KB943485)
Naujinimas skirtas "Windows XP (KB944653)
Naujinimas skirtas "Windows XP (KB946026)
Shadow Copy Client
Sonic Kopijuoti modulis
Sonic DLA
Sonic Express Etiketės
Sonic RecordNow Audio
Sonic RecordNow duomenys
Sonic Update Manager
SoundMAX
SupportSoft Pagalbinio Paslaugos
Naujinimas, skirtas Windows XP (KB894391)
Naujinimas, skirtas Windows XP (KB898461)
Naujinimas, skirtas Windows XP (KB900485)
Naujinimas, skirtas Windows XP (KB904942)
Naujinimas, skirtas Windows XP (KB908531)
Naujinimas, skirtas Windows XP (KB910437)
Naujinimas, skirtas Windows XP (KB916595)
Naujinimas, skirtas Windows XP (KB920342)
Naujinimas, skirtas Windows XP (KB920872)
Naujinimas, skirtas Windows XP (KB922582)
Naujinimas, skirtas Windows XP (KB925720)
Naujinimas, skirtas Windows XP (KB925876)
Naujinimas, skirtas Windows XP (KB927891)
Naujinimas, skirtas Windows XP (KB929338)
Naujinimas, skirtas Windows XP (KB930916)
Naujinimas, skirtas Windows XP (KB931836)
Naujinimas, skirtas Windows XP (KB933360)
Naujinimas, skirtas Windows XP (KB936357)
Naujinimas, skirtas Windows XP (KB938828)
Naujinimas, skirtas Windows XP (KB942763)
WebEx
Windows Defender
Windows Defender Parašai
"Windows Imaging Component
"Windows Internet Explorer 7?
Windows Media Connect
Windows Media Format 11 Runtime
Windows Media Format 11 Runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
WinRAR archyvatorius

**evilfantasy** · #10 Kovas 26, 2008, 08:12

Pereiti į My Computer-> Tools-> Folder Options-> View skirtuke

Pagal Paslėpti failai ir aplankai Antraštė:
Pasirinkite Rodyti paslėptus failus ir aplankus.
Nuimkite Slėpti apsaugotus operacinės sistemos failus (rekomenduojama) galimybę.
Pat įsitikinkite, kad nėra varnelę šalia Slėpti žinomų failų tipų failus.
Spauskite Gerai

----------

Grįžti į Add / Remove Programs ir pašalinkite taip:

Java (TM) 6 Update 2
Java (TM) 6 Update 3

----------

Atidaryti HijackThis ir pasirinkite Ar sistema nuskaito tik.

Vieta varnelė prie šių įrašų: (jei yra)

O4 - HKLM \ .. \ Run: [MATH YRA PIRMASIS MODE] C: \ Documents and Settings \ All Users \ Application Data \ Live 64 Math veikia \ amen tray.exe

O4 - HKCU \ .. \ Run: [Roadsite] C: \ DOCUME ~ 1 \ RON \ applic ~ 1 \ PERDAVIMAS ~ 1 \ naršyti MPEG stop.exe

Svarbu: Uždaryti visus išskyrus HijackThis langai ir spustelėkite Fix patikrinta.

Išeitis HijackThis.

----------

Dabar dukart spustelėkite Mano kompiuteris iš darbastalio ir raskite šių katalogai ir panaikinti visą kataloge.

C: \ Documents and Settings \ All Users \ Application Data \LIVE 64 matematika nėra

C: \ Documents and Settings \ RON \ Application Data \PERDAVIMAS ~ 1

PERDAVIMAS ~ 1 yra sutrumpintas kažko, bet jis prasidės Atsisiųsti.

----------

Atsisiųskite Combofix iki einantys iš vienos iš žemiau nuorodų.
(Pabandykite visi trys, jei reikia)

Svarbu! Combofix.exe TURI išsaugota ir bėgo nuo Desktop.

Uždarykite visus atidarytus interneto naršyklių. (Firefox, Internet Explorer, ir tt) prieš pradedant Combofix.
Svarbu! Laikinai daryti nepajėgų tavo Antivirus, script blokavimas ir bet Antispyware realaus laiko apsauga prieš atlikti nuskaitymo.
- Spauskite šį saitą matyti saugumo programų sąrašą, kuris turėtų būti išjungtas ir kaip juos išjungti.
- Jei Jūsų nėra šiame sąraše, ir jūs nežinote, kaip ją išjungti, kreipkitės.
Įspėjimas: Combofix atjungia kompiuterį nuo interneto. Ry ¹ ys automati ¹ kai atkurtas iki Combofix baigia paleisti.
Dukart spustelėkite combofix.exe ir vykdykite ekrane pateikiamas instrukcijas.
- Iš klaviatūros pasirinkite 1 paspauskite Registracija
Kai bus baigta, bus pateikti žurnalas Jums.
Skelbti kad Prisijungti kitą atsakymą.

Įspėjimas: Don't mouseclick combofix lango kol jis veikia. Tai gali sukelti jį gardas

Jei Combofix eina į sunkumus ir baigiasi anksčiau, ryšys gali būti rankiniu būdu atstatyta iš naujo paleisti kompiuterį.
Svarbu: Atminkite, kad vėl įjungti antivirusinę ir šnipinėjimo prieš prisijungti prie interneto.

----------

Sekantis prašome pridėti
Combofix Prisijungti

Taip pat norėčiau žinoti, kaip viskas yra dabar.