ساعدونا يا جماعة التروجان زاعجني كثير

  • بادئ الموضوع بادئ الموضوع samirzehani
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,432
S

samirzehani

زيزوومى محترف
إنضم
30 سبتمبر 2008
المشاركات
2,325
مستوى التفاعل
22
النقاط
730
الإقامة
جزائري 100% وأفتخر
غير متصل
أنا يا جماعة اليوم جاني فايروس اسمه trojan.generic.1201184الأنتي فايروس تبعي bitdefender total2009لقاه بس ماعرف شو يعمل لو مرة يعملو كارونتان ومرة ما لقالو الحل ؟؟؟؟؟؟؟؟؟؟؟؟؟
أنا لما أحاول أشغل جهاز الكمبيوتر يطلع تحذير من الأنتي فايروس
وأيضا لوحة التحكم يطلع فيها ويقلي أو الفايروس في ملف system32/dll-autodis
شوفونا حل الله يوفقكم وبالرغم أني مسطب الديب فريز وما فكيتو من بعض الوقت والله ما أعرف وش السالفة :er::er::er::er:
 

توقيع : samirzehani
ترتيب حسب التاريخ ترتيب حسب الأصوات
هاهو التقرير بعد الفحص
ComboFix 08-10-08.05 - Administrator 2008-12-03 5:07:39.3 - FAT32x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.2.1256.213.1025.18.234 [GMT 3:00]
Running from: C:\Documents and Settings\Administrator\??? ??????\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.

((((((((((((((((((((((((( Files Created from 2008-11-03 to 2008-12-03 )))))))))))))))))))))))))))))))
.

2008-12-02 07:51 . 2008-12-02 07:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PrevxCSI
2008-11-30 04:53 . 2008-11-30 04:53 <DIR> d--hs---- C:\FOUND.084
2008-11-30 04:41 . 2008-11-30 04:41 <DIR> d-------- C:\Program Files\CCleaner
2008-11-30 03:42 . 2008-11-30 03:42 2,289,664 --a------ C:\WINDOWS\system32\TUKernel.exe
2008-11-30 03:39 . 2008-11-30 03:39 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-11-25 23:47 . 2008-11-25 23:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-11-25 23:46 . 2008-11-25 23:46 <DIR> d-------- C:\Program Files\Common Files\BitDefender
2008-11-25 16:49 . 2008-11-25 16:49 0 --a------ C:\WINDOWS\system32\drivers\IsPubDrv.sys
2008-11-25 16:49 . 2008-11-25 16:49 0 --a------ C:\WINDOWS\system32\drivers\IsDrv118.sys
2008-11-21 17:01 . 2008-11-21 17:01 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\BitDefender
2008-11-18 21:06 . 2008-11-18 21:06 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\oovooToolbar
2008-11-18 21:06 . 2008-11-18 21:06 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\ooVoo Details
2008-11-18 21:05 . 2008-11-18 21:05 <DIR> d-------- C:\Program Files\ooVoo
2008-11-18 21:05 . 2008-11-18 21:05 <DIR> d-------- C:\Program Files\InstallShield Installation Information
2008-11-18 17:38 . 2008-11-18 17:38 <DIR> d-------- C:\Program Files\Folder Guard Pro
2008-11-16 22:28 . 2008-11-16 22:28 <DIR> d-------- C:\Program Files\Faronics
2008-11-16 22:28 . 2008-11-16 22:28 16,299,862 --------- C:\Persi0.sys
2008-11-16 22:28 . 2008-10-02 16:24 65,536 --a------ C:\WINDOWS\system32\LogonDll.dll
2008-11-16 16:15 . 2008-11-16 16:15 <DIR> d--hs---- C:\FOUND.083
2008-11-16 10:06 . 2008-11-16 10:06 <DIR> d--hs---- C:\FOUND.082
2008-11-15 12:58 . 2008-11-15 12:58 <DIR> d-------- C:\Program Files\Extension Changer
2008-11-15 11:46 . 2008-11-15 11:46 <DIR> d--hs---- C:\FOUND.081
2008-11-14 10:43 . 2008-11-14 10:43 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Chrysanth
2008-11-14 10:25 . 2008-11-14 10:32 8,520 --a------ C:\WINDOWS\ePrompter.ini
2008-11-14 10:02 . 2008-11-14 10:02 268 --ah----- C:\sqmdata02.sqm
2008-11-14 10:02 . 2008-11-14 10:02 244 --ah----- C:\sqmnoopt02.sqm
2008-11-14 10:02 . 2008-11-14 10:02 172 --ah----- C:\sqmnoopt03.sqm
2008-11-14 10:02 . 2008-11-14 10:02 148 --ah----- C:\sqmdata03.sqm
2008-11-13 20:48 . 2008-11-13 20:48 <DIR> d-------- C:\Program Files\Investintech.com Inc
2008-11-12 19:29 . 2008-11-12 19:31 225 --a------ C:\xmlin.ini
2008-11-12 11:41 . 2008-11-12 11:41 <DIR> d--hs---- C:\FOUND.080
2008-11-11 15:41 . 2008-11-11 15:41 <DIR> d--hs---- C:\FOUND.079
2008-11-11 12:35 . 2008-11-11 12:35 <DIR> d--hs---- C:\FOUND.078
2008-11-11 07:12 . 2008-11-11 07:12 <DIR> d--hs---- C:\FOUND.077
2008-11-10 13:07 . 2008-11-10 13:07 <DIR> d--hs---- C:\FOUND.076
2008-11-10 12:35 . 2008-11-10 12:35 <DIR> d-------- C:\Documents and Settings\Administrator.SAMIRZEHANI\Application Data\BitDefender
2008-11-10 12:33 . 2008-11-10 12:33 <DIR> d--hs---- C:\FOUND.075
2008-11-10 12:33 . 2008-11-10 12:33 <DIR> d---s---- C:\Documents and Settings\Administrator.SAMIRZEHANI
2008-11-09 09:38 . 2008-11-09 09:38 <DIR> d--hs---- C:\FOUND.074
2008-11-08 07:44 . 2008-11-08 07:44 <DIR> d--hs---- C:\FOUND.073
2008-11-07 13:58 . 2008-11-07 13:58 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-11-07 11:35 . 2008-11-07 11:35 <DIR> d-------- C:\Program Files\Thoosje Vista Sidebar
2008-11-07 09:35 . 2004-09-16 13:26 12,634 --a------ C:\WINDOWS\system32\drivers\AdfuUd.sys
2008-11-07 08:46 . 2008-11-07 08:50 5,253 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-11-07 08:30 . 2008-11-05 22:58 13,463,552 --a------ C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-11-07 08:29 . 2008-11-05 23:00 2,134,528 --a------ C:\WINDOWS\system32\dllcache\smtpsnap.dll
2008-11-07 08:28 . 2008-11-07 08:28 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-11-07 08:28 . 2008-11-07 08:28 0 --a------ C:\WINDOWS\control.ini
2008-11-07 08:27 . 2008-11-07 08:27 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-11-07 08:27 . 2008-11-07 08:27 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-11-07 08:27 . 2008-11-07 08:27 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-11-07 08:27 . 2008-11-07 08:27 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-11-07 08:27 . 2008-11-07 08:27 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-11-07 08:23 . 2008-11-05 23:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2008-11-07 08:23 . 2008-11-05 23:00 24,661 --a------ C:\WINDOWS\system32\dllcache\spxcoins.dll
2008-11-07 08:23 . 2008-11-05 22:58 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2008-11-07 08:23 . 2008-11-05 22:58 13,312 --a------ C:\WINDOWS\system32\dllcache\irclass.dll
2008-11-06 21:10 . 2008-11-06 21:10 <DIR> d-------- C:\Program Files\Apple Software Update
2008-11-05 21:03 . 2008-11-05 21:03 <DIR> d-------- C:\Program Files\TeraCopy
2008-11-05 21:03 . 2008-11-05 21:03 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\TeraCopy
2008-11-05 19:59 . 2008-11-05 19:59 13,107,200 --a------ C:\WINDOWS\system32\oembios.bin
2008-11-05 19:58 . 2008-11-05 19:58 3,440,660 --a------ C:\WINDOWS\system32\drivers\gm.dls
2008-11-05 19:57 . 2008-11-05 19:57 1,852,416 --a------ C:\WINDOWS\system32\dllcache\acgenral.dll
2008-11-03 18:09 . 2008-11-03 18:09 <DIR> d-------- C:\Documents and Settings\Administrator\FileDownloader
2008-11-03 15:26 . 2008-11-03 15:26 <DIR> d-------- C:\Program Files\PcPrivacySoftware.com
2008-11-03 15:22 . 2008-11-03 15:22 <DIR> d-------- C:\Program Files\Network Mechanic
2008-11-03 15:22 . 2008-11-03 15:22 <DIR> d-------- C:\Program Files\Magellass
2008-11-03 10:15 . 2008-11-03 10:16 <DIR> d-------- C:\Documents and Settings\Administrator\temp
2008-11-03 09:34 . 2008-02-21 23:18 566,624 --a------ C:\WINDOWS\system32\d3d10.dll
2008-11-03 09:34 . 2008-02-21 23:18 519,912 --a------ C:\WINDOWS\system32\d3dx10.dll
2008-11-03 09:34 . 2008-02-21 23:18 494,557 --a------ C:\WINDOWS\system32\dxgi.dll
2008-11-03 09:34 . 2008-02-22 00:10 25,037 --a------ C:\WINDOWS\system32\Nucleus.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-12 13:53 116,480 ----a-w C:\WINDOWS\system32\autodis.dll
2008-11-07 05:50 71,634 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-11-07 05:49 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-11-07 05:49 218,624 ----a-w C:\WINDOWS\system32\dllcache\uxtheme.dll
2008-11-05 19:59 98,304 ----a-w C:\WINDOWS\system32\dllcache\msir3jp.dll
2008-11-05 19:58 97,792 ----a-w C:\WINDOWS\system32\dllcache\chtmbx.dll
2008-11-05 19:57 9,216 ----a-w C:\WINDOWS\system32\dllcache\authfilt.dll
2008-11-05 17:00 982,528 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-11-05 16:59 99,840 ----a-w C:\WINDOWS\system32\mprmsg.dll
2008-11-05 16:58 98,304 ----a-w C:\WINDOWS\system32\dllcache\cscript.exe
2008-11-05 16:57 95,360 ----a-w C:\WINDOWS\system32\drivers\atapi.sys
2008-11-01 18:03 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-11-01 09:54 --------- d-----w C:\Program Files\Trymedia
2008-11-01 09:52 --------- d-----w C:\Program Files\directx
2008-10-31 18:49 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Acronis
2008-10-31 18:48 65,856 ----a-w C:\WINDOWS\system32\drivers\snapman.sys
2008-10-31 18:48 37,888 ----a-w C:\WINDOWS\system32\setupnt.dll
2008-10-31 18:45 --------- d-----w C:\Program Files\HDD Health
2008-10-31 10:59 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-10-25 15:30 --------- d-----w C:\Program Files\BitDefender
2008-10-24 18:01 --------- d-----w C:\Program Files\Nero
2008-10-24 15:40 --------- d-----w C:\Program Files\XP Codec Pack
2008-10-24 11:39 108,032 ----a-w C:\WINDOWS\Netfathr.exe
2008-10-24 11:36 --------- d-sh--r C:\Program Files\tuEagles
2008-10-24 11:28 --------- d-----w C:\Program Files\Webteh
2008-10-23 17:19 --------- d-----w C:\Program Files\Opera
2008-10-22 12:36 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Netscape
2008-10-21 16:47 --------- d-----w C:\Program Files\RealDRAW
2008-10-21 16:23 720,896 ----a-w C:\WINDOWS\iun6002.exe
2008-10-20 15:24 --------- d-----w C:\Program Files\AV VCS 3.0
2008-10-20 09:55 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Folder Guard
2008-10-17 11:01 104,328 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-10-16 11:13 202,776 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-10-16 11:13 202,776 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-10-16 11:13 1,809,944 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-10-16 11:13 1,809,944 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-10-16 11:12 561,688 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-10-16 11:12 561,688 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-10-16 11:12 323,608 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-10-16 11:12 323,608 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-10-16 11:09 92,696 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-10-16 11:09 92,696 ----a-w C:\WINDOWS\system32\cdm.dll
2008-10-16 11:09 51,224 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-10-16 11:09 51,224 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-10-16 11:09 43,544 ----a-w C:\WINDOWS\system32\wups2.dll
2008-10-16 11:08 34,328 ----a-w C:\WINDOWS\system32\wups.dll
2008-10-16 11:08 34,328 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-10-16 04:08 --------- d-----w C:\Documents and Settings\Administrator\Application Data\ADPHONE
2008-10-15 16:57 332,800 ----a-w C:\WINDOWS\system32\netapi32(2)(2)(2).dll
2008-10-09 12:31 192,512 ----a-w C:\WINDOWS\system32\txmlutil.dll
2008-10-06 15:59 --------- d-----w C:\Documents and Settings\Administrator\Application Data\LingvoSoft
2008-10-05 15:14 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Orca Profiles
2008-10-04 11:03 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Flock
2008-10-03 07:16 --------- d-----w C:\Documents and Settings\Administrator\Application Data\goober
2008-09-19 19:10 155,995 ----a-w C:\WINDOWS\java\Packages\2XBZTBTB.ZIP
2008-09-16 00:14 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-09-16 00:12 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-09-16 00:11 683,520 ----a-w C:\WINDOWS\system32\divx.dll
2008-09-08 08:13 410,976 ----a-w C:\WINDOWS\system32\deploytk.dll
2008-07-03 05:02 65,536 ----a-w C:\Program Files\mozilla firefox\plugins\PNUL32.DLL
2008-09-10 22:56 144,960 ----a-w C:\Program Files\mozilla firefox\plugins\PPL3260.DLL
.
كود: 
<pre>
----a-w         4,036,587 2008-07-19 13:47:38  C:\Documents and Settings\Administrator\My Documents\من سيربح المليون .exe
</pre>


------- Sigcheck -------

2004-08-03 22:56 973312 a10b8a9309fee2bf9ee6538693844d77 C:\WINDOWS\Explorer.EXE
2004-08-03 22:56 973312 a10b8a9309fee2bf9ee6538693844d77 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper s\{68396BD4-DCCE-4DC1-AF40-B2A01BD0E559}]
2008-11-12 16:53 116480 --a------ C:\WINDOWS\system32\autodis.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-11-05 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-11-18 21633320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2007-05-10 835584]
"FG_Monitor"="C:\Program Files\Folder Guard Pro\FGKey.exe" [2008-01-05 118600]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-05-17 213936]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" [2008-10-30 741376]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" [2008-10-17 69632]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 158208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-11-05 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-03 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DfLogon]
2008-10-02 16:24 65536 C:\WINDOWS\system32\LogonDll.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FDCENT.SYS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HideFilesAndFolders_S]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\French\\setup.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 DeepFrz;DeepFrz;C:\WINDOWS\system32\drivers\DeepFrz.sys [2008-10-02 134800]
R0 ftclhock;ftclhock;C:\WINDOWS\system32\drivers\ftclhock.sys [2001-09-19 23424]
R0 ViBus;ViBus;C:\WINDOWS\system32\DRIVERS\ViBus.sys [2007-03-26 16896]
R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-03-29 9216]
R0 ViPrt;VIA SATA IDE Device Driver;C:\WINDOWS\system32\DRIVERS\ViPrt.sys [2007-03-26 52224]
R1 FDCENT;FDCENT;C:\WINDOWS\system32\drivers\FDCENT.SYS [2008-01-15 47470]
S0 ElbyVCD;ElbyVCD;C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys [ ]
S2 BDVEDISK;BDVEDISK;C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-09-04 82440]
S2 fgccow;fgccow;C:\Program Files\Fortres Grand\Clean Slate 5.0\fgccow.sys [ ]
S2 FGUARD32;FGUARD32;C:\Program Files\Folder Guard Pro\FGUARD32.SYS [2008-01-05 54008]
S2 FSRT;Fortres Security Runtime;C:\Program Files\Fortres Grand\Fortres Security Runtime 6.0\FSRT.exe [ ]
S2 NwSapAgent;SAP Agent;C:\WINDOWS\system32\svchost.exe [2008-11-05 14336]
S2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-11-05 14336]
S3 Arrakis3;BitDefender Arrakis Server;C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 bdfm;BDFM;C:\WINDOWS\system32\drivers\bdfm.sys [2008-09-18 111112]
S3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-10-17 104328]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-04-17 42496]
S3 PORTIO;PORTIO;C:\WINDOWS\system32\drivers\portio.sys [2006-12-26 4864]
S3 S3GIGP;S3GIGP;C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2007-07-11 714240]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-11-30 306432]
S4 SecureSrv;SecureSrv;C:\Program Files\Hide My IP 2008\SecureSrv.exe [ ]
S4 W;W;C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\W.exe [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{89c0f1d2-6589-11dd-abf8-001bb9dabbbf}]
\SHEll\AutopLAy\COMmand - G:\stsyop.pif
\SHEll\AutoRun\command - G:\stsyop.pif
\SHEll\exPlore\Command - G:\stsyop.pif
\SHEll\open\COmMand - G:\stsyop.pif
.
s of the 'Scheduled Tasks' folder

2008-11-21 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe [2008-01-08 13:31]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\fqsl1yc4.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/
FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF -: plugin - C:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM1.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM2.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM3.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM5.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM6.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\npdrmv2.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\nprpjplug.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-12-03 05:07:57
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\LogonDll.dll
.
Completion time: 2008-12-03 5:08:43
ComboFix-quarantined-files.txt 2008-12-03 02:08:42
ComboFix2.txt 2008-12-03 02:05:16

Pre-Run: 17 148 444 672 bytes free
Post-Run: 17,135,796,224 bytes free

273 --- E O F --- 2008-08-28 14:03:49
 

توقيع : samirzehani
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى