Va rog ajutati-ma! Am windows 7 si antivirusul Microsoft Security Essentials si am niste virusi de ieri si antivirusul nu mai functioneaza nu vrea sa mai porneasca si virusi isi fac de cap de ex : nu vad ce scriu ceilalti pe mess, mi se deschide browserul singur... unele jocuri nu mai merg va rog ziceti-mi ce sa fac fara sa reinstalez windowsul...
Mai intai
Descarca Malwarebytes Anti-Malware de aici http://fileforum.betanews.com/detail/Malwarebytes-AntiMalware/1186760019/1 si salveaza-l pe Desktop.
Instaleaza-l si la sfarsit asigura-te ca ai bifat urmatoarele: Update Malwarebytes' Anti-Malware si Launch Malwarebytes' Anti-Malware. Apoi apasa Finish.
Dupa lansarea programului, selecteaza Perform full scan si apoi apasa pe Scan.
La terminarea scanarii apasa OK si apoi Show Results. Asigura-te ca e totul bifat si apoi apasa Remove Selected.(spune ce a gasit aici)
SI apoi descarca DrWeb Cureit
DESCARCA DrWeb Cureit DE AICI ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe
Opreste antivirusul si inchide toate programele din calculator, inchide si conexiunea internet si apoi ruleaza programul apasand butonul Start in fereastra deschisa.Confirma lansarea apasand butonul OK si asteapta sa scaneze programele active din memorie si cele din startup. Daca programul se lanseaza in scanare direct opreste-l apoi fa-i update si apoi bifeaza optiunea complet scan si clik OK! Dupa scanare dai REMOVE OBJECTS!
Acum pentru Messenger:
NU VAD SCRISUL PE MESSENGER
Se deschide in stanga jos la start run-ul in care se va scrie regedit apoi se da enter,se va afisa o fereastra de editare a registrilor din windows ( foarte mare atentie aici ) vei parcurge intocmai acesti pasi,se da click pe
HKEY_CURRENT_USER,dupa care Software,dupa care Microsoft,dupa care Windows,dupa care CurrentVersion,dupa care Internet Settings, dupa care se va sterge folderul Zones cu click dreapta pe el si delete
Se inchide regedit si fara sa dai restart la PC, sau sa instalezi/dezinstalezi ceva deschizi yahoo messenger si totul revine la normal... enjoy it.
(nota: in timpul dezinfectiei inchide legatura internet)
Răspunde
Ordonare:
Cronologică
Descarca si ruleaza Malwarebyte's Anti-Malware, da-i o scanare completa si curatare. Operatiunea asta fa-o in Safe Mode, care porneste un minim de programe, deci sanse mai mici sa se activeze virusul. Parerea mea (absolut personala) e ca Security Essential nu e chiar bun, mai bun mi se pare Avast! free. Succes!
Răspunde
Aici: http://devirusare.com/devirusare-online-antivirus-online-scan/ ai mai multe solutii de scanare si devirusare online, foloseste-te de una si apoi ai grija pe ce site-uri intri si instaleaza-ti un antivirus mai bun. Succes si numai bine!
Salutare tuturor.
Cei care au aceasta problema mi-am facut ceva timp pentru asta pentru ca ce dureri am avut eu de cap cand l-am avut nu cred ca vreti sa stiti pana am dat de rezolvare iar pentru ca stiu ca e greu sai dai de cap la ceva si deobicei se aplica reinstalare windows va scriu tot ce trebuie facut pentru a rezolva acest virus.
Dupa cum a descris problemele pe care le intampina provin de la un virus care ai voi da numele si ceva detalii despre el mai jos.
Peste problema aceasta am trecut si eu si stiu despre ce este vorba.
Acelasi antivirus aveam si ei "Microsoft Essential" dar acel virus nu mia fost detectat in acel moment si mia inchis unul dintre procesele de la antivirus cel ce imi activa protectia si mio tot dezactiva iar eu o activam la loc iar viriusul mio dezactiva si tot asa.
La fel si "Anti Malwarebytes" ala nici macar sa mil deschisda nu mil deschidea pe cand la "Microsoft Essential" puteam deschide doar ca imi oprea protectia.
In fine iar la un moment dat mia tot descarcat alte fisiere malware pana cand am dat de unu grav ce imi bloca calculatorul dupa un aproximativ 1 minute de la deschidere cea ce asta ma determinat sa aflu virusul ce cauzeaza asta si am dat restart la pc de mai mai multe ori pana am apucat sa dau end la cateva procese necunoscute de mine in Task Manager pana am vazut ca nu mi se mai blocheaza apoi am retinut numele procesului ce facea sa imi blocheze calculatorul si am investigheat en fisiere pana am dat de rezolvare l-am eliminat si gata si asta manual eu no fac cu antivirusuri pentru ca multe nu mi le detecteaza sau chiar nu mi le sterge.
Acest virus era si este al draqu ca sa nu scapam de el a fost facut in asa fel incat sa inchida "Browserul" daca accesam vreo pagina care ne ofera posibilitatea de a descarca un program de protectie gen "Anti Malwarebytes - www.malwarebytes.org" sau de la "Microsoft Essential - www.microsoft.com/Security_essentials/" sau alte siteuri de genu pentru a nu putea incerca sa detectam si sa elimanm virusul.
In urma acestui virus am intampinat cateva probleme pe care leam rezolvat reinstaland programele pe care mi lea defectat.
Pe scurt troianul "winupgro.exe" odata executat descarca anumite fisiere tip malware de pe anumite adrese web care sunt executate si ele la randul lor apoi odata executate va porni iar "winupgro.exe" ce va descarca alte fisiere tip malware la care la randul lor vor fi executate si va porni "winupgro.exe" si tot asa intruna tot descarca virusuri.
Pentru a rezolva problema facem cum voi spune mai jos dar cu va rog cu foarte mare atentie doar pentru voi mi-am pierdut timpul scriind nu pentru mine. Sa trecem la treaba:
Trebuie sa inchidem procesul "winupgro.exe" eu voi pune 2 variante o puteti incerca pe care o vreti dintre cele 2, ambele fac acelasi lucru sa inchida procesoul "winupgro.exe" doar cu metode diferite dar rezultatul va fi acelasi.
a) Click "Start->Run" iar in fereastra aparuta scriem "TASKKILL /F /IM winupgro.exe"
b) Click dreapta pe "TaskBar"(bara de jos) apoi din meniul ce ati va aparea click "Task Manager"
* CTRL+ALT+DEL
In fereastra aparuta de la "Task Manager" alegeti tabul "Processes" si inchideti procesul "winupgro.exe" selectandul si dand click pe "End Process" apoi click "Yes"
TERMINAT, PROCESUL A FOST OPRIT.
Acum ca am inchis procesul vom putea intra pe paginile ce ne ofera posibilitatea de a descarca un program de protectie gen: "Anti Malwarebytes - www.malwarebytes.org" sau de la "Microsoft Essential - www.microsoft.com/Security_essentials/"
Iar de le avem deja instalate acum le putem porni asta daca nu va sters virusul vrun fisier din ele. vom putea sa le pornim deoarece virusul nu mai ruleaza si nu ne va mai inchide procesele sau browserul pentru ca am inchis noi procesul de la virus.
Acum dam scanare iar de ne va arata ca nea gasit printre celelante amenintari daca aveti asta in caz ca aveti altele, aceste fisiere:
%HOME%\Application Data\drivers\winupgro.exe
%HOME%\Application Data\drivers\downld\%numar%.exe
Totul va fi ca si rezolvat odata gasite le dam eliminare apoi restart pc si am scapat de virus.
Puteti face si manual stergerea virusului dupa inchiderea procesului prin 2 variante fara a descarca vrun program.
a) "Start->Run" iar in fereastra aparuta scriem "RMDIR /S /Q "%APPDATA%\driver"
b) Stergem foldarul "driver" cu "SHIFT+DELETE" din "C:\Documents and Settings\Userul tau\Application Data\
TERMINAT, Virusul a fost sters.
Acum trebuie sa stergeti si tot ce se afla in "registry" cu numele de:
%HOME%\Application Data\drivers\winupgro.exe
%HOME%\Application Data\drivers\downld\%numar%.exe
pentru ca, aceste fisiere exista si in cache de la windows chiar de voi leati sters prin una dintre variantele date mai sus pentru ca va fi executat de acolo iar fisierul chiar de voi lati sters din pc cu "SHIFT+DELETE" el tot va exista dar in cache de la windows iar pentru a sterge si din cache facem asa.
a) "Start->Run" iar in fereastra aparuta scriem "reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache /F"
TERMINAT, Virusul a fost sters si din cache.
RESTART PC SI SA REZOLVAT.
DETALII VIRUS:
Nume: TR/Dldr.Bagle.cme
Descoperit pe data de: 29/01/2010
Tip: Troian
Subtip: Downloader
ITW: Da
Numar infectii raportate: Scazut spre mediu
Potential de raspandire: Scazut
Potential de distrugere: Mediu
Fisier static: Da
Marime: 837.632 Bytes
MD5: 74c1562fa86454de20304f65ce1e6508
Versiune IVDF: 7.10.03.118
General Alias:
• Panda: Trj/Thed.A
• Eset: Win32/Bagle.UN
• Bitdefender: Trojan.Downloader.Bagle.MI
Sistem de operare:
• Windows 2000
• Windows XP
• Windows 2003
Efecte secundare:
• Descarca un fisier malware
• Creeaza fisiere malware
• Modificari in registri
Fisiere Se copiaza in urmatoarea locatie:
• %HOME%\Application Data\drivers\winupgro.exe
Sunt create fisierele:
– %HOME%\Application Data\drivers\downld\%numar%.exe Analiza ulterioara a relevat ca si acest fisier este malware. Detectat ca: TR/Crypt.TPM.Gen
– %SYSDIR%\wfsintwq.sys Analiza ulterioara a relevat ca si acest fisier este malware. Detectat ca: TR/Rootkit.Gen
– %SYSDIR%\srosa2.sys
Incearca sa descarce un fisier:
– Adresele sunt urmatoarele:
• http://netinzone.com/images/**********
• http://www.gethelp.gr/images/**********
• http://www.sittichland.net/images/**********
• http://transcardan.com.ar/images/**********
• http://escrevemos.com.br/images/**********
• http://bigape.dk/images/**********
• http://www.virtuaweb.ch/images/**********
• http://sagaseguros.com.br/images/**********
• http://gespat.com.br/images/**********
• http://industriastodoflex.com.ar/images/**********
• http://ellevang.aab-net.dk/images/**********
• http://htcom.com.br/images/**********
• http://caiunaredeibcn.com.br/images/**********
• http://www.dinos-online-world.com/images/**********
• http://www.revistaoyc.com.ar/images/**********
• http://www.villaggioilgabbiano.com/images/**********
• http://sotiere.fr/images/**********
• http://apcsoftware.com.br/images/**********
• http://s279848872.onlinehome.fr/images/**********
• http://vdbquad.be/images/**********
• http://www.pintatuvida.com/images/**********
• http://www.grupomercadao.com.br/images/**********
• http://fantastictimemachine.dk/images/**********
• http://andalusiers.info/images/**********
• http://fat-burner.org/images/**********
• http://blackmagicsoft.com/images/**********
• http://inmogestiongarraf.com/images/**********
• http://2plus1.1h.pl/images/**********
• http://tememe.org/images/**********
• http://doctornelsonjaque.cl/images/**********
• http://atelierdupetitprince.com/images/**********
• http://aircomms.com/images/**********
• http://vicentepastor.com/images/**********
• http://troop147.com/images/**********
• http://davincistudio.ncse.pl/images/**********
• http://christinesalib.com/images/**********
• http://www.oficinadapesca.com.br/images/**********
• http://diariosalto.com/images/**********
• http://amrc.no/images/**********
• http://cerbeer.com.br/images/**********
• http://www2.djleo.fr/images/**********
• http://icastro.net/images/**********
• http://kerrenneur.com/images/**********
• http://olympiostudio.com.br/images/**********
• http://inversionesabreu.com/images/**********
• http://autismoburgos.org/images/**********
• http://www.bbtinez.com/images/**********
• http://2shoppers.net/images/**********
• http://mobico.home.pl/images/**********
• http://borgobrunelleschi.it/images/**********
• http://www.elcompcomponentes.com.br/images/**********
• http://joowiki.com/images/**********
• http://idealuminosa.it/images/**********
• http://eisnt.com/images/**********
• http://bikerguide24.com/images/**********
• http://ahavat-rahamim.org/images/**********
• http://www.23-50.info/images/**********
• http://safarispasodelindio.com.ar/images/**********
• http://www.camperworkshop.com/images/**********
• http://vgormaz.cl/images/**********
• http://elecinfo.gr/images/**********
• http://livinautic.com/images/**********
• http://retroradar.com/images/**********
• http://tagdemexico.com/images/**********
• http://sikaniaservice.it/images/**********
• http://tribuandco.fr/images/**********
• http://www.roma136.org/images/**********
• http://myprosoft.net/images/**********
• http://sgktechnology.com/images/**********
• http://jesusgarciaartglass.com/images/**********
• http://lmiauto.webtolive.net/images/**********
• http://cita-ambulatoria.com/images/**********
• http://4technique.it/images/**********
• http://rating-basilea2.it/images/**********
• http://juegoalprode.com.ar/images/**********
• http://canalcars.es/images/**********
• http://www.lopeztenorio.com/images/**********
• http://hotel-santamonica.com/images/**********
• http://fantafoggia.netsons.org/images/**********
• http://royal3d.com.br/images/**********
• http://monpetitatelier.com/images/**********
• http://da-ma.it/images/**********
• http://greatvaluecarhire.com/images/**********
• http://geoveneto.com.ar/images/**********
• http://samueleiezzoni.com/images/**********
• http://saltek.com.pl/images/**********
• http://jubla-wuefla.ch/images/**********
• http://automalatina.com.ar/images/**********
• http://www.zonnedauwtje.nl/images/**********
• http://webesencias.com/images/**********
• http://www.chennaimallikaaresidency.com/images/**********
• http://www.homejn.com/images/**********
• http://www.marrakechgarden.com/images/**********
• http://pierdek.ramtel.net.pl/images/**********
• http://bandidos-cottbus.com/images/**********
• http://www.wha.it/images/**********
• http://margaritavenezuela.net/images/**********
• http://www.madmusic.ch/images/**********
• http://tresdefebreroinmuebles.com/images/**********
• http://wilsonsavegnago.com.br/images/**********
• http://nelium.be/images/**********
• http://biolog.com.br/images/**********
• http://avilasbravati.com.br/images/**********
• http://iridyum.net/images/**********
• http://reiniciapc.com/images/**********
• http://sushitesters.com/images/**********
• http://209.227.255.242/images/**********
• http://cyrilcast.com/images/**********
• http://reviveprojects.com.au/images/**********
• http://aiag.com.ve/images/**********
• http://jindexe.com/images/**********
• http://garpez.com.ve/images/**********
• http://stebot.net/images/**********
• http://grasshopers.net/images/**********
• http://robinudarchery.com/images/**********
• http://grupamc.com/images/**********
• http://crewdiscountcard.com/images/**********
• http://www.pixelhotel.eu/images/**********
• http://stylesnatch.com/images/**********
• http://karlemans.com/images/**********
• http://blackdino.bplaced.net/images/**********
• http://habitatnet.it/images/**********
• http://fernseh.com.ar/images/**********
• http://rtoday.co.kr/images/**********
• http://erolook.nl/images/**********
• http://www.orangeinformatica.it/images/**********
• http://gajaga.com/images/**********
• http://claudiatarazona.com.ar/images/**********
• http://synerweb.net/images/**********
• http://baysu.net/images/**********
• http://202.78.195.166/images/**********
• http://snowdrop-cleaners.com/images/**********
• http://escolinha.vndv.com/images/**********
• http://blissalapitvany.hu/images/**********
• http://80.93.94.8/images/**********
• http://salonesalicante.com/images/**********
• http://adultcam24.com/images/**********
• http://www.canoniero.com/images/**********
• http://vesomin.com/images/**********
• http://recordgazette.com/images/**********
• http://grupocontinental.es/images/**********
• http://cie-tapisvolant.com/images/**********
• http://giulianopizza.com.ar/images/**********
• http://grada.es/images/**********
• http://www.latinbodysauna.com.pe/images/**********
• http://ore-photo.com/images/**********
• http://immo-eden.com/images/**********
• http://portal.silksoftsolutions.com/images/**********
• http://Coldassaultteam.clanfree.net/images/**********
• http://www.ave.airproduction.pl/images/**********
• http://centrobrother.com/images/**********
• http://lolacaprichos.com/images/**********
• http://laurasusedpanties.com/images/**********
• http://civetta.org/images/**********
• http://actrevol.fr/images/**********
• http://assurvieconseil.com/images/**********
• http://sair.hosting.paran.com/images/**********
• http://rockza-macau.com/images/**********
• http://alagozluler.com/images/**********
• http://multosesso.info/images/**********
• http://aluminis-teima.com/images/**********
• http://vilaltaguitart.com/images/**********
• http://s223425274.onlinehome.us/images/**********
• http://nebulix.com/images/**********
• http://gampi.com.br/images/**********
• http://palermomix.uuuq.com/images/**********
• http://mycheapauto.com/images/**********
• http://kipc-me.com/images/**********
• http://celuquimia.com/images/**********
• http://loneranorte.com.ar/images/**********
• http://communiquer.com.br/images/**********
• http://aviva.ma/images/**********
• http://proprietedeprestige.fr/images/**********
• http://form-plast.com/images/**********
• http://sherrylai.netfirms.com/images/**********
• http://italiacampersud.it/images/**********
• http://anima64.soge.net/images/**********
• http://www.cestdubo.nl/images/**********
• http://pictoryart.com/images/**********
• http://circolopd.lu/images/**********
• http://cepatel.it/images/**********
• http://cafebali.cz/images/**********
• http://www.switch.com.mt/images/**********
• http://meafinance.com/images/**********
Fisierul este stocat pe hard disc la: %HOME%\Application Data\drivers\downld\%numar%.exe Analiza ulterioara a relevat ca si acest fisier este malware. Detectat ca: TR/Crypt.TPM.Gen
Incearca se execute urmatorul fisier:
– Numele fisierului:
• "%HOME%\Application Data\drivers\winupgro.exe"
Registrii sistemului Urmatoarea cheie este adaugata in registri pentru a rula procesul la repornirea sistemului:
– [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
• "drvsyskit"="%HOME%\Application Data\drivers\winupgro.exe"
Urmatoarele chei sunt adaugate in registrii sistemului:
– [HKLM\SYSTEM\CurrentControlSet\Control\Network\NetCfgLockHolder]
• "@"="%sir de caractere%"
– [HKCU\Software\bisoft]
• "crc"=dword:0x2144df1c
Urmatoarele chei din registri sunt modificate:
– [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
Noua valoare:
• "EnableLUA"=dword:0x00000000
– [HKLM\SOFTWARE\Microsoft\Windows\Security Center\Svc]
Noua valoare:
• "EnableLUA"=dword:0x00000016
Terminarea proceselor Lista cu procesele oprite:
• 0fcd0g.exe; a2cmd.exe; a2guard.exe; a2HiJackFree.exe; a2scan.exe;
a2service.exe; a2start.exe; a2upd.exe; a2wizard.exe; aavshield.exe;
aawservice.exe; About.exe; ABregmon.exe; ACAAS.exe; ACAEGMgr.exe;
ACAIS.exe; ACALS.exe; ACASP.exe; AckWin32.exe; acs.exe; ADVCHK.EXE;
Agb5.exe; Agb5_.exe; AhnSD.exe; AHProcMonServer.exe; airdefense.exe;
AKrnl.exe; alarm.exe; ALERTSVC.EXE; ALive.exe; ALMon.exe;
ALOGSERV.EXE; ALsvc.exe; ALUNOTIFY.EXE; ALUSchedulerSvc.exe; amon.exe;
Anti-Trojan.exe; AntiVirus.exe; ANTS.EXE; antvrs.exe; appsvc32.exe;
APVXDWIN.EXE; arcabit.core.configurator2.exe;
arcabit.core.loggingservice.exe; ArcaCheck.exe; Armor2net.exe;
ash.exe; ashAvast.exe; ashAvSrv.exe; ashchest.exe; ashDisp.exe;
ashDug.exe; ashEnhcd.exe; ashLogV.exe; ashMaiSv.exe; ashPopWz.exe;
ashQuick.exe; ashServ.exe; ashsimp2.exe; ashSimpl.exe; ashSkPcc.exe;
ashSkPck.exe; ashUpd.exe; ashWebSv.exe; ash_UpdateMediator.exe;
asOELnch.exe; aswDisp.exe; aswRegSvr.exe; aswupdsv.exe; AszMon.exe;
ATCON.EXE; ATUPDATER.EXE; ATWATCH.EXE; AUPDATE.EXE; AUTODOWN.EXE;
AutostartExplorer.exe; AUTOTRACE.EXE; AUTOUPDATE.EXE; av2009.exe;
avadmin.exe; avcenter.exe; avciman.exe; avcmd.exe; avconfig.exe;
Avconsol.exe; avenger.exe; AVENGINE.EXE; avesvc.exe; avfwsvc.exe;
avgam.exe; avgamsvr.exe; avgarkt.exe; avgcc.exe; AVGCC32.EXE;
avgchsvx.exe; avgcsrvx.exe; AVGCTRL.EXE; avgdiag.exe; avgemc.exe;
avgfws8.exe; avgfwsrv.exe; avginet.exe; avgnpdln.exe; avgnpsvc.exe;
avgnsx.exe; avgnt.exe; avgrssvc.exe; avgrsx.exe; avgscan.exe;
AVGSERV.EXE; avgtray.exe; AVGUARD.EXE; avgupden.exe; avgupsvc.exe;
avgvv.exe; avgw.exe; avgwdsvc.exe; avgwizfw.exe; avinitnt.exe;
avirarkd.exe; AVKProxy.exe; AvkServ.exe; AVKService.exe; AVKTray.exe;
AVKWCtl.exe; avmailc.exe; AVMenu.exe; avnotify.exe; AVP.EXE;
AVP32.EXE; avpcc.exe; avpm.exe; avpmapp.exe; AVPUPD.EXE; avrpts.exe;
avscan.exe; AVSCHED32.EXE; avserver.exe; avsynmgr.exe; avtray.exe;
avwebgrd.exe; AVWUPD32.EXE; AVWUPSRV.EXE; AVXMONITOR9X.EXE;
AVXMONITORNT.EXE; AVXQUAR.EXE; avz.exe; BackWeb-4476822.exe;
bdagent.exe; bdmcon.exe; bdnews.exe; bdoesrv.exe; bdss.exe;
bdsubmit.exe; bdsubmitwiz.exe; BDSurvey.exe; bdswitch.exe;
bdwizreg.exe; BHCA.exe; blackd.exe; blackice.exe; blindman.exe;
BTIni.exe; BTIniNT.exe; bullguard.exe; bullguardupdate.exe;
BZDCOMLAUNCH.exe; BZRPCSS.exe; CAAntiSpyware.exe; cafix.exe;
cagloballight.exe; capfasem.exe; capfsem.exe;
cappactiveprotection.exe; casc.exe; CavApp.exe; CaVasm.exe;
CavAUD.exe; CavEmSrv.exe; Cavmr.exe; CavMUD.exe; Cavoar.exe; CavQ.exe;
cavrid.exe; CAVSCons.exe; cavse.exe; CavSn.exe; CavSub.exe;
CAVSubmit.exe; CavUMAS.exe; CavUserUpd.exe; Cavvl.exe; ccApp.exe;
ccEvtMgr.exe; cclaw.exe; ccprovsp.exe; ccProxy.exe;
ccschedulersvc.exe; ccSetMgr.exe; ccSEUPDT.exe; ccSvcHst.exe;
cctray.exe; CEmRep.exe; CFIAUDIT.EXE; cfp.exe; clamscan.exe;
ClamTray.exe; ClamWin.exe; Claw95.exe; Claw95cf.exe; cleaner.exe;
cleaner3.exe; ClientGUI.exe; CliSvc.exe; CLNTSVC.exe; CLTLMH.EXE;
CMain.exe; cmdagent.exe; CMGrdian.exe; cntaosmgr.exe; coExport.exe;
coInst.exe; ComboFix.exe; consctl.exe; copyx64.exe; cpd.exe;
cssexc.exe; cssurf.exe; cureit.exe; custinstall.exe; custsetup.exe;
DarkSpy105.exe; defensewall.exe; DefWatch.exe; dislite.exe;
DNLP0808.exe; DOORS.EXE; dpatrolq.exe; drvctl.exe; DrVirus.exe;
DrvMap.exe; drwadins.exe; drweb32w.exe; drweb386.exe; drwebscd.exe;
DRWEBUPW.EXE; drwebwcl.exe; drwreg.exe; dsa.exe; ecmd.exe;
EFAInst.exe; egni.exe; egui.exe; ekrn.exe; elogsvc.exe; EMM386.EXE;
ESCANH95.EXE; ESCANHNT.EXE; escanmon.exe; esrreq.exe; essact.exe;
ewidoctrl.exe; exit_av.exe; EzAntivirusRegistrationCheck.exe;
F-AGNT95.EXE; F-PROT95.EXE; F-Sched.exe; F-StopW.EXE; FAMEH32.exe;
FAST.EXE; FCH32.exe; feedback.exe; filemonsv.exe; firebird.exe;
FireSvc.exe; FireTray.exe; FIREWALL.EXE; FLOPPY.EXE; FLOPPY9x.EXE;
FLOPPYME.EXE; FPAVServer.exe; fpavupdm.exe; FProtTray.exe; fpscan.exe;
fptrayproc.exe; FPWin.exe; freshclam.exe; FRW.EXE; fsample.exe;
fsaua.exe; fsauach.exe; fsav.exe; fsav32.exe; fsavaui.exe;
fsavgui.exe; fsavstrt.exe; fsavwsch.exe; fsavwscr.exe; fsbwsys.exe;
fsdbuh.exe; fsdc.exe; fsdfwd.exe; FSDIAG.exe; FsDiagUi.exe;
fsfwwsch.exe; fsfwwscr.exe; fsgetwab.exe; fsgk32.exe; fsgk32st.exe;
fsguidll.exe; fsguiexe.exe; FSHDLL32.EXE; fshelp.exe; FSHOTFIX.exe;
fsihcomp.exe; fsihs.exe; FSIMAGE.EXE; FSLAUNCH.exe; FSM32.EXE;
FSMA32.EXE; FSMB32.exe; fsorsp.exe; fspc.exe; fspex.exe; fsqh.exe;
fssf.exe; fssg.exe; fssm32.exe; fsstm.exe; fssw.exe; fstlui.exe;
fsuninst.exe; fsus.exe; FVProtect.exe; GadgetCA.exe; gcasDtServ.exe;
gcasServ.exe; GDFirewallTray.exe; GDFwSvc.exe; GhostStartTrayApp.exe;
GhostTray.exe; GIANTAntiSpywareMain.exe; GIANTAntiSpywareUpdater.exe;
GUARD.EXE; guardgni.exe; GUARDGUI.EXE; GuardNT.exe; helper.exe;
HijackThis.exe; HiJackThis_v2.exe; hipsdiag.exe; hookAnalyzer.exe;
HRegMon.exe; Hrres.exe; HSockPE.exe; hsplayer.exe; HUpdate.EXE;
iamapp.exe; iamserv.exe; IceSword.exe; ICLOAD95.EXE; ICLOADNT.EXE;
ICMON.EXE; ICSSUPPNT.EXE; ICSUPP95.EXE; ICSUPPNT.EXE; IERegFix.exe;
IEShow.exe; IFACE.EXE; ih8.exe; ih8run.exe; ILAUNCHR.exe; INETUPD.EXE;
Inicio.exe; InocIT.exe; InoRpc.exe; InoRT.exe; InoTask.exe;
InoUpTNG.exe; InstallCAVS.exe; InstallLicense.exe; InstallLSP.exe;
InstCA.exe; InstLsp.exe; INWISE.EXE; ioloAV.exe; ioloFW.exe;
IOMON98.EXE; isafe.exe; ISATRAY.EXE; ISPNews.exe; isPwdsvc.exe;
ISRV95.EXE; ISSVC.exe; isUAC.exe; itmrtsvc.exe; JEDI.EXE; jpf.exe;
jpfsrv.exe; jpf_ip.dll; KAV.exe; kavmm.exe; KAVPF.exe; KavPFW.exe;
KAVStart.exe; KAVSvc.exe; KAVSvcUI.EXE; KMailMon.EXE; KPfwSvc.EXE;
KWatch.EXE; LAUNCH.exe; licmgr.exe; livesrv.exe; LiveUpdate.exe;
LOCKDOWN2000.EXE; LogWatNT.exe; lpfw.exe; LUALL.EXE;
LUCallbackProxy.exe; LUCheck.exe; LUCOMSERVER.EXE;
LuComServer_3_2.EXE; LuConfig.exe; LUInit.exe; Luupdate.exe;
MakeISO.exe; MalwareRemoval.exe; mantispm.exe; MBackMonitor.exe;
MCAGENT.EXE; mcappins.exe; mcmnhdlr.exe; mcmscsvc.exe; mcnasvc.exe;
mcproxy.exe; mcregwiz.exe; Mcshield.exe; mcsysmon.exe; MCUI32.exe;
mcuimgr.exe; MCUPDATE.EXE; mcvsmap.exe; mcvsshld.exe; MemString.exe;
MINILOG.EXE; MONITOR.EXE; monlite.exe; MonSysNT.exe; MOOLIVE.EXE;
moontray.exe; MpEng.exe; mpfagent.exe; mpfservice.exe; mpftray.exe;
mpssvc.exe; mrtstub.exe; MSASCui.exe; MskSrver.exe; MSMPSVC.exe;
MSProxy.ahn; mva.exe; MVC.exe; mwagent.exe; mwaser.exe; myAgtSvc.exe;
myagttry.exe; navapsvc.exe; NAVAPW32.EXE; NavLu32.exe; NavShcom.exe;
NAVStub.exe; Navw32.exe; navwnt.exe; NDD32.EXE; NeoWatchLog.exe;
NeoWatchTray.exe; netmonsv.exe; NetstatViewer.exe; nip.exe;
nisoptui.exe; NISUM.EXE; njeeves.exe; NMAIN.EXE; nmapapp.exe;
nod32.exe; nod32krn.exe; nod32kui.exe; nodlogin.exe; NORMIST.EXE;
NotifyHA.exe; notstart.exe; npavtray.exe; NPFMNTOR.EXE; npfmsg.exe;
NPROTECT.EXE; NSCHED32.EXE; NSMdtr.exe; NssServ.exe; NssTray.exe;
ntrtscan.exe; NTXconfig.exe; NUPGRADE.EXE; NVC95.EXE; nvcoas.exe;
Nvcod.exe; nvcsched.exe; Nvcte.exe; Nvcut.exe; nvoy.exe; NWCDEX.EXE;
NWService.exe; oasrv.exe; oaui.exe; OfcPfwSvc.exe; olAddin.exe;
OnAccessInstaller.exe; op_mon.exe; osCheck.exe; OUTPOST.EXE;
PartIn.exe; PartIn9x.exe; partinfo.exe; PartInNT.exe; PAV.EXE;
PAVARK.exe; pavbckpt.exe; PavFires.exe; PavFnSvr.exe; Pavkre.exe;
PavProt.exe; pavProxy.exe; pavprsrv.exe; pavsrv51.exe; PAVSS.EXE;
pccguide.exe; PCCIOMON.EXE; pccntmon.exe; PCCPFW.exe; PcCtlCom.exe;
PCTAV.exe; pctsauxs.exe; pctssvc.exe; pctstray.exe; PERSFW.EXE;
pertsk.exe; PERVAC.EXE; pf6.exe; pg2.exe; PIFSvc.exe; PM8Flash.exe;
PMagic.exe; PMagic9x.exe; PMagicBT.exe; PMagicNT.exe; PNMSRV.EXE;
POLUTIL.exe; POP3TRAP.EXE; POPROXY.EXE; popscan.exe; postinstall.exe;
PP2000.exe; ppavmon.exe; ppctlpriv.exe; ppfw.exe; ppinupdt.exe;
ppserv.exe; pptbc.exe; PQBOOT.EXE; Pqboot32.exe; PQBOOTX.EXE;
pqbw.exe; PQLAUNCH.EXE; PQMAGIC.EXE; PqPe.exe; pqpe9x.exe; pqpent.exe;
PQV2iSvc.exe; preconfig.exe; preupd.exe; prevsrv.exe; PrevxSetup.exe;
ProcessViewer.exe; psctrls.exe; pshost.exe; PsImSvc.exe; psksvc.exe;
PTEDIT.EXE; PTEDIT32.EXE; PTEPIT32.EXE; PXAgent.exe; PXConsole.exe;
PXL.exe; PXL1.exe; PXReset.exe; pxsupport.exe; QHM32.EXE;
QHONLINE.EXE; QHONSVC.EXE; QHPF.EXE; qhwscsvc.exe; qklez.exe;
qoeloader.exe; qrtfix.exe; quaranti.exe; RavMon.exe; RavTimer.exe;
Realmon.exe; REALMON95.EXE; REATOGO_START.exe; register.exe;
removeit.exe; Remover.exe; Rescue.exe; rfwmain.exe; RKUnhooker.exe;
RkUService.exe; RootkitBuster.exe; Rootkit_Detective.exe; Rtvscan.exe;
RTVSCN95.EXE; RuLaunch.exe; ruleeditor.exe; RunSetup.exe; sarcli.exe;
sargui.exe; SAV32CLI.EXE; SAVAdminService.exe; SAVMain.exe;
savprogress.exe; SavRoam.exe; SAVScan.exe; savservice.exe; SavUI.exe;
sbamsvc.exe; sbamtray.exe; sbpfcl.exe; sbpflnch.exe; sbpfsvc.exe;
SCAN32.EXE; scanner.exe; ScanningProcess.exe; scfmanager.exe;
scfservice.exe; scftray.exe; sched.exe; sdhelp.exe; sdinvoker.exe;
sdloader.exe; SDTrayApp.exe; seccenter.exe; SERVIC~1.EXE; Sevinst.exe;
sfctlcom.exe; shortcutCreator.exe; SHSTAT.exe; sigtool.exe;
SiteCli.exe; smc.exe; SNDSrvc.exe; SNUTIL.EXE; SPBBCSvc.exe;
SPHINX.EXE; spiderml.exe; spidernt.exe; Spiderui.exe; sporder.exe;
SpybotSD.exe; SpywareTerminatorShield.exe; SPYXX.EXE; sp_rsser.exe;
srvload.exe; SS3EDIT.EXE; StartMyagtTry.exe; start_diag.exe;
stopsignav.exe; SubmitFiles.exe; SUPERAntiSpyware.exe; svcntaux.exe;
swAgent.exe; swdoctor.exe; swdsvc.exe; SWNETSUP.EXE;
SymantecRootInstaller.exe; SymDgnHC.exe; SymErr.exe; SymIMIns.exe;
symlcsvc.exe; SymProxySvc.exe; SymSPort.exe; SymWSC.exe; SYNMGR.EXE;
Sysinfo.exe; SysSafe.exe; SystemGuardAlerter.exe; taskscheduler.exe;
TAUMON.EXE; TBMon.exe; TC.EXE; tca.exe; TCM.EXE; TDS-3.EXE;
TeaTimer.exe; TFAK.EXE; tfservice.exe; tgsvcstp.exe; THAV.EXE;
THGnard.exe; THSM.EXE; Tmas.exe; tmas_oemon.exe; tmbmsrv.exe;
tmlisten.exe; Tmntsrv.exe; TmPfw.exe; tmproxy.exe; TNBUtil.exe;
tpsrv.exe; tracelog.exe; trayicos.exe; traysser.exe; Trjscan.exe;
TrojanGuarder.exe; TrojanHunter.exe; trtddptr.exe; ufseagnt.exe;
uiscan.exe; uiStub.exe; UmxAgent.exe; UmxCfg.exe; umxfwhlp.exe;
UmxPol.exe; UninstallCAVS.exe; Uninstaller.exe; UninstallLSP.exe;
UnlockerAssistant.exe; unp_test.exe; Up2Date.exe; UPDATE.EXE;
UpdaterUI.exe; updclient.exe; upgrepl.exe; UPSObMaker.exe; UUpd.exe;
V3ClnSrv.exe; V3SP.exe; V3Svc.exe; vav.exe; Vba32ECM.exe;
Vba32ifs.exe; vba32ldr.exe; Vba32PP3.exe; VBSNTW.exe; vchk.exe;
vcrmon.exe; vetmsg.exe; VetTray.exe; viritexp.exe; viritsvc.exe;
VirusKeeper.exe; VirusNews.exe; VistAux.exe; VisthLic.exe;
VisthUpd.exe; VPC32.exe; VPTRAY.EXE; vrfwsvc.exe; VRMONNT.EXE;
vrmonsvc.exe; vrrw32.exe; vseamps.exe; VSECOMR.EXE; vsedsps.exe;
vseqrts.exe; Vshwin32.exe; vsmon.exe; vsserv.exe; VsStat.exe;
WATCHDOG.EXE; Wclose.exe; webfiltr.exe; WebProxy.exe; Webscanx.exe;
WEBTRAP.EXE; WFPUnins.exe; WGFE95.EXE; wil.exe; Winaw32.exe;
WindowList.exe; WinPFind3U.exe; winroute.exe; winss.exe;
winssnotify.exe; WRADMIN.EXE; WRCTRL.EXE; writespid.exe; WRPROG.EXE;
WSCStub.exe; wsctool.exe; xcommsvr.exe; zanda.exe; zatutor.exe;
ZAUINST.EXE; zauninst.exe; zlclient.exe; ZLH.exe; zonealarm.exe;
_AVP32.EXE; _AVPCC.EXE; _AVPM.EXE; a2cmd.exe; a2guard.exe;
a2HiJackFree.exe; a2scan.exe; a2service.exe; a2start.exe; a2upd.exe;
a2wizard.exe; aavshield.exe; About.exe; AckWin32.exe; acs.exe;
ADVCHK.EXE; Agb5 .exe; Agb5.exe; AhnSD.exe; AHProcMonServer.exe;
airdefense.exe; AKrnl.exe; ALERTSVC.EXE; ALive.exe; ALMon.exe;
ALOGSERV.EXE; ALsvc.exe; ALUNOTIFY.EXE; amon.exe; Anti-Trojan.exe;
AntiVirScheduler; AntiVirService; AntiVirus.exe; ANTS.EXE;
APVXDWIN.EXE; Armor2net.exe; ash UpdateMediator.exe; ash.exe;
ashAvast.exe; ashAvSrv.exe; ashchest.exe; ashdisp.exe; ashDug.exe;
ashEnhcd.exe; ashLogV.exe; ashMaiSv.exe; ashPopWz.exe; ashQuick.exe;
ashServ.exe; ashsimp2.exe; ashSimpl.exe; ashSkPcc.exe; ashSkPck.exe;
ashUpd.exe; ashWebSv.exe; asOELnch.exe; aswDisp.exe; aswRegSvr.exe;
aswUpdSv.exe; ATCON.EXE; ATUPDATER.EXE; ATWATCH.EXE; AUPDATE.EXE;
AUTODOWN.EXE; AutostartExplorer.exe; AUTOTRACE.EXE; AUTOUPDATE.EXE;
avadmin.exe; avcenter.exe; avciman.exe; avcmd.exe; avconfig.exe;
Avconsol.exe; AVENGINE.EXE; avgamsvr.exe; avgcc.exe; AVGCC32.EXE;
avgchsvx.exe; avgcsrvx.exe; AVGCTRL.EXE; avgdiag.exe; avgemc.exe;
avgfwsrv.exe; avginet.exe; avgnpdln.exe; avgnpsvc.exe; avgnsx.exe;
AVGNT.EXE; avgntdd; avgntmgr; avgrssvc.exe; avgrsx.exe; avgscan.exe;
AVGSERV.EXE; avgtray.exe; AVGUARD.EXE; avgupden.exe; avgupsvc.exe;
avgvv.exe; avgw.exe; avgwdsvc.exe; avgwizfw.exe; avinitnt.exe;
AVKProxy.exe; AvkServ.exe; AVKService.exe; AVKTray.exe; AVKWCtl.exe;
avnotify.exe; AVP.EXE; AVP32.EXE; AVPCC.EXE; AVPM.EXE; AVPUPD.EXE;
avrpts.exe; avscan.exe; AVSCHED32.EXE; avsynmgr.exe; avtray.exe;
AVWUPD32.EXE; AVWUPSRV.EXE; AVXMONITOR9X.EXE; AVXMONITORNT.EXE;
AVXQUAR.EXE; BackWeb-4476822.exe; bdagent.exe; bdmcon.exe; bdnews.exe;
bdoesrv.exe; bdss.exe; bdsubmit.exe; bdsubmitwiz.exe; BDSurvey.exe;
bdswitch.exe; bdwizreg.exe; BHCA.exe; blackd.exe; blackice.exe;
blindman.exe; BTIni.exe; BTIniNT.exe; cafix.exe; casc.exe; CavApp.exe;
CaVasm.exe; CavAUD.exe; CavEmSrv.exe; Cavmr.exe; CavMUD.exe;
Cavoar.exe; CavQ.exe; cavrid.exe; CAVSCons.exe; cavse.exe; CavSn.exe;
CavSub.exe; CAVSubmit.exe; CavUMAS.exe; CavUserUpd.exe; Cavvl.exe;
ccApp.exe; ccEvtMgr.exe; ccprovsp.exe; ccProxy.exe;
ccschedulersvc.exe; ccSetMgr.exe; ccSEUPDT.exe; ccSvcHst.exe;
CEmRep.exe; CFIAUDIT.EXE; clamscan.exe; ClamTray.exe; ClamWin.exe;
Claw95.exe; Claw95cf.exe; cleaner.exe; cleaner3.exe; CliSvc.exe;
CLTLMH.EXE; CMain.exe; cmdagent.exe; CMGrdian.exe; coExport.exe;
coInst.exe; copyx64.exe; cpd.exe; cssexc.exe; custinstall.exe;
custsetup.exe; defensewall.exe; DefWatch.exe; dislite.exe;
DNLP0808.exe; DOORS.EXE; dpatrolq.exe; drvctl.exe; DrVirus.exe;
DrvMap.exe; drwadins.exe; drweb32w.exe; drweb386.exe; drwebscd.exe;
DRWEBUPW.EXE; drwebwcl.exe; drwreg.exe; ecmd.exe; EFAInst.exe;
egni.exe; ekrn.exe; EMLPROUI.EXE; EMLPROXY.EXE; EMM386.EXE;
ESCANH95.EXE; ESCANHNT.EXE; ewidoctrl.exe; exit av.exe;
EzAntivirusRegistrationCheck.exe; F-AGNT95.EXE; F-PROT95.EXE;
F-Sched.exe; F-StopW.EXE; FAMEH32.exe; FAST.EXE; FCH32.exe;
firebird.exe; FireSvc.exe; FireTray.exe; FIREWALL.EXE; FLOPPY.EXE;
FLOPPY9x.EXE; FLOPPYME.EXE; FPAVServer.exe; fpavupdm.exe;
FProtTray.exe; fpscan.exe; fptrayproc.exe; FPWin.exe; freshclam.exe;
FRW.EXE; fsample.exe; fsaua.exe; fsauach.exe; fsav.exe; fsav32.exe;
fsavaui.exe; fsavgui.exe; fsavstrt.exe; fsavwsch.exe; fsavwscr.exe;
fsbwsys.exe; fsdbuh.exe; fsdc.exe; fsdfwd.exe; FSDIAG.exe;
FsDiagUi.exe; fsfwwsch.exe; fsfwwscr.exe; fsgetwab.exe; fsgk32.exe;
fsgk32st.exe; fsguidll.exe; fsguiexe.exe; FSHDLL32.EXE; fshelp.exe;
FSHOTFIX.exe; fsihcomp.exe; fsihs.exe; FSIMAGE.EXE; FSLAUNCH.exe;
FSM32.EXE; FSMA32.EXE; FSMB32.exe; fsorsp.exe; fspc.exe; fspex.exe;
fsqh.exe; fssf.exe; fssg.exe; fssm32.exe; fsstm.exe; fssw.exe;
fstlui.exe; fsuninst.exe; fsus.exe; GadgetCA.exe; gcasDtServ.exe;
gcasServ.exe; GDFirewallTray.exe; GDFwSvc.exe;
GIANTAntiSpywareMain.exe; GIANTAntiSpywareUpdater.exe; GUARD.EXE;
guardgni.exe; GUARDGUI.EXE; GuardNT.exe; helper.exe; hipsdiag.exe;
HRegMon.exe; Hrres.exe; HSockPE.exe; hsplayer.exe; HUpdate.EXE;
iamapp.exe; iamserv.exe; ICLOAD95.EXE; ICLOADNT.EXE; ICMON.EXE;
ICSSUPPNT.EXE; ICSUPP95.EXE; ICSUPPNT.EXE; IERegFix.exe; IFACE.EXE;
ih8.exe; ih8run.exe; ILAUNCHR.exe; INETUPD.EXE; InocIT.exe;
InoRpc.exe; InoRT.exe; InoTask.exe; InoUpTNG.exe; InstallCAVS.exe;
InstallLicense.exe; InstallLSP.exe; InstCA.exe; InstLsp.exe;
INWISE.EXE; IOMON98.EXE; isafe.exe; ISATRAY.EXE; ISPNews.exe;
isPwdsvc.exe; ISRV95.EXE; ISSVC.exe; isUAC.exe; JEDI.EXE; KAV.exe;
kavmm.exe; KAVPF.exe; KavPFW.exe; KAVStart.exe; KAVSvc.exe;
KAVSvcUI.EXE; KMailMon.EXE; KPfwSvc.EXE; KWatch.EXE; licmgr.exe;
livesrv.exe; LiveUpdate.exe; LOCKDOWN2000.EXE; LogWatNT.exe; lpfw.exe;
LUALL.EXE; LUCallbackProxy.exe; LUCheck.exe; LuComServer 3 2.EXE;
LUCOMSERVER.EXE; LuConfig.exe; LUInit.exe; Luupdate.exe;
MalwareRemoval.exe; MCAGENT.EXE; mcmnhdlr.exe; mcregwiz.exe;
Mcshield.exe; MCUI32.exe; MCUPDATE.EXE; mcvsshld.exe; MemString.exe;
MINILOG.EXE; MONITOR.EXE; monlite.exe; MonSysNT.exe; MOOLIVE.EXE;
MpEng.exe; mpssvc.exe; msascui.exe; MSMPSVC.exe; mva.exe; MVC.exe;
myAgtSvc.exe; myagttry.exe; navapsvc.exe; NAVAPW32.EXE; NavLu32.exe;
NAVStub.exe; Navw32.exe; navwnt.exe; NDD32.EXE; NeoWatchLog.exe;
NeoWatchTray.exe; NetstatViewer.exe; nisoptui.exe; NISSERV; NISUM.EXE;
NMAIN.EXE; nmapapp.exe; nod32.exe; nod32krn.exe; nod32kui.exe;
NORMIST.EXE; NotifyHA.exe; notstart.exe; npavtray.exe; NPFMNTOR.EXE;
npfmsg.exe; NPROTECT.EXE; NSCHED32.EXE; NSMdtr.exe; NssServ.exe;
NssTray.exe; ntrtscan.exe; NTXconfig.exe; NUPGRADE.EXE; NVC95.EXE;
Nvcod.exe; Nvcte.exe; Nvcut.exe; NWCDEX.EXE; NWService.exe; oasrv.exe;
oaui.exe; OfcPfwSvc.exe; olAddin.exe; OnAccessInstaller.exe;
OPSSVC.EXE; op_mon.exe; osCheck.exe; OUTPOST.EXE; PartIn.exe;
PartIn9x.exe; partinfo.exe; PartInNT.exe; PAV.EXE; PavFires.exe;
PavFnSvr.exe; Pavkre.exe; PavProt.exe; pavProxy.exe; pavprsrv.exe;
pavsrv51.exe; PAVSS.EXE; pccguide.exe; PCCIOMON.EXE; pccntmon.exe;
PCCPFW.exe; PcCtlCom.exe; PCTAV.exe; PERSFW.EXE; pertsk.exe;
PERVAC.EXE; PM8Flash.exe; PMagic.exe; PMagic9x.exe; PMagicBT.exe;
PMagicNT.exe; PNMSRV.EXE; POLUTIL.exe; POP3TRAP.EXE; POPROXY.EXE;
postinstall.exe; ppfw.exe; PQBOOT.EXE; Pqboot32.exe; PQBOOTX.EXE;
pqbw.exe; PQLAUNCH.EXE; PQMAGIC.EXE; PqPe.exe; pqpe9x.exe; pqpent.exe;
preconfig.exe; preupd.exe; prevsrv.exe; PrevxSetup.exe;
ProcessViewer.exe; psctrls.exe; pshost.exe; PsImSvc.exe; PTEDIT.EXE;
PTEDIT32.EXE; PTEPIT32.EXE; PXAgent.exe; PXConsole.exe; PXL.exe;
PXL1.exe; PXReset.exe; pxsupport.exe; QHM32.EXE; QHONLINE.EXE;
QHONSVC.EXE; QHPF.EXE; qhwscsvc.exe; qklez.exe; qrtfix.exe;
quaranti.exe; QUHLPSVC.EXE; RavMon.exe; RavTimer.exe; Realmon.exe;
REALMON95.EXE; register.exe; removeit.exe; Remover.exe; Rescue.exe;
rfwmain.exe; Rtvscan.exe; RTVSCN95.EXE; RuLaunch.exe; RunSetup.exe;
sarcli.exe; sargui.exe; SAV32CLI.EXE; SAVAdminService.exe;
SAVMain.exe; savprogress.exe; SAVScan.exe; SCAN32.EXE; scanner.exe;
ScanningProcess.exe; SCANWSCS.EXE; sched.exe; sdhelp.exe;
sdinvoker.exe; sdloader.exe; SDTrayApp.exe; seccenter.exe;
SERVIC~1.EXE; Sevinst.exe; SHSTAT.EXE; sigtool.exe; SiteCli.exe;
smc.exe; SNDSrvc.exe; SNUTIL.EXE; SPBBCSvc.exe; SPHINX.EXE;
spiderml.exe; spidernt.exe; Spiderui.exe; sporder.exe; SpybotSD.exe;
SPYXX.EXE; SS3EDIT.EXE; start diag.exe; stopsignav.exe;
SubmitFiles.exe; svcntaux.exe; swAgent.exe; swdoctor.exe; swdsvc.exe;
SWNETSUP.EXE; SymantecRootInstaller.exe; SymDgnHC.exe; SymErr.exe;
SymIMIns.exe; symlcsvc.exe; SymProxySvc.exe; SymSPort.exe; SymWSC.exe;
SYNMGR.EXE; Sysinfo.exe; TAUMON.EXE; TBMon.exe; TC.EXE; tca.exe;
TCM.EXE; TDS-3.EXE; TeaTimer.exe; TFAK.EXE; tgsvcstp.exe; THAV.EXE;
THGnard.exe; THSM.EXE; Tmas.exe; tmlisten.exe; Tmntsrv.exe; TmPfw.exe;
tmproxy.exe; tnbutil.exe; tracelog.exe; TRJSCAN.EXE;
TrojanGuarder.exe; TrojanHunter.exe; trtddptr.exe; uiscan.exe;
uiStub.exe; UmxAgent.exe; UmxCfg.exe; UmxPol.exe; UninstallCAVS.exe;
Uninstaller.exe; UninstallLSP.exe; unp test.exe; Up2Date.exe;
UPDATE.EXE; UpdaterUI.exe; updclient.exe; upgrepl.exe; UPSObMaker.exe;
UUpd.exe; V3SP.exe; V3Svc.exe; Vba32ECM.exe; Vba32ifs.exe;
vba32ldr.exe; Vba32PP3.exe; VBSNTW.exe; vchk.exe; vcrmon.exe;
vetmsg.exe; VetTray.exe; viritexp.exe; viritsvc.exe; VirusKeeper.exe;
VirusNews.exe; VistAux.exe; VisthLic.exe; VisthUpd.exe; VPTRAY.EXE;
vrfwsvc.exe; VRMONNT.EXE; vrmonsvc.exe; vrrw32.exe; vseamps.exe;
VSECOMR.EXE; vsedsps.exe; vseqrts.exe; Vshwin32.exe; vsmon.exe;
vsserv.exe; VsStat.exe; w9xpopen; WATCHDOG.EXE; Wclose.exe;
webfiltr.exe; WebProxy.exe; Webscanx.exe; WEBTRAP.EXE; WFPUnins.exe;
WGFE95.EXE; wil.exe; Winaw32.exe; WindowList.exe; winroute.exe;
winss.exe; winssnotify.exe; WRADMIN.EXE; WRCTRL.EXE; writespid.exe;
WRPROG.EXE; WSCStub.exe; wsctool.exe; xcommsvr.exe; zatutor.exe;
ZAUINST.EXE; zauninst.exe; zlclient.exe; zonealarm.exe
Lista cu serviciile dezactivate:
• Jetico Personal Firewall server; LavasoftFirewall; PFNet; SfCtlCom;
SvcOnlineArmor; TMBMServer; wuauserv; a2free; Aavmker4; ABVPN2K;
acssrv; ADBLOCK.DLL; ADFirewall; AFWMCL; Ahnlab task Scheduler; AKrnl;
alerter; AlertManger; AntiVir Service; AntiVirSchedulerServiceService;
AntiVirServiceOffers; Antiy AHPProcMon Server; AntiyFirewall; ARP.DLL;
aswMon2; aswRdr; aswTdi; aswUpdSv; Ati HotKey Poller; avast!
Antivirus; avast! Mail Scanner; avast! Web Scanner; AVEService;
AVExch32Service; AvFlt; Avg7Alrt; Avg7Core; Avg7RsW; Avg7RsXP;
Avg7UpdSvc; avg9emcAVG; avg9wdAVG; AvgCore; AvgFsh; AVGFwSrv;
AvgFwSvr; AvgServ; AvgTdi; AVIRAMailService; AVIRAService; AVKProxy;
AVKService; AVKWCtl; avpcc; avrpts; AVUPDService; AVWUpSrv; AvxIni;
awhost32; backweb client - 4476822; BackWeb Client - 7681197; backweb
client-4476822; Bdfndisf; bdftdif; bdss; BlackICE; BsFileSpy;
BsFirewall; BsMailProxy; CAISafe; ccEvtMgr; ccPwdSvc; ccSchedulerSVC;
ccSetMgr; ccSetMgr.exe; CONTENT.DLL; DefWatch; DNSCACHE.DLL; drwebinet;
dvpapi; dvpinit; EMLPROUI.EXE; EMLPROXY.EXE; ewido security suite
control; ewido security suite driver; ewido security suite guard;
F-Prot Antivirus Update Monitor; F-Secure Gatekeeper Handler Starter;
firewall; FPAVServer; FSAUA; fsbwsys; FSDFWD; FSFW; FSMA; FTPFILT.DLL;
FwcAgent; fwdrv; Guard NT; HSnSFW; HSnSPro; HTMLFILT.DLL;
HTTPFILT.DLL; IMAPFILT.DLL; InoRPC; InoRT; InoTask; Ip6Fw; Ip6FwHlp;
KAVMonitorService; KAVSvc; KLBLMain; KPfwSvc; KWatch3; KWatchSvc;
MAILFILT.DLL; McAfee Firewall; McAfeeFramework; McShield;
McTaskManager; mcupdmgr.exe; MCVSRte; Microsoft NetWork FireWall
Services; MonSvcNT; MpfService; MpsSvc; navapsvc; NDIS RD; Ndisuio;
Network Associates Log Service; nipsvc; NISSERV; NISUM; NNTPFILT.DLL;
NOD32ControlCenter; NOD32krn; NOD32Service; Norman NJeeves; Norman
Type-R; Norman ZANDA; Norton AntiVirus Server; NPDriver; NPFMntor;
NProtectService; NSCTOP; nvcoas; NVCScheduler; nwclntc; nwclntd;
nwclnte; nwclntf; nwclntg; nwclnth; NWService; OfcPfwSvc; Online
Protection System; ONLINENT.EXE; OPSSVC.EXE; op_mon.exe; Outbreak
Manager; Outpost Firewall; OutpostFirewall; PASSRV; PAVAGENTE;
PavAtScheduler; PAVDRV; PAVFIRES; PAVFNSVR; Pavkre; PavProc; PavProt;
PavPrSrv; PavReport; PAVSRV; PCC PFW; PCCPFW; PersFW; Personal
Firewall; POP3FILT.DLL; PREVSRV; PSIMSVC; qhwscsvc; QUHLPSVC.EXE;
Quick Heal Antivirus Plus Mail Protection; Quick Heal Online
Protection; Quick Update Service; ravmon8; RfwService; SAVFMSE;
SAVScan; SBService; ScanWscS; SCANWSCS.EXE; schscnt; SECRET.DLL;
SharedAccess; SmcService; SNDSrvc; SPBBCSvc; SpiderNT; SweepNet;
SWEEPSRV.SYS; Symantec AntiVirus Client; Symantec Core LC; T H S M;
The Hacker Antivirus; tm cfw; Tmntsrv; TmPfw; tmproxy; tmtdi;
UmxAgent; UmxCfg; UmxPol; V3 Service; V3MonNT; V3MonSvc; Vba32ECM;
Vba32ifs; Vba32Ldr; Vba32PP3; VBCompManService; VETMSGNT;
VexiraAntivirus; VFILT; VisNetic AntiVirus Plug-in; vrfwsvc; vseamps;
vsedsps; vseqrts; vsmon; VSSERV; WinAntivirus; WinDefend; WinRoute;
wscsvc; wuauserv; xcomm
Am uitat sa scriu ca trebuie sters si un alt foldar si ceva registry iar despre "flec006.exe" nu am spus nimic pentru ca dabea acum am reverificat si am dat peste el iar raspunsul dat mai sus nu il pot edita si nu il voi da nici aici deoarece nu sunt sigur exact pasii pe care trebuie facuti pentru a scapa de virus manual fara a descarca vreun program ce ar face eliminarea acestui virus.
Deci Varianta pentru eliminare virus manuala nu merge.
Asa ca rog ca cel care are aceasta problema sa imi trimita un Mesaj Privat sau sa dea reply aici sa lase id-ul si dupa ce rezolv cu totul voi face un mic program ce va elimina acest virus in totalitate si il voi atasa aici bineinteles.
Pana atunci folositi cealalta metoda din postul de mai sus.aici voi scrie pe scurt:
1. Click "Start->Run" iar in fereastra aparuta scriem "TASKKILL /F /IM winupgro.exe"
2.Descarcati "Malwarebytes Anti-Malware PRO" de aici http://www.malwarebytes.org/mbam-download.php
3. Instalati iar dupa ce se actualizeaza "baza de date" bifati mijloc "Scanare completa" apoi facem click pe "Scaneaza" dupa terminare va avertiza dati "OK" iar apoi click "Afiseaza rezultate" apoi "Inlatura obiecte selectate" iar in final apasati "Yes" pentru a face restart la pc pentru a avea loc efectele. Si voila am scapat de virus.
Răspunsul este publicat...
Te rugăm să aştepţi ca răspunsul tău să fie trimis spre publicare.
