Your best source of information and news about Vista hardware , microsoft and winvista on the internet 你最好的信息来源和新闻有关 Vista 的硬件,微软和winvista在互联网上

Vista ARTICLES Vista的文章 TOP 50排名前50位 Spyware Virus间谍软件病毒 Vista SOFT Vista的软 Vista HELP Vista帮助

Virus/Spyware Removal病毒/间谍软件删除

You are currently browsing the articles from您当前浏览文章 MS Windows Vista Compatible Software质谱的Windows Vista兼容软件 matching the category Virus/Spyware Removal .匹配的类别病毒/间谍程序清除

REMOVE AMVO.EXE删除AMVO.EXE

What is it???它是什么? ? ?
AMVO.exe is a trojan/backdoor AMVO.exe是一个木马/后门
Symptoms:症状:

  • Folder Option is not working - you cannot enable the Folder Option or show the hidden files running into you computer.文件夹选项不工作-你不能使文件夹选项或显示隐藏文件运行到你的计算机。
  • Hidden file problem隐藏文件的问题
  • Always open new windows in all drives总是打开新的窗口在所有的硬盘
  • Error occur of the memory reference错误发生的范围内存

Here are the steps for removing it manually下面的步骤操作,消除手动

  1. Uncheck amvo.exe from msconfig>> startup (type msconfig in run and click on the startup tab) also and restart your system取消amvo.exe从MSConfig “ ”启动( 输入msconfig运行,并点击启动标签)也和重新启动系统
  1. Click Start > Run and type REGEDIT点击开始> “运行,并键入 Regedit
  2. Go to HKEY_CURRENT_USER > SOFTWARE > Microsoft > Windows > CurrentVersion > Explorer > Advanced进入HKEY_CURRENT_USER “软件”微软“视窗” CurrentVersion “总管> ”高级
  3. On the right side, double click the hidden value and give it a value of 1.在右边,双击隐藏的价值和给它一个值为1 。
  4. Same for HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > Explorer > Advanced > Folder > Hidden > SHOW ALL Change the value of Checked Value to 1 .同样的HKEY_LOCAL_MACHINE “软件”微软“视窗” CurrentVersion “总管> ”高级> “文件夹”隐> “显示所有的值变更登记的价值为 1 。
  5. Check if your Folder Option if its working now.检查如果您选择的文件夹 ,如果现在的工作。 If it works!如果它的作品! OK you are now ready to delete the Amvo.exe virus now.确定你现在已经准备好删除Amvo.exe现在病毒。
Go to your Folder Option and enable the show all the hidden files and you remove the following files if they are exist in the exact location or directory:转到您的文件夹选项 ,使显示所有隐藏文件和删除以下文件如果它们存在的确切位置或目录:
c:\autorun.inf ç : \的Autorun.inf
c:\u.bat ç : \ u.bat
c:\amvo.exe ç : \ amvo.exe
c:\awda2.exe ç : \ awda2.exe
c:\d.com ç : \ d.com
c:\mvo.dll ç : \ mvo.dll
c:\amvo1.dll ç : \ amvo1.dll
c:\windows\system32\ amvo.exe ç : \窗户\ system32 \ amvo.exe
c:\windows\system32\ awda2.exe ç : \窗户\ system32 \ awda2.exe
c:\windows\system32\ d.com ç : \窗户\ system32 \ d.com
c:\windows\system32\ mvo.dll ç : \窗户\ system32 \ mvo.dll
c:\windows\system32\ amvo1.dll ç : \窗户\ system32 \ amvo1.dll
c:\windows\system32\u.bat ç : \窗户\ system32 \ u.bat

...

Click to continue reading "REMOVE AMVO.EXE"按继续阅读“删除AMVO.EXE ”

Written by magakos on 撰稿magakos上 September 5th, 2008 2008年九月五日 with 带有 no comments 没有评论 .
Read more articles on 阅读更多文章 Virus/Spyware Removal 病毒/间谍软件删除 and All 全部 and otherSoftware otherSoftware .

Folder option not working ???See this…文件夹选项不起作用? ? ?见本...

Sometimes folder options in your PC may get disabled by 有时文件夹选项在你的电脑可能会停用 some virus 一些病毒 and after removing the 后消除 virus 病毒 , you can not use folder options ,您不能使用文件夹选项
here i am sharing some tricks to activate folder options again 我在这里分享一些花招来激活文件夹选项再次
Before doing this first remove that virus from ur在此之前的第一移除该病毒从我们的 computer计算机 using some good AV使用一些良好的视听
method:1 方法: 1
type “regedit” in run command and hit enter键入“注册表”的运行命令,并按输入
find any of the following keys:发现下列任何项:
User Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\ Explorer用户项: HKEY_CURRENT_USER \ Software \微软\的Windows \曲线ntVersion \政策\总管
System Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\ Explorer系统项: HKEY_LOCAL_MACHINE \ SOFTWARE \微软\的Windows \电流entVersion \政策\总管
Value Name: NoFolderOptions数值名称: NoFolderOptions
Data Type: REG_DWORD (DWORD Value)数据类型: REG_DWORD ( DWORD值)
Value Data: 0 = show options, 1 = hide options数值数据: 0 =显示选项, 1 =隐藏选项
method:2 方法: 2
do: start > Run > Type gpedit.msc > hit enter > User Configuration > Administrative Templates > Windows Components > Windows Explorer > select Removes the Folder Options menu item from the Tools menu.这样做:开始> “运行”输入gpedit.msc “击中输入”用户配置“管理模板” Windows组件“ Windows资源管理器” >选择删除的文件夹选项菜单项从工具菜单上。 > Right click: > Properties > Disable > Apply “右击: ”属性“禁用”应用
done!!这样做!

Written by magakos on 撰稿magakos上 August 10th, 2008 2008年八月十日 with 带有 no comments 没有评论 .
Read more articles on 阅读更多文章 Virus/Spyware Removal 病毒/间谍软件删除 and All 全部 and otherSoftware otherSoftware .

Perlovga Removal Tool (copy.exe) Perlovga删除工具( copy.exe )

Error message: Windows cannot find ‘copy.exe’ 错误信息: Windows无法找到' copy.exe '
This virus is spreading through usb flashdisk.这种病毒的蔓延通过USB flashdisk 。 An autorun file will work to copy this file to your local disk.一个自动运行的文件将努力将此文件复制到本地磁盘。 so be careful whenever you connect a pendrive因此,只要您仔细连接pendrive
Solution: 解决方案:
Start your computer in Safe mode and run启动您的电脑在安全模式和运行 Perlovga Removal Tool Perlovga清除工具 . If you have infected floppy/flash disks you can insert them and click start.如果您有感染软盘/闪存磁盘,您可以将其插入,然后按一下启动。 You must be write enabled your usb disk during the scan process you can repeat this for every disk you have.您必须先写使您的USB磁盘扫描期间过程中,你可以重复此为每个磁盘你。

Related files :相关文件:

Copy.exe Copy.exe
Copy2.exe Copy2.exe
Temp2.exe Temp2.exe
Autorun.inf 的Autorun.inf

This tool also work with :此工具也工作:

Trojan-Dropper.win32.Small.apl 木马Dropper.win32.Small.apl
Win32.Perlovga.bBackdoor Win32.Perlovga.bBackdoor
Win32.small.loW32 Win32.small.loW32

QQRob-ABXVirus.Vbs.Small.a QQRob - ABXVirus.Vbs.Small.a

Download 下载 Perlovga Removal Tool Perlovga清除工具

Written by magakos on 撰稿magakos上 August 1st, 2008 2008年8月一日 with 带有 no comments 没有评论 .
Read more articles on 阅读更多文章 Virus/Spyware Removal 病毒/间谍软件删除 and All 全部 and otherSoftware otherSoftware .

Remove Desktop.ini & Folder.htt virus HTML.Redlof.A删除的Desktop.ini和Folder.htt病毒HTML.Redlof.A

Redlof is polymorphic virus that embeds itself without any attachment to every e-mail sent from the infected system. Redlof是多态病毒,嵌入本身没有任何附件每发送的电子邮件从受感染的系统。 It executes when an infected email message is viewed The HTML.Redlof.A is a very pestering virus.它执行时,受感染的电子邮件被视为该HTML.Redlof.A是一个非常打扰病毒。 From what I gather, neither does it create any loss of data nor does it send any personal information across the net.从我收集,也没有造成任何损失的数据,也没有发送任何个人信息,净。

But what it does is horrible.但是,它是可怕的。 It actually comes in the form of a script.它实际上是形式的脚本。 The script is copied onto several other .htm, .html, .vbs, .asp, .htt, .jsp files on your hard drive.脚本复制到其他几个。热媒, 。 html文件, 。欢乐, 。动态。高温热处理, 。 JSP的文件在硬盘驱动器上。 Then whenever any of these files are executed, the script is copied onto more files which create more files and so on.然后,只要有这些文件的执行,该脚本复制到更多的文件,创造更多的文件等等。

VBS/Redlof.A@m executes directly from an infected message by using a security vulnerbility in Internet Exlorer known as Microsoft VM ActiveX Control Vulnerability.欢乐/ Redlof.A @米执行直接从被感染的邮件使用安全vulnerbility在互联网Exlorer称为Microsoft VM的ActiveX控制的脆弱性。 More information about the vulnerability and a fix is available from Microsoft:欲了解更多有关的漏洞和修补程序可以从Microsoft : http://www.microsoft.com/technet/security/bulletin/ms00-075.asp

The virus also infects files with extensions “htm”, “html”, “asp”, “php”, “jsp”, “htt” or “vbs”.该病毒还感染的扩展文件“热媒” , “的HTML ” , “动态” , “ PHP的” , “ JSP技术” , “高温热处理”或“欢乐” 。

Redlof drops the following infected files: Redlof下降下列感染的文件:

\Program Files\Common Files\Microsoft Shared\Stationery\blank.html \ Program Files文件\共同文件\微软共享\文具\ blank.html
\Windows\System\Kernel32.dll \的Windows \系统\ Kernel32.dll中
\Windows\web\kjwall.gif \的Windows \网络\ kjwall.gif
\Windows\system32\desktop.ini \的Windows \ system32 \的Desktop.ini

“blank.html” is used to replace the default stationaries for both Outlook and Outlook Express via registry causing that… “ blank.html ”是用来取代默认stationaries为Outlook和Outlook Express通过注册表造成的...

Click to continue reading "Remove Desktop.ini & Folder.htt virus HTML.Redlof.A"按继续阅读“删除的Desktop.ini和Folder.htt病毒HTML.Redlof.A ”

Written by magakos on 撰稿magakos上 August 1st, 2008 2008年8月一日 with 带有 no comments 没有评论 .
Read more articles on 阅读更多文章 Virus/Spyware Removal 病毒/间谍软件删除 and All 全部 and otherSoftware otherSoftware .

Remove Winfixer / win antivirus Pro 2007删除Winfixer /赢得2007年的防病毒专业版

( Also known as: Virtumonde, Msevents,and Vundo, Trojan.vundo ) (也称为: Virtumonde , Msevents ,并Vundo , Trojan.vundo )

WinAntiVirus Pro is a dangerous, When WinAntiVirus Pro infects your computer system, it will hijack your browser to an unfamiliar webpage like, onlinestability.com or winantivirus.com, WinAntiVirus is also a program that sends false positive scan reports and an array of pop-up advertisements, in order to entice the user into purchasing the full product. WinAntiVirus Pro是一个危险的,当WinAntiVirus临感染您的计算机系统,它将劫持您的浏览器,一个陌生的网页一样, onlinestability.com或winantivirus.com , WinAntiVirus也是一个计划,将假阳性检查报告和一系列的弹出广告,以吸引用户购买的全部产品。 This bad application can find its way into your computer without your knowledge or consent.这坏应用程序就可以找到自己的方式进入您的计算机在您不知情或不同意的。 This spyware is associated with the famous spyware application, WinFixer.这个间谍是与著名的间谍软件, WinFixer 。

Running Processes: 正在运行的进程:

mav_startupmon.exe mav_startupmon.exe
uwa7pcw.exe uwa7pcw.exe
rtasks.exe rtasks.exe
WinAv.exe WinAv.exe
wa7pinst.exe wa7pinst.exe


Registry Values: 注册表值:

2178F3FB-2560-458f-BDEE-631E2FE0DFE4 2178F3FB - 2560年- 458f - BDEE - 631E2FE0DFE4
6F520BE0-9B54-4558-816F-224E67997DF3 6F520BE0 - 9B54 - 4558 - 816F - 224E67997DF3
459F4226-1AAB-43B6-9DC1-B6313EF83749 459F4226 - 1AAB - 43B6 - 9DC1 - B6313EF83749
1AC5C88A-DEA7-462b-A232-04AF5CA42E7E 1AC5C88A - DEA7 - 462b - A232 - 04AF5CA42E7E
723D54C7-7483-4EB8-8EED-CE5B2AEA534D 723D54C7 - 7483 - 4EB8 - 8EED - CE5B2AEA534D

Files: 文件:


WinAv.exe WinAv.exe
uwa7pcw.exe uwa7pcw.exe
mav_startupmon mav_startupmon
mav_startupmon.exe mav_startupmon.exe
rtasks rtasks
rtasks.exe rtasks.exe
wa7pinst.exe wa7pinst.exe
IH.exe IH.exe
WinAntiVirus Pro 2007.lnk WinAntiVirus临2007.lnk
Reinstall or Uninstall WinAntiVirus Pro 2007.lnk 重新安装或卸载WinAntiVirus临2007.lnk
WinAntiVirus Pro 2007 Manual.lnk WinAntiVirus亲2007年Manual.lnk
uwasffNT.exe uwasffNT.exe
was6.exe was6.exe
WinAntiVirusPro2007FreeInstall.exe WinAntiVirusPro2007FreeInstall.exe
WinAntiVirus Pro 2007.lnk WinAntiVirus临2007.lnk
WinAntiVirus Pro 2007 Scanner.lnk WinAntiVirus亲2007年Scanner.lnk
WinAntiVirus Pro 2007 Scanner Online Manual.lnk 2007年亲WinAntiVirus扫描器在线Manual.lnk
AsAgents.dll AsAgents.dll
unins000.exe unins000.exe
unins000.dat unins000.dat
Updater.exe Updater.exe
uwas6chk.dll uwas6chk.dll
uwasffNT.exe uwasffNT.exe
WinAntiVirus Pro 2007 Manual.lnk WinAntiVirus亲2007年Manual.lnk
WapCHK.dll WapCHK.dll
rpt.dll rpt.dll
awvtr.dll awvtr.dll
yayyvsp.dll yayyvsp.dll
fcyxx.dll fcyxx.dll
gebxyax.dll gebxyax.dll
asmngr.dll asmngr.dll
fopnl.dll fopnl.dll
IEFWBHO.dll IEFWBHO.dll
Scnkrnl.dll Scnkrnl.dll
settings.dll settings.dll
sqlite3.dll sqlite3.dll
WAV6COM.dll WAV6COM.dll
winpgi.dll winpgi.dll
BORLNDMM.dll BORLNDMM.dll
SCANADWR.dll SCANADWR.dll
SCANBCDR.dll SCANBCDR.dll
SCANLDR.DLL SCANLDR.DLL
SCANDOS1.dll SCANDOS1.dll
SCANEMUL.dll SCANEMUL.dll
SCANFUNC.dll SCANFUNC.dll
SCANMCRL.dll SCANMCRL.dll
SCANOTHR.dll SCANOTHR.dll
SCANSCR.dll SCANSCR.dll
SCANTOOL.dll SCANTOOL.dll
SCANTROJ.dll SCANTROJ.dll
SCANWIN1.dll SCANWIN1.dll
UNACPU.dll UNACPU.dll
UNADBX.dll UNADBX.dll
unamscan.dll unamscan.dll
UNMIME.dll UNMIME.dll
UNPACK.dll UNPACK.dll
UNPACKS.dll UNPACKS.dll
UNPACKS2.dll UNPACKS2.dll

...

Click to continue reading "Remove Winfixer / win antivirus Pro 2007"按继续阅读“删除Winfixer /赢得2007年的防病毒专业版”

Written by magakos on 撰稿magakos上 August 1st, 2008 2008年8月一日 with 带有 no comments 没有评论 .
Read more articles on 阅读更多文章 Virus/Spyware Removal 病毒/间谍软件删除 and All 全部 and otherSoftware otherSoftware .

Orkut Is Banned - Heap41a - win32.USBworm Removal Orkut是被禁止的-H eap41a- wi n32.USBworm去除

My friend had a problem with his computer.我的朋友有问题的电脑。 He was getting the following message when opening Orkut:他得到以下消息时,开放的Orkut :

ORKUT IS BANNED,Orkut is banned you fool`,The administrators didnt write this program guess who did??`r`r                                               MUHAHAHA!! Orkut是禁止, Orkut是禁止你傻瓜' ,管理员didn't写这个程序猜谁呢? ? ` r ` r MUHAHAHA !

OrkutBanned
On further research I found out that this is caused by a worm called win32.USBworm.在进一步的研究,我发现,这是造成的蠕虫病毒称为win32.USBworm 。 It also blocks Firefox from accessing the internet.它还区块的Firefox访问互联网。 The following message comes when opening Firefox:下列讯息际开放的Firefox :

I Dnt Hate Mozilla But Use IE Or Else… with title as Use Internet Explorer U Dope.余二硝基甲苯Mozilla的仇恨,但使用IE浏览器,否则...与标题使用Internet Explorer ü涂料。

FFDisabled
And it also blocks Youtube popping up the following message:它也区块视频弹出以下信息:

youtube IS BANNED,Orkut is banned you fool`,The administrators didnt write this program guess who did??`r`r                                               MUHAHAHA!! YouTube是禁止, Orkut是禁止你傻瓜' ,管理员didn't写这个程序猜谁呢? ? ` r ` r MUHAHAHA !

YoutubeBanned
Follow the steps below to remove this worm from the infected machine:按照以下步骤删除此蠕虫病毒从被感染的机器:

  1. Open Task Manager –> Processes –> Find svchost.exe under the user account (There will be others under network and system accounts. Don’t close them).打开任务管理器-> “过程- >”查找sv chost.exe根据用户帐户(将根据其他国家的网络和系统帐户。不要关闭)。 There will be two svchost.exe under the user account.将有两个svchost.exe下的用户帐户。 Kill both of them.杀死两人。
  2. Then go to Start –> Run –> regedit and find the following key:然后去开始“ ->运行- >”注册表,找到以下项:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run HKEY_LOCAL_MACHINE \软件\微软\的Windows \ CurrentVersion \政策\总管\运行
    Delete Winlogon key from删除从Winlogon关键

...

Click to continue reading "Orkut Is Banned - Heap41a - win32.USBworm Removal"点击继续读“ Orkut是被禁止的-H eap41a- wi n32.USBworm去除”

Written by magakos on 撰稿magakos上 August 1st, 2008 2008年8月一日 with 带有 1 comment 1条评论 .
Read more articles on 阅读更多文章 Virus/Spyware Removal 病毒/间谍软件删除 and All 全部 and otherSoftware otherSoftware .

« Older articles «较旧的文章

No newer articles没有新文章