mazāku kapitāla

Magazine
Go Back   Computer Sulas > Computer Software > Vīrusu, spiegprogrammatūru un drošība
Reload this Page

Iexplorer.exe vīruss

Reģistrēties Site Spy Member List Ziedot Meklēt Today's Posts Mark Forums Read Foruma Noteikumi

Register


 Default 

Iexplorer.exe vīruss




Reply
 
Thread Tools
  #1  
Old Marts 25, 2008, 10:06
New Member Group
  
Default Iexplorer.exe vīruss

Čau,
Es pamanīju, pop-ups sāka popping gandrīz ik pēc pāris minūtēm manā datorā. Es pamanīju in Task Manager, kas parasti ir trīs iexplorer.exe uzdevumus atvērts visu laiku. Esmu mēģinājis vairākas antivīrusu un anti-spyware programmām un nekas, šķiet, atbrīvoties no tā. Es tikko bija žurnālā ar nolaupīt tas ...... Can anyone help?

Thanks so much!

Logfile of Trend Micro HijackThis v2.0.2
Scan saglabāts 1:10:32 gada 3/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running procesiem:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ McAfee \ Pārzina VirusScan \ VScan \ EngineServer.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ McAfee \ Pārzina VirusScan \ Agent \ myAgtSvc.exe
C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ PROGRA ~ 1 \ McAfee \ MANAGE ~ 1 \ VScan \ McShield.exe
C: \ Windows \ Explorer.exe
C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3,0 \ Apps \ apdproxy.exe
C: \ Program Files \ Brother \ ControlCenter2 \ brctrcen.exe
C: \ Program Files \ McAfee \ Pārzina VirusScan \ Agent \ myAgtTry.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ Program Files \ QuickTime \ qttask.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe
C: \ Program Files \ DNS \ btdna.exe
C: \ Program Files \ Microsoft Outlook \ Office11 \ Outlook.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ McAfee \ Pārzina VirusScan \ Agent \ UpdDlg.exe
C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.0 \ Windows Communication Foundation \ infocard.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://companyweb/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://companyweb
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ Common ~ 1 \ ierīkot ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-starta
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe"-sākums
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [Synchronization Manager]% SystemRoot% \ system32 \ mobsync.exe / pieteikšanās
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3,0 \ Apps \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [ControlCenter2.0] C: \ Program Files \ Brother \ ControlCenter2 \ brctrcen.exe / Autorun
O4 - HKLM \ .. \ Run: [MVS Splash] "C: \ Program Files \ McAfee \ Pārzina VirusScan \ Agent \ Splash.exe"
O4 - HKLM \ .. \ Run: [McAfee Pārzina Pakalpojumi Tray] "C: \ Program Files \ McAfee \ Pārzina VirusScan \ Agent \ StartMyagtTry.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [math DARA FIRST MODE] C: \ Documents and Settings \ All Users \ Application Data \ dzīvot 64 math tas \ āmen tray.exe
O4 - HKCU \ .. \ Run: [Roadsite] C: \ DOCUME ~ 1 \ POS \ Applic ~ 1 \ upload ~ 1 \ surf mpeg stop.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNS \ btdna.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ reader_sl.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBUpdate \ qbupdate.exe
O4 - Global Startup: Wallpaper.lnk = C: \ Tapetes \ Bginfo.exe
Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office11 \ EXCEL.EXE/3000
Ø9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office11 \ REFIEBAR.DLL
Ø9 - Extra button: (no name) - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20.001 - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø14 - IERESET.INF: START_PAGE_URL = http://companyweb
Ø16 - DPF: (01A88BB1-1.174-41EC-ACCB-963509EAE56B) (SysProWmi klase) -- http://support.dell.com/systemprofiler/SysPro.CAB
Ø16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Object) -- http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
Ø16 - DPF: (17.492.023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
Ø16 - DPF: (3BA3B159-7.533-4F96-A2CE-EE5894BBD3D5) (Scanner.SysScanner) -- http://i.dell.com/images/global/js/s...SYSSCANNER.cab
Ø16 - DPF: (406B5949-7.190-4.245-91A9-30A17DE16AD0) (Snapfish Activia) -- http://photos.walmart.com/WalmartActivia.cab
Ø16 - DPF: (40C83AF8-FEA7-4A6A-A470-431EE84A0886) (SecureObjectFactory klase) -- http://vs.mcafeeasap.com/MC/ENU/VS40...0504175614.cab
Ø16 - DPF: (4F1E5B1A-2A80-42CA-8.532-2D05CB959537) (MSN Photo Upload Tool) -- http://bl108fd.blu108.hotmail.msn.co...s/MsnPUpld.cab
Ø16 - DPF: (5C6698D9-7BE4-4122-8EC5-291D84DBD4A0) -- http://upload.facebook.com/controls/...oUploader2.cab
Ø16 - DPF: (5C86F808-EDD2-4E5D-9C4F-E0D1ADA859AF) (Web Conferencing) -- http://server.mymeetingcentral.com/join_a.cab
Ø16 - DPF: (5F8469B4-B055-49DD-83F7-62B522420ECC) (Facebook Photo Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
Ø16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klase) -- http://update.microsoft.com/microsof...?1149363255347
Ø16 - DPF: (7584C670-2.274-4EFB-B00B-D6AABA6D3850) (Microsoft Terminal Services Client Control (redist)) -- http://safari-fs/tsweb/msrdp.cab
Ø16 - DPF: (B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD) (TSEasyInstallX Control) -- http://www.trendsecure.com/easy_inst...syInstallX.CAB
Ø16 - DPF: (E06E2E99-0AA1-11D4-ABA6-0060082AA75C) (GpcContainer klase) -- https: / / ere.webex.com/client/T25L10N...nt/ieatgpc.cab
Ø17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = safari.local
Ø17 - HKLM \ Software \ .. \ telefoniju: DomainName = safari.local
Ø17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = safari.local
O23 - Service: Ati Hotkey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: EngineServer - McAfee, Inc - C: \ Program Files \ McAfee \ Pārzina VirusScan \ VScan \ EngineServer.exe
O23 - Service: McShield - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ MANAGE ~ 1 \ VScan \ McShield.exe
O23 - Service: McAfee vīrusu un Spyware aizsardzības dienests (myAgtSvc) - McAfee, Inc - C: \ Program Files \ McAfee \ Pārzina VirusScan \ Agent \ myAgtSvc.exe
O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) - Intuit - C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc - C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ FCS \ Intuit.QuickBooks.FCS. exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
--
End of failu - 9.346 bytes
  #2  
Old Marts 25, 2008, 10:27
Donors Group
  
Default Iexplorer.exe vīruss

Jums ir nepieciešama tikai 1 anti vīrusu un spiegprogrammatūras programma pretējā tie var būt konfliktā, vai jums ir ugunsmūris? , kas spēj bloķēt gan ienākošo un izejošo? ja ne i var atrast saites comodo ir ļoti labs bezmaksas ugunsmūri. Arī to, ko spyware jums ir? Man bija pastāvīgi pop up uz 3 mēnešiem, ka Spybot s & d sakārtoti.
  #3  
Old Marts 25, 2008, 10:31
New Member Group
  
Default Iexplorer.exe vīruss

Nu, tas ir mans darbs datoru. Mums ir McAfee. Es lejupielādēt un mēģināja Spybot Search & iznīcināt, AVG spyware, avg anti-virus, reģistrācijas bloķētājs, un daži citi Es nevaru atcerēties. Nekas ik pārādās kad es skenēto datoru ar viņiem, tā vienmēr saka visu clean.This nu jau vairākus mēnešus tagad.
  #4  
Old Marts 25, 2008, 10:32
Administrator Group
  
Default Iexplorer.exe vīruss

Kanoakavirus.

Ļaujiet man tas skaidri jānorāda.

Mums ir profesionāla malware izraidīšanas procedūru šeit CJ.

Ja Jums nav vēlēšanās sekot tai pēc tam palikt no šīm tēmu.

Pateicība.
__________________

Mana sistēma: Hybr! D

Processor (s):
AMD Turion 64 X2 TL-64 2.2GHz
Motherboard:
HP nForce 560
RAM Operatīvā atmiņa:
2GB DDR2 PC2-5300
Graphics Card (s):
Nvidia 7150M Onboard Integrētā
Sound Card:
5,1 Onboard Integrētā
Hard Drive (s):
250GB 5400RPM SATA300
Optical Drive (s):
18x CD / DVDRW DL ATA
Case / PSU:
Noliktavā HP
Dzesēšana:
Noliktavā HP
Tīkla / Internets:
10/100 NIC / 10MB Virgin Cable
Monitor (s):
17 "WXGA + HD BrightView Widescreen
Operating System (s):
Windows 7 Ultimate 32Bit
  #5  
Old Marts 25, 2008, 10:34
Donors Group
  
Default Iexplorer.exe vīruss

Labi.
  #6  
Old Marts 25, 2008, 10:55
Moderator Group
  
Default Iexplorer.exe vīruss

Download NoLop Jūsu datorā no vienas no saitēm ...
  • Aizveriet visas programmas, ir darbojusies kopš reboot ir vajadzīga
  • Dubultklikšķis NoLop.exe lai tā varētu darboties
  • Pēc tam noklikšķiniet uz pogas ar nosaukumu: Search and Destroy
    • Jūsu dators tagad būs skenēti inficēto failu
  • Kad skenēšana ir pabeigta, ja inficēti, jums tiek piedāvāts atsāknēšana
  • Noklikšķiniet uz OK
  • Tagad noklikšķiniet: Reboot
  • Message vajadzētu popup no NoLop. Ja ne, divreiz uzklikšķiniet programmu vēlreiz, un tā beigsies.
  • Post saturs C: \ NoLop.log ar nākamo atbildi.
Piezīme: Ja saņemat kļūdas, "mscomctl.ocx vai vienā no tās atkarības nav pareizi reģistrēta," lūdzu, lejupielādējiet mscomctl.ocx jūsu system32 mapē pēc tam atkārto programmu.

----------

Jūs esat Viedoklis uzstādīta.

Viedoklis Media Player / Manager / Toolbar tiek uzskatīts par foistware vietā ļaundabīgo programmu jo tā uzstādīta bez lietotāji apstiprinājums, bet tas nav spiegs vai neko "sliktu". Redzēt Viedokļa, lai Plunge Into Adware

Ir ierosināts izņemt programmu tagad.
Doties uz Start> Settings> Control Panel> Add / Remove Programs un novērstu šādas programmas, ja klāt.
  • Viedoklis
  • Viedoklis Manager
  • Viedoklis Media Player
  • Viedoklis rīkjoslu
  • Viedoklis Pieredze Technology
Ja Jums ir grūtības novērst viedokļa, es iesaku jums izmantot ViewpointKiller

Kad esat lejupielādējis ViewpointKiller, unzip to ērtu atrašanās vietu, piemēram, darbvirsmas.
Run ViewpointKiller un izvēlieties File> Do Visi slepkavību
Sekojiet instrukcijām, izvēloties vai Atkarībā no tā, kurā atlases Jums ir visērtāk.

----------

Pārdēvēt HijackThis un vadīt jaunu skenēšanu tad post, ka žurnālā, kā labi.
  • Iet uz C: \ Program Files \ Trend Micro \HijackThis.exe
  • Tiesības, noklikšķiniet uz HijackThis.exe un izvēlieties Pārdēvēt.
  • Tips sniper.exe un nospiediet Enter.
  • Right-click uz sniper.exe un izvēlieties Sūtīt > Desktop (izveidot īsceļu)
Kaut arī mums ir pārdēvēta HijackThis ir snaiperis, mēs vēl aizvien norādīs uz to, HijackThis vai HJT.

----------

Next post lūdzu, pievienojiet
Nē Lop log
New HijackThis log
__________________
  #7  
Old Marts 25, 2008, 11:57
New Member Group
  
Default Iexplorer.exe vīruss

NoLop žurnāls:

NoLop! Log by Skate_Punk_21
Fix sākot no: C: \ Documents and Settings \ POS \ Desktop
[3/25/2008]
[2:21:40]
--- Infection Faili Found/Removed---
C: \ WINDOWS \ uzdevumus \ 8862BA9A82712A82.job
Sākums Removal ...
Rebooting ...
Noņemot Lop's atliekas failus / mapes ...
Editing Registry ...
** Fix Complete! **
--- Listing AppData sub katalogi ---
C: \ Documents and Settings \ Administrator \ Application Data \ Identities
C: \ Documents and Settings \ Administrator \ Application Data \ Microsoft
C: \ Documents and Settings \ Administrator \ Application Data \ Sun
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Adobe
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Adobeaum
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Identities
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Interact komercija
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Microsoft
C: \ Documents and Settings \ Administrator.safari \ Application Data \ Sun
C: \ Documents and Settings \ All Users \ Application Data \ Acronis
C: \ Documents and Settings \ All Users \ Application Data \ Adobe
C: \ Documents and Settings \ All Users \ Application Data \ Aol
C: \ Documents and Settings \ All Users \ Application Data \ Aol Downloads
C: \ Documents and Settings \ All Users \ Application Data \ Aol OCP
C: \ Documents and Settings \ All Users \ Application Data \ Avg7 - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Brother
C: \ Documents and Settings \ All Users \ Application Data \ Common Files
C: \ Documents and Settings \ All Users \ Application Data \ Google
C: \ Documents and Settings \ All Users \ Application Data \ Grisoft
C: \ Documents and Settings \ All Users \ Application Data \ InstallShield
C: \ Documents and Settings \ All Users \ Application Data \ Intuit
C: \ Documents and Settings \ All Users \ Application Data \ Lavasoft
C: \ Documents and Settings \ All Users \ Application Data \ Live 64 Math Vai
C: \ Documents and Settings \ All Users \ Application Data \ Microsoft
C: \ Documents and Settings \ All Users \ Application Data \ Mumbojumbo
C: \ Documents and Settings \ All Users \ Application Data \ Protexis
C: \ Documents and Settings \ All Users \ Application Data \ Sandlot Spēles
C: \ Documents and Settings \ All Users \ Application Data \ Sbsi
C: \ Documents and Settings \ All Users \ Application Data \ Simply Super Software
C: \ Documents and Settings \ All Users \ Application Data \ Temp - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Trymedia
C: \ Documents and Settings \ All Users \ Application Data \ Viewpoint
C: \ Documents and Settings \ All Users \ Application Data \ Windows Genuine Advantage
C: \ Documents and Settings \ All Users \ Application Data \ Yahoo!
C: \ Documents and Settings \ Allison \ Application Data \ 3m
C: \ Documents and Settings \ Allison \ Application Data \ Adobe
C: \ Documents and Settings \ Allison \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Allison \ Application Data \ Coffeecup Software
C: \ Documents and Settings \ Allison \ Application Data \ CyberLink
C: \ Documents and Settings \ Allison \ Application Data \ Globalscape
C: \ Documents and Settings \ Allison \ Application Data \ Google
C: \ Documents and Settings \ Allison \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Allison \ Application Data \ Identities
C: \ Documents and Settings \ Allison \ Application Data \ InstallShield Installation Information
C: \ Documents and Settings \ Allison \ Application Data \ Interact komercija
C: \ Documents and Settings \ Allison \ Application Data \ Intuit
C: \ Documents and Settings \ Allison \ Application Data \ Ipswitch
C: \ Documents and Settings \ Allison \ Application Data \ Leadertech
C: \ Documents and Settings \ Allison \ Application Data \ Macromedia
C: \ Documents and Settings \ Allison \ Application Data \ Microsoft
C: \ Documents and Settings \ Allison \ Application Data \ Mozilla
C: \ Documents and Settings \ Allison \ Application Data \ Smartftp
C: \ Documents and Settings \ Allison \ Application Data \ Snapfish
C: \ Documents and Settings \ Allison \ Application Data \ Sonic
C: \ Documents and Settings \ Allison \ Application Data \ Sun
C: \ Documents and Settings \ Allison \ Application Data \ Symantec - EMPTY Directory
C: \ Documents and Settings \ Allison \ Application Data \ Augšupielādēt Frag - EMPTY Directory
C: \ Documents and Settings \ Allison \ Application Data \ WebEx
C: \ Documents and Settings \ Allison \ Application Data \ Yahoo!
C: \ Documents and Settings \ Allison \ Application Data \ (d4914e09-364e-480a-835b-91f1f8c21e8c)
C: \ Documents and Settings \ Application Data \ Application Data \ Microsoft
C: \ Documents and Settings \ Dana \ Application Data \ 3m
C: \ Documents and Settings \ Dana \ Application Data \ Identities
C: \ Documents and Settings \ Dana \ Application Data \ Microsoft
C: \ Documents and Settings \ Dana \ Application Data \ Sun
C: \ Documents and Settings \ Default User \ Application Data \ Identities
C: \ Documents and Settings \ Default User \ Application Data \ Microsoft
C: \ Documents and Settings \ Default User \ Application Data \ Sun
C: \ Documents and Settings \ Heather \ Application Data \ Identities
C: \ Documents and Settings \ Heather \ Application Data \ Macromedia
C: \ Documents and Settings \ Heather \ Application Data \ Microsoft
C: \ Documents and Settings \ Heather \ Application Data \ Sun
C: \ Documents and Settings \ Heather \ Application Data \ WebEx
C: \ Documents and Settings \ Kellie \ Application Data \ Identities
C: \ Documents and Settings \ Kellie \ Application Data \ Interact komercija
C: \ Documents and Settings \ Kellie \ Application Data \ Macromedia
C: \ Documents and Settings \ Kellie \ Application Data \ Microsoft
C: \ Documents and Settings \ Kellie \ Application Data \ Sun
C: \ Documents and Settings \ Localservice \ Application Data \ Avg7 - EMPTY Directory
C: \ Documents and Settings \ Localservice \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser \ Application Data \ Identities
C: \ Documents and Settings \ Mcafeemvsuser \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser \ Application Data \ Sun
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01 \ Application Data \ Identities
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01 \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01 \ Application Data \ Sun
C: \ Documents un Settings \ Mcafeemvsuser.ssxp01.000 \ Application Data \ Identities
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01.000 \ Application Data \ Microsoft
C: \ Documents and Settings \ Mcafeemvsuser.ssxp01.000 \ Application Data \ Sun
C: \ Documents and Settings \ Meredith \ Application Data \ Identities
C: \ Documents and Settings \ Meredith \ Application Data \ Microsoft
C: \ Documents and Settings \ Meredith \ Application Data \ Sonic
C: \ Documents and Settings \ Meredith \ Application Data \ Sun
C: \ Documents and Settings \ Networkservice \ Application Data \ Microsoft
C: \ Documents and Settings \ Ron \ Application Data \ 3m
C: \ Documents and Settings \ Ron \ Application Data \ 7wonders
C: \ Documents and Settings \ Ron \ Application Data \ Acccore
C: \ Documents and Settings \ Ron \ Application Data \ Adobe
C: \ Documents and Settings \ Ron \ Application Data \ Adobeaum
C: \ Documents and Settings \ Ron \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Aim
C: \ Documents and Settings \ Ron \ Application Data \ Avg7
C: \ Documents and Settings \ Ron \ Application Data \ Bittorrent
C: \ Documents and Settings \ Ron \ Application Data \ CyberLink
C: \ Documents and Settings \ Ron \ Application Data \ Dňa
C: \ Documents and Settings \ Ron \ Application Data \ Gamelab
C: \ Documents and Settings \ Ron \ Application Data \ Google
C: \ Documents and Settings \ Ron \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Identities
C: \ Documents and Settings \ Ron \ Application Data \ Interact komercija
C: \ Documents and Settings \ Ron \ Application Data \ Intuit
C: \ Documents and Settings \ Ron \ Application Data \ Ipswitch
C: \ Documents and Settings \ Ron \ Application Data \ Leadertech
C: \ Documents and Settings \ Ron \ Application Data \ limewire
C: \ Documents and Settings \ Ron \ Application Data \ Macromedia
C: \ Documents and Settings \ Ron \ Application Data \ Math Funk Bash - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Microsoft
C: \ Documents and Settings \ Ron \ Application Data \ Mozilla
C: \ Documents and Settings \ Ron \ Application Data \ Playfirst
C: \ Documents and Settings \ Ron \ Application Data \ Vienkārši Super Software - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Snapfish
C: \ Documents and Settings \ Ron \ Application Data \ Sonic
C: \ Documents and Settings \ Ron \ Application Data \ Stickies
C: \ Documents and Settings \ Ron \ Application Data \ Sun
C: \ Documents and Settings \ Ron \ Application Data \ Symantec - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Trojanhunter
C: \ Documents and Settings \ Ron \ Application Data \ Uniblue
C: \ Documents and Settings \ Ron \ Application Data \ Upload Frag
C: \ Documents and Settings \ Ron \ Application Data \ Viewpoint
C: \ Documents and Settings \ Ron \ Application Data \ WinRAR - EMPTY Directory
C: \ Documents and Settings \ Ron \ Application Data \ Yahoo!
C: \ Documents and Settings \ Ron.old \ Application Data \ Acccore
C: \ Documents and Settings \ Ron.old \ Application Data \ Adobe
C: \ Documents and Settings \ Ron.old \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Ron.old \ Application Data \ Google
C: \ Documents and Settings \ Ron.old \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Ron.old \ Application Data \ Identities
C: \ Documents and Settings \ Ron.old \ Application Data \ Interact komercija
C: \ Documents and Settings \ Ron.old \ Application Data \ Macromedia
C: \ Documents and Settings \ Ron.old \ Application Data \ Microsoft
C: \ Documents and Settings \ Ron.old \ Application Data \ MySpace
C: \ Documents and Settings \ Ron.old \ Application Data \ Sun
C: \ Documents and Settings \ Shelli \ Application Data \ Adobe
C: \ Documents and Settings \ Shelli \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Shelli \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Shelli \ Application Data \ Identities
C: \ Documents and Settings \ Shelli \ Application Data \ Interact komercija
C: \ Documents and Settings \ Shelli \ Application Data \ Leadertech
C: \ Documents and Settings \ Shelli \ Application Data \ Macromedia
C: \ Documents and Settings \ Shelli \ Application Data \ Microsoft
C: \ Documents and Settings \ Shelli \ Application Data \ Sonic
C: \ Documents and Settings \ Shelli \ Application Data \ Sun
C: \ Documents and Settings \ Stephanie \ Application Data \ Adobe
C: \ Documents and Settings \ Stephanie \ Application Data \ Adobeum - EMPTY Directory
C: \ Documents and Settings \ Stephanie \ Application Data \ Google
C: \ Documents and Settings \ Stephanie \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Stephanie \ Application Data \ Identities
C: \ Documents and Settings \ Stephanie \ Application Data \ Interact komercija
C: \ Documents and Settings \ Stephanie \ Application Data \ Leadertech
C: \ Documents and Settings \ Stephanie \ Application Data \ Macromedia
C: \ Documents and Settings \ Stephanie \ Application Data \ Microsoft
C: \ Documents and Settings \ Stephanie \ Application Data \ Sonic
C: \ Documents and Settings \ Stephanie \ Application Data \ Sun
C: \ Documents and Settings \ Susan \ Application Data \ 3m
C: \ Documents and Settings \ Susan \ Application Data \ Identities
C: \ Documents and Settings \ Susan \ Application Data \ Microsoft
C: \ Documents and Settings \ Susan \ Application Data \ Sun
C: \ Documents and Settings \ Xrbs \ Application Data \ Adobe
C: \ Documents and Settings \ Xrbs \ Application Data \ Google - EMPTY Directory
C: \ Documents and Settings \ Xrbs \ Application Data \ Identities
C: \ Documents and Settings \ Xrbs \ Application Data \ Macromedia
C: \ Documents and Settings \ Xrbs \ Application Data \ Microsoft
C: \ Documents and Settings \ Xrbs \ Application Data \ Sun
C: \ Documents and Settings \ __sbs_netsetup__ \ Application Data \ Identities
C: \ Documents and Settings \ __sbs_netsetup__ \ Application Data \ Microsoft
C: \ Documents and Settings \ __sbs_netsetup__ \ Application Data \ Sun

New HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saglabāts 3:00:16 gada 3/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running procesiem:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ McAfee \ Pārzina VirusScan \ VScan \ EngineServer.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ McAfee \ Pārzina VirusScan \ Agent \ myAgtSvc.exe
C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ PROGRA ~ 1 \ McAfee \ MANAGE ~ 1 \ VScan \ McShield.exe
C: \ Windows \ Explorer.exe
C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3,0 \ Apps \ apdproxy.exe
C: \ Program Files \ Brother \ ControlCenter2 \ brctrcen.exe
C: \ Program Files \ McAfee \ Pārzina VirusScan \ Agent \ myAgtTry.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ Program Files \ QuickTime \ qttask.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ DNS \ btdna.exe
\ Up-3 \ c $ \ Program Files \ Microsoft Office \ Office11 \ Outlook.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page =
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://companyweb
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ Common ~ 1 \ ierīkot ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-starta
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe"-sākums
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [Synchronization Manager]% SystemRoot% \ system32 \ mobsync.exe / pieteikšanās
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3,0 \ Apps \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [ControlCenter2.0] C: \ Program Files \ Brother \ ControlCenter2 \ brctrcen.exe / Autorun
O4 - HKLM \ .. \ Run: [MVS Splash] "C: \ Program Files \ McAfee \ Pārzina VirusScan \ Agent \ Splash.exe"
O4 - HKLM \ .. \ Run: [McAfee Pārzina Pakalpojumi Tray] "C: \ Program Files \ McAfee \ Pārzina VirusScan \ Agent \ StartMyagtTry.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [math DARA FIRST MODE] C: \ Documents and Settings \ All Users \ Application Data \ dzīvot 64 math tas \ āmen tray.exe
O4 - HKCU \ .. \ Run: [Roadsite] C: \ DOCUME ~ 1 \ POS \ Applic ~ 1 \ upload ~ 1 \ surf mpeg stop.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster2] C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNS \ btdna.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ reader_sl.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBUpdate \ qbupdate.exe
O4 - Global Startup: Wallpaper.lnk = C: \ Tapetes \ Bginfo.exe
Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office11 \ EXCEL.EXE/3000
Ø9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office11 \ REFIEBAR.DLL
Ø9 - Extra button: (no name) - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20.001 - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø14 - IERESET.INF: START_PAGE_URL = http://companyweb
Ø16 - DPF: (01A88BB1-1.174-41EC-ACCB-963509EAE56B) (SysProWmi klase) -- http://support.dell.com/systemprofiler/SysPro.CAB
Ø16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Object) -- http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
Ø16 - DPF: (17.492.023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
Ø16 - DPF: (3BA3B159-7.533-4F96-A2CE-EE5894BBD3D5) (Scanner.SysScanner) -- http://i.dell.com/images/global/js/s...SYSSCANNER.cab
Ø16 - DPF: (406B5949-7.190-4.245-91A9-30A17DE16AD0) (Snapfish Activia) -- http://photos.walmart.com/WalmartActivia.cab
Ø16 - DPF: (40C83AF8-FEA7-4A6A-A470-431EE84A0886) (SecureObjectFactory klase) -- http://vs.mcafeeasap.com/MC/ENU/VS40...0504175614.cab
Ø16 - DPF: (4F1E5B1A-2A80-42CA-8.532-2D05CB959537) (MSN Photo Upload Tool) -- http://bl108fd.blu108.hotmail.msn.co...s/MsnPUpld.cab
Ø16 - DPF: (5C6698D9-7BE4-4122-8EC5-291D84DBD4A0) -- http://upload.facebook.com/controls/...oUploader2.cab
Ø16 - DPF: (5C86F808-EDD2-4E5D-9C4F-E0D1ADA859AF) (Web Conferencing) -- http://server.mymeetingcentral.com/join_a.cab
Ø16 - DPF: (5F8469B4-B055-49DD-83F7-62B522420ECC) (Facebook Photo Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
Ø16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klase) -- http://update.microsoft.com/microsof...?1149363255347
Ø16 - DPF: (7584C670-2.274-4EFB-B00B-D6AABA6D3850) (Microsoft Terminal Services Client Control (redist)) -- http://safari-fs/tsweb/msrdp.cab
Ø16 - DPF: (B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD) (TSEasyInstallX Control) -- http://www.trendsecure.com/easy_inst...syInstallX.CAB
Ø16 - DPF: (E06E2E99-0AA1-11D4-ABA6-0060082AA75C) (GpcContainer klase) -- https: / / ere.webex.com/client/T25L10N...nt/ieatgpc.cab
Ø17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = safari.local
Ø17 - HKLM \ Software \ .. \ telefoniju: DomainName = safari.local
Ø17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = safari.local
O23 - Service: Ati Hotkey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: EngineServer - McAfee, Inc - C: \ Program Files \ McAfee \ Pārzina VirusScan \ VScan \ EngineServer.exe
O23 - Service: McShield - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ MANAGE ~ 1 \ VScan \ McShield.exe
O23 - Service: McAfee vīrusu un Spyware aizsardzības dienests (myAgtSvc) - McAfee, Inc - C: \ Program Files \ McAfee \ Pārzina VirusScan \ Agent \ myAgtSvc.exe
O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) - Intuit - C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc - C: \ Program Files \ Common Files \ Intuit \ QuickBooks \ FCS \ Intuit.QuickBooks.FCS. exe
--
End of failu - 8.722 bytes

Es pamanīju, ka iexploree.exe tikai popping up vienu reizi Task Manager tagad un man nebija nekādas pop-ups yet.
  #8  
Old Marts 25, 2008, 12:07
Moderator Group
  
Default Iexplorer.exe vīruss

Meklē labāk, bet vēl paliek darīt.

Izveidot Uninstall List
  • Sākums HijackThis
  • Noklikšķiniet uz Open Misc sadaļā Rīki
  • Noklikšķiniet uz Open Uninstall Manager pogu.
  • Noklikšķiniet uz Saglabāt saraksts pogu un norādiet, kur vēlaties saglabāt šo failu un noklikšķiniet uz Glābt.
    • Kad nospiežat Glābt poga notepad atver ar šī faila saturu.
  • Nokopējiet un ielīmējiet šo sarakstu ar jūsu atbildi.
__________________
  #9  
Old Marts 26, 2008, 06:57
New Member Group
  
Default Iexplorer.exe vīruss

Atvainojiet, vakar darbā got busy. Es to nespēj paveikt šo soli vai atbildes atpakaļ. When I logged onto my computer pop-ups bija atpakaļ jau šodien. Zemāk ir unistall sarakstā.

ACT!
Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player ActiveX
Adobe Reader 7.0.8
Adobe Shockwave Player
Adobe ® Photoshop ® Album Starter Edition 3,0
AIM 6
ATI - Software Uninstall Utility
ATI Display Driver
Barracuda Networks Outlook Plugin 0.9d
Broadcom Advanced Control Suite
Brother MFL-Pro Suite
ClearType Tuning Control Panel Applet
Saderības pakotne Office 2007 sistēmas
e / pop Web Conferencing Client
Google Earth
HijackThis 2.0.2
Labojumfaila Microsoft. NET Framework 3.0 (KB932471)
Labojumfailu Windows Media Format 11 SDK (KB929399)
Labojumfailu Windows Media Format SDK (KB902344)
Labojumfailu Windows Media Player 11 (KB939683)
Labojumfailu Windows XP (KB896344)
Labojumfailu Windows XP (KB914440)
Labojumfailu Windows XP (KB915865)
Labojumfailu Windows XP (KB926239)
Intel (R) Graphics Media Accelerator Driver
Java (TM) 6 Update 2
Java (TM) 6 Update 3
Java (TM) 6 Update 5
McAfee vīrusu un Spyware Protection Service
Microsoft. NET Framework 1.1
Microsoft. NET Framework 1.1
Microsoft. NET Framework 1.1 Hotfix (KB928366)
Microsoft. NET Framework 2.0 Service Pack 1
Microsoft. NET Framework 3.0 Service Pack 1
Microsoft Base Smart Card kriptogrāfiskā Service Provider Package
Microsoft Compression Client Pack 1,0 uz Windows XP
Microsoft Internationalized Domain Names mazināšanas APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Outlook 2003
Microsoft Office Small Business Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1,0
Microsoft Visual C + + 2005 Redistributable
Mozilla Firefox (2.0.0.12)
MSXML 4,0 SP2 (KB936181)
MSXML 4,0 SP2 Parser un SDK
MSXML 6,0 Parser (KB933579)
PowerDVD 5,5
QuickBooks Pro 2.007
QuickBooks Product Listing Service
Drošības atjauninājums Soli pa solim Interactive Training (KB898458)
Drošības atjauninājums Soli pa solim Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB946026)
Shadow Copy Client
Skaņas Copy Module
Skaņas DLA
Sonic Express Labeler
Skaņas RecordNow Audio
Skaņas RecordNow Data
Skaņas Update Manager
SoundMAX
SupportSoft Assisted Service
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB925876)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
WebEx
Windows Defender
Windows Defender Signatures
Windows Imaging Component
Windows Internet Explorer 7
Windows Media Connect
Windows Media Format 11 Runtime
Windows Media Format 11 Runtime
Windows Media Format SDK labojumfailu - KB891122
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
WinRAR archiver
  #10  
Old Marts 26, 2008, 08:12
Moderator Group
  
Default Iexplorer.exe vīruss

Doties uz My Computer-> Tools-> Folder Options-> View Tab:
  • Zem Slēptie faili un mapes pozīcijā:
  • Izvēlēties Rādīt slēptos failus un mapes.
  • Neatķeksējiet Paslēpt aizsargātos operētājsistēmas failus (ieteicams) iespēju.
  • Tāpat pārliecinieties, vai nav atzīmes blakus Paslēpt failu paplašinājumus zināmo failu tipu.
  • Click OK

----------

Iet uz Pievienot / noņemt programmas un atinstalēt šādi:
  • Java (TM) 6 Update 2
  • Java (TM) 6 Update 3
----------

Open HijackThis un izvēlieties Vai sistēmas skenēšanu tikai.

Vieta atzīme blakus šādiem ierakstiem: (ja ir)
  • O4 - HKLM \ .. \ Run: [math DARA FIRST MODE] C: \ Documents and Settings \ All Users \ Application Data \ dzīvot 64 math tas \ āmen tray.exe
  • O4 - HKCU \ .. \ Run: [Roadsite] C: \ DOCUME ~ 1 \ POS \ Applic ~ 1 \ upload ~ 1 \ surf mpeg stop.exe
Svarīgi: Aizveriet visus logus, izņemot HijackThis un pēc tam noklikšķiniet uz Fix pārbaudīja.

Iziet HijackThis.

----------

Tagad veiciet dubultklikšķi uz My Computer no darbvirsmas un atrodiet šo mapes un izdzēst visu mape.

C: \ Documents and Settings \ All Users \ Application Data \lIVE 64 math nav

C: \ Documents and Settings \ POS \ Application Data \Augšupielādēt ~ 1

Augšupielādēt ~ 1 ir saīsināti par kaut ko, bet tas sāksies ar Upload.

----------

Lūdzu, lejupielādējiet Combofix ar subs no vienas no saitēm.
(Try visi trīs, ja nepieciešams)Svarīgi! Combofix.exe Jābūt saglabāt un ilga no Desktop.
  • Aizveriet visas atvērtās interneta pārlūkprogrammas. (Firefox, Internet Explorer uc) pirms uzsākt Combofix.
  • Svarīgi! Laiku sakropļot jūsu antivīruss, script bloķēšana un visiem antispyware reāllaika aizsardzību pirms veic skenēšanu.
    • Click šo saiti redzēt sarakstu drošības programmas, kas ir invalīdi un to, kā pārtraukt to darbību.
    • Ja jūsu valsts nav sarakstā, un jūs nezināt, kā atspējot, lūdzu, jautājiet.
  • Brīdinājums: Combofix atvieno datoru no interneta. Savienojums tiek automātiski atjaunots pirms Combofix pabeidz palaist.
  • Dubultklikšķi combofix.exe un sekojiet norādījumiem.
    • No tastatūras izvēlētos 1 un nospiediet Enter
  • Kad pabeigts, tas rada log for you.
  • Dienests, log jūsu nākamo atbildi.
Brīdinājums: Nav mouseclick combofix loga kamēr tas darbojas. Tas var izraisīt to stall
  • Ja Combofix nokļūst grūtībās, un to beidz priekšlaicīgi, savienojumu var manuāli atjaunoja restartējot datoru.
  • Svarīgi: Atcerieties, ka jauna aktivizētu jūsu antivīrusu un antispyware, pirms atjaunot saikni ar internetu.

----------

Next post lūdzu, pievienojiet
Combofix log

Arī ļaujiet man zināt, kāda ir tagad.
__________________
Reply

Register

Bookmarks

Similar Threads
Pavediens Thread Starter Forums Replies Last Post
Iexplorer bad image-HELPPPP Lūdzu soupman23 Vīrusu, spiegprogrammatūru un drošība 11 29 decembris 2008 00:52
Iexplorer.exe vīruss - Please help me! Giant Panda Vīrusu, spiegprogrammatūru un drošība 2 6 oktobris 2008 14:55
IEXPLORER.EXE vīruss pls pārskats HiJack log nitingaur Vīrusu, spiegprogrammatūru un drošība 15 22 septembris 2008 16:40
Es saņemu bone.exe vīrusu manu iexplorer damandg Vīrusu, spiegprogrammatūru un drošība 12 14 jūlijs 2008 14:31
Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe euphotix Vīrusu, spiegprogrammatūru un drošība 8 17 janvāris 2008 23:55
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Sulas.
Kontaktpersona -- Privacy -- Sitemap -- Augša

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO līdz 2009 vBSEO ©, Crawlability, Inc