- بادئ الموضوع ممتاز محل
- تاريخ البدء
- 917
- الحالة
Mr.AzOz
زيزوومي ماسى
غير متصل
اعمل التالي ..
ولاتنسى تلصق التقارير هنا ..
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
ولاتنسى تلصق التقارير هنا ..
توقيع : Mr.AzOz
Rkill 2.7.0 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
Program started at: 01/31/2015 02:39:51 PM in x64 mode.
Windows Version: Windows 8.1 Single Language
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Checking Windows Service Integrity:
* AppMgmt [Missing ImagePath]
* PeerDistSvc [Missing ImagePath]
* CscService [Missing ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 01/31/2015 02:41:54 PM
Execution time: 0 hours(s), 2 minute(s), and 2 seconds(s)
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Program started at: 01/31/2015 02:39:51 PM in x64 mode.
Windows Version: Windows 8.1 Single Language
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Checking Windows Service Integrity:
* AppMgmt [Missing ImagePath]
* PeerDistSvc [Missing ImagePath]
* CscService [Missing ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 01/31/2015 02:41:54 PM
Execution time: 0 hours(s), 2 minute(s), and 2 seconds(s)
توقيع : ممتاز محل
Malwarebytes Anti-Malware
Scan Date: 11/04/36
Scan Time: 07:29:54 م
Logfile: خطأ.txt
Administrator: Yes
Version: 0.00.0.0000
Malware Database: v2015.01.31.04
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: ashwagmoon
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 802991
Time Elapsed: 2 hr, 29 min, 41 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Scan Date: 11/04/36
Scan Time: 07:29:54 م
Logfile: خطأ.txt
Administrator: Yes
Version: 0.00.0.0000
Malware Database: v2015.01.31.04
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: ashwagmoon
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 802991
Time Elapsed: 2 hr, 29 min, 41 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
توقيع : ممتاز محل
كود:
HitmanPro 3.7.9.234
www.hitmanpro.com
Computer name . . . . : ASHWAG
Windows . . . . . . . : 6.3.0.9600.X64/8
User name . . . . . . : ASHWAG\ashwagmoon
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)
Scan date . . . . . . : 2015-01-31 20:15:21
Scan mode . . . . . . : Normal
Scan duration . . . . : 8m 9s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 5
Objects scanned . . . : 1,975,591
Files scanned . . . . : 39,403
Remnants scanned . . : 667,641 files / 1,268,547 keys
Suspicious files ____________________________________________________________
C:\Program Files (x86)\Time Mysteries 2- The Ancient Spectres Collectors Edition\TimeMysteries_TheAncientSpectres.exe -> Quarantined
Size . . . . . . . : 24,491,352 bytes
Age . . . . . . . : 101.0 days (2014-10-22 19:43:23)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 9F9D588807D956C7A2D20AD08875ECBB63833E637AD99F06D62872E2AF313E52
RSA Key Size . . . : 1024
Authenticode . . . : Invalid
Fuzzy . . . . . . : 30.0
Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
References
C:\Users\ashwagmoon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Time Mysteries 2- The Ancient Spectres Collectors Edition\Time Mysteries 2- The Ancient Spectres Collectors Edition.lnk
C:\Users\ashwagmoon\Desktop\Time Mysteries 2- The Ancient Spectres Collectors Edition.lnk
Cookies _____________________________________________________________________
C:\Users\ashwagmoon\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
C:\Users\ashwagmoon\AppData\Local\Microsoft\Windows\INetCookies\HFJPBSN2.txtتوقيع : ممتاز محل
# AdwCleaner v4.109 - Report created 31/01/2015 at 20:38:29
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1 Single Language (64 bits)
# Username : ashwagmoon - ASHWAG
# Running from : C:\Users\ashwagmoon\Desktop\adwcleaner_4.109.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\Users\ashwagmoon\AppData\Roaming\Solvusoft
File Deleted : C:\Users\ashwagmoon\daemonprocess.txt
File Deleted : C:\Users\ashwagmoon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
***** [ Scheduled Tasks ] *****
Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\SupDp
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v34.0.5 (x86 ar)
[0imklhzn.default-1403530957094\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[0imklhzn.default-1403530957094\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.alias", "webssearches");
[0imklhzn.default-1403530957094\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.name", "webssearches");
[0imklhzn.default-1403530957094\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[0imklhzn.default-1403530957094\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[0imklhzn.default-1403530957094\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
-\\ Google Chrome v40.0.2214.94
*************************
AdwCleaner[R0].txt - [2960 octets] - [31/01/2015 20:30:30]
AdwCleaner[S0].txt - [2973 octets] - [31/01/2015 20:38:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3033 octets] ##########
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1 Single Language (64 bits)
# Username : ashwagmoon - ASHWAG
# Running from : C:\Users\ashwagmoon\Desktop\adwcleaner_4.109.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\Users\ashwagmoon\AppData\Roaming\Solvusoft
File Deleted : C:\Users\ashwagmoon\daemonprocess.txt
File Deleted : C:\Users\ashwagmoon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
***** [ Scheduled Tasks ] *****
Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\SupDp
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v34.0.5 (x86 ar)
[0imklhzn.default-1403530957094\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[0imklhzn.default-1403530957094\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.alias", "webssearches");
[0imklhzn.default-1403530957094\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.name", "webssearches");
[0imklhzn.default-1403530957094\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[0imklhzn.default-1403530957094\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[0imklhzn.default-1403530957094\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
-\\ Google Chrome v40.0.2214.94
*************************
AdwCleaner[R0].txt - [2960 octets] - [31/01/2015 20:30:30]
AdwCleaner[S0].txt - [2973 octets] - [31/01/2015 20:38:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3033 octets] ##########
توقيع : ممتاز محل
Mr.AzOz
زيزوومي ماسى
غير متصل
تمام الان اعمل التالي ..
وبلغنا أخر النتائج !
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
وبلغنا أخر النتائج !
توقيع : Mr.AzOz
- الحالة